Overview
Work History
Skills
Scholastic Accreditation
Certifications Courses
Products Handled
Timeline
Generic

SHINU KURUVILA

Senior Network Security Engineer
Abu Dhabi

Overview

11
11
years of professional experience

Work History

Senior Cyber Security Engineer

CPX Holding
07.2023 - Current
  • Configured and troubleshooted network security products to ensure optimal performance and adherence to security standards.
  • Implemented security products based on client requirements, ensuring alignment with industry best practices.
  • Established security baseline policies to enhance the overall security posture of the organization.
  • Conducted configuration and troubleshooting of Forcepoint and Symantec proxies to facilitate secure web browsing.
  • Managed the configuration and troubleshooting of Cisco FTD, Palo Alto, and Fortinet firewalls to safeguard network infrastructure.
  • Configured and fine-tuned F5 Load Balancer and APM to optimize application delivery and access management.
  • Implemented and managed F5 WAF to protect web applications from various cyber threats.
  • Configured and troubleshooted Forcepoint Email Gateway to secure email communications.
  • Reviewed security policies regularly to identify gaps and ensure compliance with regulatory requirements.
  • Mitigated cyber attacks by applying industry-best security practices and implementing proactive security measures.
  • Configured OPSWAT ICAP and Metadefender policies to enhance threat detection capabilities.
  • Integrated ICAP with F5 and proxies
  • Configured and managed MFA solutions like SDO and FortiAuthenticator to enhance authentication security.
  • Troubleshot IPSec and Remote Access VPN configurations to ensure secure remote access to corporate resources.
  • Implemented and managed Azure and G42 customer infrastructure, including Firewalls, Load Balancers, VNET, IPSec, and WAF.
  • Conducted regular upgrades of security products like firewalls, load balancers, and proxies to maintain optimal performance and security posture.
  • Managed customer escalations related to network security incidents and provided timely resolution.
  • Implemented network automation using Ansible/Terraform to streamline network operations and improve efficiency.

Network & Security Engineer

Etisalat Technologies
11.2020 - 07.2023
  • Handling the entire gamut of the Etisalat Cloud Infrastructure, Azure, AWS customers firewalls, NSX-T(VMware) Firewall, and Load balancer
  • Design and implement the Azure infrastructure
  • Create VNet, Point-to-Site VPN, IPsec VPN, etc in Azure
  • Deploy and design Paloalto, Fortinet, checkpoint and f5 load balancers in Azure
  • Co-ordinate with the application team to configure the WAF policies
  • Create custom signatures in WAF
  • Migration of customer firewalls from Fortinet to PaloAlto
  • Upgrade firewall, Load balancers, Switches
  • Serving the cloud customers of Palo Alto, Fortinet, F5 LTM, WAF,GTM
  • Generating Elastic Kibana Dashboard, ELK SIEM Rules, monitoring for threat events, and planning appropriate actions
  • Configuring & troubleshooting BGP routing protocol, other routing issues,Site-to-Site VPN, SSL VPN, MFA etc
  • Mitigating cyber attacks by applying industry best security practices
  • Auditing network devices configurations
  • Perform the vulnerability assessment before and after the WAF configuration
  • Configuration of VPCs, HSRP, etc.
  • Implement polices in firewall policies , Manage Azure infra using Ansible/Terraform

Network & Security Engineer

Gulf Business Machines
04.2019 - 10.2020
  • Handled & troubleshot Cisco FTD, Fortinet, Palo alto Firewalls, Forti-Authenticator, Forti-Sandbox, Forti-EMS, F5 Load Balancer (F5 LTM), F5 APM, F5 WAF, and Forti analyzer
  • Configured and troubleshot Site-to-Site VPN in Fortinet, Cisco and Palo Alto firewalls
  • Forescout implementation for evaluation
  • Resolved issues along with the auditing team
  • Configuring & troubleshooting the BGP routing protocol.

Network Engineer

Computer Network Systems
02.2018 - 04.2019
  • Conducted configuration & troubleshooting of Cisco Firepower IPS, Cisco ASA 5555-x, Cisco email security Appliance and Web Security Appliance
  • Configured Fortinet Firewall, IPS, Anti-virus policies, WAF policies, PBR, NAT, WLC & WAP
  • Facilitated Firewall and internal network audits, migrated ASA to FTD and upgraded the firmware of all network devices
  • Crafted FTD policies, NAT, Site to Site VPN, etc
  • Performed penetration & vulnerability assessment using Nexpose & Acunetix and managed Palo alto firewalls
  • Configured & managed Fortinet Firewall, ACL, IPS/WAF/Anti-virus policy, PBR/Routes, etc
  • Administered Cisco NAC ISE configuration (Network Access Control) and performed MAB and Dot1x configuration, Guest Portal configuration, Integration with SMS gateway, Network device Radius configuration, Posture policy to find out domain PC’s, Non-domain PC, Posture policy to check Anti-virus, other security devices status
  • Conducted configuration & troubleshooting of F5 Load balancer, F5 LTM, F5 ASM, and F5 APM.

Network Engineer

Gulf Business Machines
01.2016 - 01.2018
  • Handled & troubleshot Cisco FTD, Fortinet, Palo alto Firewalls, Forti-Authenticator, Forti-Sandbox, Forti-EMS, F5 Load Balancer (F5 LTM), F5 APM, F5 WAF, and Forti analyzer
  • Configured and troubleshot Site-to-Site VPN in Fortinet, Cisco and Palo Alto firewalls
  • Forescout implementation for evaluation
  • Resolved issues along with the auditing team
  • Configuring & troubleshooting the BGP routing protocol.

Network Engineer

Aurus Inc USA and Aurus Tech Pvt Ltd.
02.2014 - 12.2015
  • Conducted configuration & troubleshooting of Cisco Firepower IPS, Cisco ASA 5555-x, Cisco email security Appliance and Web Security Appliance
  • Configured Fortinet Firewall, IPS, Anti-virus policies, WAF policies, PBR, NAT, WLC & WAP
  • Facilitated Firewall and internal network audits, migrated ASA to FTD and upgraded the firmware of all network devices
  • Crafted FTD policies, NAT, Site to Site VPN, etc
  • Performed penetration & vulnerability assessment using Nexpose & Acunetix and managed Palo alto firewalls
  • Configured & managed Fortinet Firewall, ACL, IPS/WAF/Anti-virus policy, PBR/Routes, etc
  • Administered Cisco NAC ISE configuration (Network Access Control) and performed MAB and Dot1x configuration, Guest Portal configuration, Integration with SMS gateway, Network device Radius configuration, Posture policy to find out domain PC’s, Non-domain PC, Posture policy to check Anti-virus, other security devices status
  • Conducted configuration & troubleshooting of F5 Load balancer, F5 LTM, F5 ASM, and F5 APM.

Network Operational Engineer

PCS Technology Ltd.
12.2012 - 01.2014
  • Conducted configuration & troubleshooting of Cisco Firepower IPS, Cisco ASA 5555-x, Cisco email security Appliance and Web Security Appliance
  • Configured Fortinet Firewall, IPS, Anti-virus policies, WAF policies, PBR, NAT, WLC & WAP
  • Facilitated Firewall and internal network audits, migrated ASA to FTD and upgraded the firmware of all network devices
  • Crafted FTD policies, NAT, Site to Site VPN, etc
  • Performed penetration & vulnerability assessment using Nexpose & Acunetix and managed Palo alto firewalls
  • Configured & managed Fortinet Firewall, ACL, IPS/WAF/Anti-virus policy, PBR/Routes, etc
  • Administered Cisco NAC ISE configuration (Network Access Control) and performed MAB and Dot1x configuration, Guest Portal configuration, Integration with SMS gateway, Network device Radius configuration, Posture policy to find out domain PC’s, Non-domain PC, Posture policy to check Anti-virus, other security devices status
  • Conducted configuration & troubleshooting of F5 Load balancer, F5 LTM, F5 ASM, and F5 APM.

Skills

Ansible,Terraform

VPN Technologies

Elastic KibanaSDOIvanti VPNSymantec Email/Web GatewaysOPSWAT ICAP and Meta Defender

F5 WAF,LTMAPM

PaloAlto,Cisco FTD, Fortinet

Forcepoint Proxy,Email Gateway

Azure,G42 Cloud

TrendMicro(Apex and DSM)

Scholastic Accreditation

Bachelor of Technology in Electronics and Communication, Anna University, 2011

Certifications Courses

  • CCIE Security (60352)
  • OPSWAT ICAP certified
  • BIG-IP F5 –CA
  • BIG-IP F5-WAF
  • Fortigate Network Security Associate Level 2(NSE2)
  • Fortigate Network Security Associate Level 3(NSE3)
  • Fortigate Network Security Professional (NSE4)
  • Fortigate Public Cloud (NSE7)
  • Microsoft Certified: Azure Network Engineer Associate
  • CCNA – Cisco Certified Network Associate
  • Cisco Certified Specialist - Enterprise Core
  • Cisco Certified Specialist - Security Core
  • CCNP Switch Certified (CISCO CERTIFIED NETWORK PROFESSIONAL)
  • ITIL Foundation Certified

Products Handled

  • Cisco FTD,PaloAlto and Fortinet
  • Cisco ISE, Forescout
  • Forti-Sandbox
  • Forti-Authenticator,SDO
  • F5 LTM,ASM,APM,GTM
  • Barracuda Load balancer
  • Cisco IronPort (ESA),Forcepoint,Symantec Email Security
  • Cisco WSA, Forcepoint,Symantec Web Security
  • Cloud-Azure,G42
  • OPSWAT ICAP,Metadefender ,
  • TrendMicro APEX and DSM

Timeline

Senior Cyber Security Engineer

CPX Holding
07.2023 - Current

Network & Security Engineer

Etisalat Technologies
11.2020 - 07.2023

Network & Security Engineer

Gulf Business Machines
04.2019 - 10.2020

Network Engineer

Computer Network Systems
02.2018 - 04.2019

Network Engineer

Gulf Business Machines
01.2016 - 01.2018

Network Engineer

Aurus Inc USA and Aurus Tech Pvt Ltd.
02.2014 - 12.2015

Network Operational Engineer

PCS Technology Ltd.
12.2012 - 01.2014

Similar Profiles

CREATE PROFILE
SHINU KURUVILASenior Network Security Engineer