Pawan Nandlal Yadav

Job Profile and Responsibilities: • In-depth knowledge of Akamai with regards to static & dynamic content caching, redirects, cache control settings, GTM for load-balancing. Website speed optimization & security management based on end-user requirements. • Administration and management of Firewalls which includes FortiGate, Cisco ASA and Palo Alto. • Configuring firewall security policies, NAT, IPsec VPN, and policy-based routing. • Identifying and troubleshooting issues related to connectivity, IPsec VPN. • Creating VIP, Services, backend servers, SSL certificates binding, and SSL offloading on LB.Configuring Nodes, pool members, virtual servers and rules on the F5 load balancer. • Administrating and troubleshooting issues related to L2/L3 switches. • Implementing Access list/Policy on the firewall for accessing the infra and Troubleshooting connectivity issues. • Handling service requests and troubleshooting different severity incidents, ranging from technical information requests to network down scenarios. • Performing Up-gradation of firewall and Updating Security Patches on Security firewall devices. • Configuration and troubleshooting of IPsec and SSL-Web VPN Local, LDAP, Radius users.

Job Profile and Responsibilities: • Currently employed as an SOC Team Member, where I play a pivotal role in enhancing the security operations of the organization with a strong focus on implementing and managing a diverse range of technologies. • Web Application Firewall: Implementing and managing multiple WAF technologies such as Akamai WAF, Forti web, F5 Silverline, BIG-IP ASM to safeguard web applications from potential vulnerabilities and attacks. • Akamai ETP and Akamai EAA: Utilizing Akamai ETP and Akamai EAA to establish secure network access and protect against advanced threats. • FortiEDR and Cortex XDR: Managing FortiEDR and Cortex XDR for advanced endpoint detection and response, ensuring comprehensive threat detection and mitigation. • NetScout Arbor: Managing NetScout Arbor to detect and mitigate DDoS attacks, ensuring the availability and stability of network resources. • Conducted proactive threat hunting activities to identify and mitigate security threats before they could cause damage. • Engaged in the resolution of all severity incidents, ensuring timely customer notification and diligent follow-up until recommendations are successfully implemented. • Addressed major incidents comprehensively, from initial identification through to root cause analysis. Played a key role in policy management, fine-tuning security policies within CortexXDR for optimal performance. • Conducted thorough malware scans, enhancing security layers by promptly detecting and mitigating potential threats. Managed exception handling for false positives and actively participated in fine-tuning alert mechanisms. Utilized forensic analysis for major incidents, investigating alerts and contributing to the overall incident response strategy. • Conducted proactive threat hunting using CortexXDR, actively contributing to the development and execution of strategies for threat detection and mitigation. • Analyze network traffic, logs, and security alerts to detect anomalies and potential threats. • Collaborated with incident response teams to investigate and respond to security incidents promptly. • Assisted in developing and implementing security policies and procedures to strengthen the organization's security post. Monitored network and system logs for signs of suspicious activity and security breaches. • Conducted vulnerability assessments and penetration testing to identify weaknesses in the organization's infrastructure. Assisted in incident response activities, including containment, eradication, and recovery. • Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the Qradar SIEM Platform. • Research, analyse and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, anti-virus products, proxies, and operating systems • Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms. • Support day to day event parsing and repairing of events that have missing or incorrect information, create log source extensions, and flow management. • Identifies innovative capabilities, such as custom detection signatures and identification of targeted attacks, leveraging existing Verizon security resources and tools, including Verizon’s customized intelligence platform.