Feb 2022 – Jul 2023 · 1 yr 5 mos · Bengaluru, Karnataka, India

• 1. Owned full-cycle deployment, stabilization & performance tuning of Cortex XDR, ensuring high availability,real-time detection & minimal disruption across enterprise endpoint environments.
• 2. Led advanced incident response operations by analyzing real-time Cortex XDR alerts,system logs & behavioural patterns to detect & respond to targeted attacks, reducing response time by 40% & minimizing business impact.
• 3. Performed live malware attack investigations, conducting deep-dive forensic analysis of malicious payloads,persistence mechanisms & lateral movement attempts, resulting in the containment of multiple zero-day threats.
• 4. Engineered custom detection rules and threat hunting queries in Cortex XDR & SIEM (Splunk), enabling proactive identification of threats & cutting false positives by 35%, significantly boosting analyst efficiency.
• 5. Reduced the organization's attack surface by 45% through endpoint hardening, rule base refinement, policy enforcement and decommissioning of legacy controls, in alignment with NIST & ISO 27001 standards.
• 6. Collaborated with threat intel and vulnerability management teams to correlate global attack trends with internal telemetry, proactively identifying IOCs & delivering remediation strategies before exploitation.
• 7. Performed malware reverse engineering sessions in collaboration with SOC analysts & red team members, enhancing internal capabilities in detecting obfuscated and polymorphic threats.
• 8. Built playbooks for malware containment, eradication & recovery, automated repetitive investigation and enrichment tasks by integrating Cortex XDR with SOAR workflows & threat intelligence feeds, significantlyimproving response time & consistency.
• 9. Contributed to post-incident reporting, RCA documentation & threat briefings, translating technical findings into executive-level insights & strengthening organizational cyber readiness.
• 10. Developed hands-on training & threat simulation labs on Cortex XDR investigation best practices.

Jul 2020 – Jan 2022 · 1 yr 6 mos · Noida, Uttar Pradesh, India · Remote

• 1. Delivered expert consulting on Palo Alto Cortex XDR & Strata firewalls, leading successful migrations to the Cortex XDR Cloud platform for global enterprise clients, reducing endpoint vulnerabilities by 25%.
• 2. Built custom security policies and application signatures tailored to unique client environments, enhancing threat detection accuracy and network protection.
• 3. Conducted detailed vulnerability assessments and risk analyses, implementing security hardening measures that significantly improved client security posture.
• 4. Analyzed security logs and events, providing comprehensive threat analysis reports that guided clients in prioritizing and mitigating risks effectively.
• 5. Collaborated with TAC to troubleshoot and resolve escalated technical issues promptly, minimizing downtime and improving client satisfaction.
• 6. Acted as a trusted advisor, consulting customers on security best practices and methodologies aligned with industry standards such as NIST, CIS, and ISO 27001.
• 7. Partnered with sales account teams to develop tailored technical strategies that addressed customer business needs and aligned security deployments with organizational goals.
• 8. Supported management through detailed weekly reports and Quarterly Business Reviews (QBRs), enabling strategic planning and business growth.
• 9. Engaged closely with clients to understand their business and technical requirements, ensuring the delivery of customized and effective security solutions.
• 10. Demonstrated project leadership by leading design meetings, coordinating teams, and managing complex security implementations in large-scale environments.
• 11. Leveraged a variety of migration tools, scripts, and third-party utilities to streamline client transitions to Cortex XDR Cloud and optimize firewall configurations.
• 12. Delivered clear, professional technical documentation and communications, showcasing strong written and verbal communication skills to facilitate client understanding and adoption.

Sep 2017 – Jul 2020 · 2 yrs 10 mos · Noida, Uttar Pradesh, India · On-site

• 1. Designed & supported complex network environments across multiple medical centers, applying strong analytical and troubleshooting skills to configure, implement and optimize network changes with minimal disruption ensuring 99.99 % uptime & continuous delivery of critical healthcare services with minimal downtime.
• 2. Developed & enforced comprehensive network security architectures, incorporating advanced Access Control Lists (ACLs),VPN gateways and intrusion detection/prevention systems (IDS/IPS) reducing security incidents by 30% through granular access control and segmentation, securing sensitive patient data and achieving full compliance with HIPAA & related healthcare regulations.
• 3. Established and troubleshot IPsec Site-to-Site VPN tunnels on Cisco devices, resolving tunnel reachability & traffic flow issues to maintain 100% uptime for secure client-vendor communications across multiple sites.
• 4. Executed critical firewall and DNS change management processes, reviewing & approving over 5000+ change requests annually to ensure compliance and reduce configuration errors by 40%.
• 5. Directed firewall upgrade initiatives on Cisco ASA, Palo Alto & Juniper SRX, improving security posture & reducing system vulnerabilities by 25%.
• 6. Designed and implemented F5 Load Balancer configurations including VIP creation and URL redirection, increasing application availability and throughput by 20%.
• 7. Managed IP addressing and DNS record management using Infoblox DNS, overseeing 10,000+ IPs and ensuring accurate DNS resolution with less than 1% error rate.
• 8. Deployed and scaled new subnets, network devices, and servers to accommodate 15% annual network growth, maintaining performance and security.
• 9. Led rapid root cause analysis and incident response efforts that reduced MTTR by 35%,minimizing downtime & service disruptions.
• 10. Conducted in-depth network traffic analysis and threat modeling, identifying & mitigating 85% of high-risk vulnerabilities before exploitation.

Sep 2014 – Sep 2017 · 3 yrs · Chennai, Tamil Nadu, India · On-site

• 1. Managed enterprise-grade network infrastructure across multiple client environments, ensuring 99.99% uptime and optimizing performance through proactive maintenance and enhancement activities.
• 2. Deployed, configured and supported security appliances including Checkpoint SmartDashboard, Juniper NSM, Palo Alto Panorama, and F5 Load Balancers, improving network resilience and security across 20+ customer sites.
• 3. Established and managed site-to-site VPN tunnels using Juniper SRX, enabling encrypted, secure communications between business units and third-party vendors.
• 4. Resolved 95%+ of incident and problem tickets within defined SLAs, escalating critical or high-impact issues to engineering or vendor teams to ensure timely resolution and business continuity.
• 5. Created and enforced ACLs and security policy rules within Checkpoint SmartDashboard, Juniper NSM, and Palo Alto Panorama, ensuring secure network segmentation and compliance with enterprise policies.
• 6. Diagnosed and monitored health status and reachability of over 1,000+ managed network devices, proactively addressing performance degradation, outages, and hardware alerts.
• 7. Performed regular network maintenance: firmware upgrades, patch management, password rotations, and configuration backups, contributing to a 25% reduction in security vulnerabilities.
• 8. Engineered and implemented automation processes (e.g., script-based diagnostics and backups), improving operational efficiency by 30% and reducing manual effort across recurring network management tasks.
• 9. Coordinated with hardware and software vendors (Cisco, Juniper, Palo Alto, Checkpoint, RSA TAC) to troubleshoot device failures and complex issues, ensuring minimal impact on production systems.
• 10. Authored detailed Standard Operating Procedures (SOPs) and network documentation to drive standardization, reduce escalations and accelerate issue resolution.