Aug 2024 – Aug 2025 · 1 yr · Singapore

• SASE & NGFW - Prisma Access, DLP, CASB, RBI, ZTNA & Explicit Proxy (SWG)

Oct 2020 – Aug 2024 · 3 yrs 10 mos · Singapore

• Products: Palo Alto Firewall, Panorama, Check Point Firewall, BlueCoat SWG, Zscaler ZIA, Symantec MAA, CAS, Tunfin firewall rules analyzer, Splunk, SolarWinds, F5, Cisco Routers and Switches
• Responsibilities
• Follow ITIL change process to prepare and implement Firewall and Proxy changes
• Process and access Firewall/Proxy requests for NetSec concerns in terms of zoning and privilege access
• Investigate Firewall logs, Proxy logs, debugging logs, Tcpdump & Wireshark to find out the RCA
• Troubleshoot Firewall and Proxy issues to perform root cause analysis for the incident owner
• Investigate website access issues via Proxy such as TLS handshake, Auth errors upon users escalations
• Set up and troubleshoot very critical IPSec S2S Certificated based VPNs with external parties
• Work with Users, App, Infra, SecOps and EUS teams to troubleshoot app/servers/user access issues
• Participate with IT SOC, SecOps and SecGov teams to response, eliminate and mitigate security incidents
• Generate CSR, signed CSR with CA and renew the certs regularly for IPSec and SSL VPNs
• Implement the App-based firewall rules of certain websites after onboarding into Cloud WAF
• Setting up the FW automations, system alerts and scheduled cron jobs by using the scripts and Solarwinds
• Perform regularly tuning and optimization of Firewall, Proxy and IPS rules to secure the organization
• Plan, design and support Tech refresh and migration activities for IT infrastructure Security services
• Work with Internal application, Infra and third-party teams to set up the new IT Infra Security services
• Explore new solutions and technologies for continual improve of the infra for better operation experience
• Escalation point for EUS and App teams in the resolution of the users escalations and service outages
• Support, develop and maintain Firewall/Proxy standard and procedure documentations
• Contribute to Internal & External Audit response activities by providing the RFI

Nov 2019 – Oct 2020 · 11 mos · Singapore

• Projects
• Microsoft Azure Cloud Security Infra Project (14xPA, 1xPanorama, 1xTrendMicro DSM, 6xFortiWeb, 8xTectia)
• PA Firewalls and Panorama Rules Tuning Project (4xPA & 1xPanorama)
• ASA to Firepower Tech Refresh Project (8xCountries sites)
• Mcafee to PA Firewalls Tech Refresh Project (20xPA & 2xPanorama)
• 3020 to 3220 PA Firewalls Tech Refresh Project
• Symantec SEP and SPE Project
• Prisma Access SASE Project - 1000 Users and 7 DC Globally
• Responsibilities
• Interact with clients as well as vendors on site to meet complex requirements of a solution
• Assist with the documentation of standard operating procedures relating to deployments and UAT
• Display leadership and team management ability and delegates lower complexity tasks to engineers
• Lead a team of engineers in the project implementation and installation
• Collaborate with customers and vendors for project requirements
• Ensure the design and delivery of the project conform to the customer requirements
• Manage and execute multiple projects parallelly based on project assignments
• Take ownership of relevant technologies according to domain or specialization
• Provide network security consultancy and technical support within area of expertise to customers to meet their organization mission, strategies and goals.
• Design, implement and migrate the Security Infras according to principal vendors recommendation, organization security controls and hardening guidelines
• Responsible in escalation handling, resource management and planning.

Aug 2018 – Nov 2019 · 1 yr 3 mos · Singapore

• I am a Network Security Engineer, do have the understanding and knowledges of Data Center Network and Security Infrastructure like Firewalls (Palo Alto, Checkpoint, Cisco ASA, Cisco Firepower and Juniper Firewalls), IPS, SSL, IPSec VPN, DNS, Load balancing, Routers and Switches.
• Review, revise and implement firewalls change requests across based on Bank’s architecture and security standards
• Implement new requests such as IP, Vlan assignment, Route, IPSec VPN, NAT, Firewall and Proxy rules
• Provide day-to-day Firewalls Operations for the global Network and Security Infrastructure to achieve Users and business requirements
• Support, maintain and improve of global Network Infrastructure such as firewalls (Palo Alto, Check Point, Cisco, Juniper), routers and switches
• Work with the respective Infra, app teams & users in troubleshooting and identify RCA related to network
• Identity, investigate and resolve of the problem of Network and Security Infrastructure issues
• Perform upgrading of vendor recommended Firewalls firmware and hardware
• Perform regularly Firewalls rule tuning such as adding missed out rules, deleting expired rules and tuning DC and DR firewalls rules
• Cooperate with IT Sec Governance team to align Network Security devices configurations with established baselines, standards, and policies
• Manage of network daily ticketing activities, user requests, incidents, and problems

Jan 2017 – Aug 2018 · 1 yr 7 mos · Myanmar

• I am a Senior Network Security Engineer having about 2.5 years of excellent Experience in designing, implementing, migrating, troubleshooting and maintaining of Data Center and Network Security Solutions of Banks and Enterprises in Myanmar like Firewalls (Palo Alto, Cisco FTD), Anti- Malware, URL filtering, Endpoint Security (Trend Micro & Traps) and SIEM Splunk Monitoring solutions.
• Projects :
• AYA Bank old DC Migration & new DC Setup Project
• MAB Bank Office Firewalls and Endpoint Security Setup Project
• MWD Bank DC & DR Setup Project
• CB Bank HQ, Branches and ATM Dynamic IPSec VPN Project
• Computer University Network & Security Project
• Environment : Cisco Switches, Cisco ACI (Spine and Leaf), Cisco Routers, Switches, WLC, AP, Cisco Firepower, Cisco FTD, Cisco ISE, Palo Alto Firewalls (220, 850, 3020 and 5020), Panorama, F5 BIG-IP, Algosec Firewalls Analyzer, Trend Micro Endpoint Protection and Palo Alto Traps Endpoint Protection.

Jan 2016 – Dec 2016 · 11 mos · Myanmar

• Projects
• KBZ Bank new DC & DR setup and Migration Project,
• CB Bank DMVPN Project and
• office Network & Security Projects
• Environment : Palo Alto Firewalls, Fortinet Firewalls, Check Point Firewalls, F5, Cisco Nexus 9K, Catalyst Switches and Cisco Routers