Summary
Overview
Work History
Education
Skills
Certification
Training
Hands On Experience
Timeline
background-images

Kunal Kumar

STERLING,VA

Summary

Experienced Security Consultant with a proven track record of designing, implementing, and managing secure networks

Overview

20
20
years of professional experience
1
1
Certification

Work History

Senior Security Consultant

Telus
04.2013 - Current
  • Designing Enterprise-wide secure network architectures for On-premises, Cloud, and Hybrid Cloud
  • Designing project solutions that balance Security, Compliance, and Business requirements
  • Integrating frameworks NIST, ISO 27000 into the project lifecycle to guide risk assessments and control implementation
  • Conducting risk assessments for business projects to detect, evaluate, rank high-impact risks, and document in the risk register
  • Collaborating with stakeholders to uncover vulnerabilities and threats via risk assessments and technical evaluations
  • Advising projects on SASE solutions leveraging Prisma SDWAN, Prisma access using services including DLP, CASB, URL-filtering, Zero-trust Network architecture
  • Leveraging Palo Alto SIEM, AutoFocus Threat intelligence with Cortex XDR, XSOAR, NGFW to automate threat detection and response for business critical projects
  • Ensuring project-level compliance by embedding security controls for privacy, regulatory, and data protection aligned with PCI-DSS, GDPR, and internal Governance
  • Conducting security audits, coordinating vulnerability scanning, penetration testing, and feeding the results obtained to drive a risk-based solution for business projects
  • Performing cost-benefit analysis for non-compliant, high-benefit projects and advising on tailored risk mitigation solutions
  • Delivering project solutions by embedding secure-by-design principles including securing defaults, least privilege, defense in depth, Zero-trust, and fail-secure mechanisms
  • Advising on risk-based access including IAM controls, recommending role-based access control, least privilege, and multifactor authentication
  • Collaborating with cross-functional teams, tracking end-to-end project delivery, collecting feedback, continuously improving processes, and to build stakeholder trust and confidence
  • Improving Governance policies to reflect shifts in cybersecurity threat landscape, market demands, high-profile projects, and to protect the confidentiality, integrity, availability of enterprise assets
  • Collecting and analyzing data from EMS, SIEM, and other tools to identify security trends and drive continuous Improvement
  • Designing and implementing Business Continuity and Disaster Recovery solutions
  • Advising on incident management workflow, containment, recovery, and communication strategies aligned with Governance and compliance
  • Automating network and security tasks resulting in $250K in cost savings for the business
  • Participating in and learning the AI risk management lifecycle, including impacts on enterprise risks
  • Responsible for security awareness training for new hires, network designers, and risk practitioners to increase overall effectiveness and promote best common practices

Senior Network Engineer

Broadridge Financial Solutions
09.2011 - 08.2012
  • Design and Configuration of routers, switches, firewalls, load balancers on Cisco, F5, Brocade, HP, Checkpoint platforms for Broadridge and its clients across Canada
  • Configuration and Management of IPSEC VPN, Remote Access VPN, AAA, TACACS+, RADIUS
  • Responsible for overall Enterprise security across Canada
  • Responsible for Change Management, Incident Management
  • Handling Enterprise vendor maintenance contracts with Cisco, F5, Solarwinds and upstream Internet providers
  • Troubleshooting, diagnosis and resolution of Level 3 Problems
  • Providing 24/7 On-Call support

Senior Network Engineer

Gulfnet (Telecommunications)
06.2005 - 06.2011
  • Design and configuration of routers, switches, firewalls, load balancers on Cisco, Juniper, F5, Extreme, HP, Bluecoat proxy, Nortel, and Ericsson platforms within the Telecommunications infrastructure
  • Configuration of MPLS VPN, MPLS-TE, VRRP, EIGRP, OSPF, BGP on Cisco and Juniper platforms
  • Responsible for threat identification, mitigation, prevention, and overall security of the backbone network
  • Handling vendor maintenance contracts with Cisco, Juniper, Nortel, Bluecoat, and Extreme Networks. Opening TAC cases until resolution
  • Troubleshooting devices and network issues at all TCP/IP layers
  • Capacity Management for ISPs' international circuits with Verizon, Seabone, Tata, Qtel, EMIX, FLAG
  • Backup, Accounting, Documentation of related systems, services, network problems, and design projects
  • Lab testing and evaluating new products and features for delivering cost-effective solutions for the clients
  • Trained NOC Engineers on Juniper, Cisco, and Extreme Networks products.
  • Pre-Sales support, Budgeting, Pricing, RFQ, & RFI to support RFP projects for a variety of customers.
  • Providing 24/7 On-Call support.
  • Implemented PeerApp P2P and Bluecoat ProxySG series web caching achieving a 50% reduction in internet costs and providing efficient website filtering and web blocking capabilities.
  • Migrated the legacy IP backbone network to an MPLS IP backbone network.

Education

Bachelor of Computer Science & Engineering -

BIRLA INSTITUTE OF TECHNOLOGY AND SCIENCE
05.2004

Skills

  • Security Architecture and Design
  • Network Architecture and Design
  • Cloud security
  • Governance, Risk, and Compliance
  • Data classification and Asset security
  • Network and Security Configuration
  • Automation
  • AI
  • IAM and access control
  • Network Migration
  • GCP
  • AWS Cloud
  • Troubleshooting and Incident management
  • Routers
  • Switches
  • Firewalls
  • Load Balancers
  • Proxies
  • VPN
  • IPS/IDS
  • Security Defense in Depth
  • Logging
  • Monitoring and Analytics
  • Project Management
  • Quality Assurance
  • Lab testing
  • Team Lead
  • Employee training
  • Onboarding
  • NIST
  • ISO 27001
  • PCI-DSS
  • GDPR
  • OWASP Top 10
  • CVE
  • MITRE ATT&CK

Certification

  • CISSP
  • Cisco CCNA, CCNP, CCNP Security
  • Juniper JNCIA-JUNOS, JNCIA-SEC
  • Palo Alto PCNSA, PCNSE
  • Check Point CCSA, CCSE
  • Fortinet NSE4

Training

  • CCSP for Cloud
  • AWS Security Specialty
  • F5 LTM, GTM
  • ISACA CRISC

Hands On Experience

OSPF, ISIS, BGP, MPLS, EIGRP, Cisco Routers ASR 1000, ISR 4000, Cisco switches Nexus 3000, Cisco firewalls Cisco ASA 5500, Cisco SDWAN Meraki, Cisco ACI, Juniper Routers MX series, Juniper switches QFX series, Juniper firewall SRX series, Juniper SDWAN MIST AI, Fortinet firewalls Fortigate 2000, Palo Alto NGFW, XDR, XSOAR, XSIAM, Autofocus, SIEM, Check Point firewalls 6000, 7000 series, Bluecoat proxy SSG-400, Big IP F5 LTM, GTM, IPSEC VPN, MPLS L3VPN, Radius, TACACS+, Oauth 2.0, OIDC, Active Directory, LDAP, SSH, SSO, SSL/TLS, Biometrics, SIEM, SOAR, DLP, DRM, Vulnerability Scanners, Wireshark, Zscaler, Splunk, MRTG, Cacti, Solarwinds, DNS, DHCP, SFTP, TFTP, SNMP, NTP, SDH, SONET, OC3, OC48, STM-1, STM-4, NIST, COBIT, GCP, AWS

Timeline

Senior Security Consultant

Telus
04.2013 - Current

Senior Network Engineer

Broadridge Financial Solutions
09.2011 - 08.2012

Senior Network Engineer

Gulfnet (Telecommunications)
06.2005 - 06.2011

Bachelor of Computer Science & Engineering -

BIRLA INSTITUTE OF TECHNOLOGY AND SCIENCE

Similar Profiles

CREATE PROFILE
Kunal Kumar