Experience
Technical Domains
Network & Firewall Architecture
- Palo Alto Networks (NGFW, Panorama)
- Check Point, Fortinet, Azure Firewall
- High-availability design, segmentation, policy standardization
Zero Trust, Secure Access & DLP
- Zscaler (ZIA, ZPA, ZDX)
- Forcepoint (Hybrid Proxy, Endpoint DLP)
- Secure Web Gateway and policy-driven access models
Threat Detection & Visibility
- Network Detection & Response platforms
- FireEye (NX, EX, MAS)
- SIEM & threat intelligence integration
Cloud & Governance
- Azure security architecture & native controls
- Secure hybrid connectivity patterns
- Compliance alignment (PCI, HIPAA, NIST)
- AlgoSec, Tufin policy governance
Professional Experience
LTM (formerly LTIMindtree) – Client: International Financial Organization
Security Architect / Senior Network & Cloud Security Consultant Aug 2021 – Present Apr 2017 – May 2021
At LTM, I designed and operated enterprise-grade security architectures supporting organization-wide users across on-premises, hybrid, and cloud environments. My role combined architecture design, hands-on engineering, incident leadership, and security governance within a highly regulated environment.
Zero Trust & Secure Access Architecture
- Led enterprise-wide Zero Trust architecture initiatives using Zscaler to modernize secure access and reduce reliance on legacy VPN and proxy models.
- Designed policy-driven access controls aligned with identity, device posture, and application context, supporting distributed enterprise users.
- Defined traffic forwarding, SSL inspection strategies, and secure access patterns for offices, data centers, and remote users.
- Collaborated with vendor engineering teams to enable regional traffic localization and resilient access models.
- Redesigned legacy network-level access into application-level segmentation, aligning access decisions with Zero Trust principles and business risk.
Firewall Architecture & Platform Modernization
- Co-led next-generation firewall modernization programs, focusing on architecture standardization and long-term platform strategy.
- Designed high-availability firewall architectures supporting mission-critical enterprise applications.
- Standardized firewall policies, NAT strategies, and operational runbooks to improve consistency and reduce operational risk.
- Performed upgrade impact analysis and coordinated remediation across infrastructure and application teams.
Network Detection & Threat Engineering
- Led deployment of enterprise Network Detection & Response (NDR) capabilities across core environments.
- Designed traffic visibility and mirroring strategies integrated with SOC workflows.
- Tuned detection policies, resolved secure API integrations, and documented reference architectures for operations teams.
Secure Web Gateway, Proxy & DLP
- Architected secure web gateway and proxy solutions for enterprise users and specialized workloads.
- Designed SSL bypass and exception strategies to support legacy applications while maintaining security controls.
- Led endpoint DLP proof-of-concepts and deployments aligned with data protection requirements.
Cloud & Compliance Security
- Enabled secure hybrid and cloud connectivity aligned with enterprise risk and regulatory standards.
- Partnered with application and cloud teams to embed security architecture into migration initiatives.
- Led vulnerability remediation and audit response programs, maintaining evidence and documentation for compliance assessments.
Leadership & Operational Excellence
- Provided architectural leadership and escalation support for high-impact security incidents.
- Standardized incident response procedures, shift handovers, and operational documentation.
- Mentored engineers through structured knowledge transfer and design reviews.
- Acted as a trusted advisor to stakeholders on security risk and architectural decisions.
Iron Bow Technologies – Herndon, VA
Senior Security Engineer
- Implemented enterprise security awareness and phishing resilience programs.
- Led privileged access password governance initiatives.
- Performed vulnerability remediation and risk coordination across infrastructure teams.
- Evaluated Zero Trust and identity platforms to support secure access strategy.
Wipro Technologies – Client: Comcast Corporation
Senior Security Engineer Moorestown, NJ
Selected to support enterprise-scale security operations across multiple network and application environments, with responsibility for proxy security, firewall platforms, intrusion prevention, wireless security, and compliance-driven controls.
- Acted as Subject Matter Expert (SME) for proxy security, IPS/IDS, advanced threat detection, and firewall governance.
- Designed and optimized firewall policies, segmentation models, and access controls aligned with enterprise standards.
- Led firewall upgrades, rulebase optimization, and policy cleanup initiatives to reduce attack surface.
- Performed compliance gap assessments and implemented compensating controls aligned with regulatory standards.
- Supported incident response by analyzing malicious traffic, file hashes, and threat indicators in coordination with SIRT.
- Conducted root cause analysis for security incidents and presented remediation strategies to stakeholders.
Tata Consultancy Services – Clients: Target & Walgreens
Security Technical Lead
Served as a core member of enterprise Security Incident Response Teams, coordinating threat intelligence, vulnerability management, incident response, and security operations.
- Led threat intelligence analysis and risk prioritization using internal and external feeds.
- Coordinated incident response activities, including investigation, containment, and executive reporting.
- Translated vulnerability and threat data into actionable remediation plans for infrastructure and application teams.
- Produced executive-level security reports and presented risk posture and trends to leadership.
- Supported PCI compliance initiatives and secure handling of sensitive data environments.
Education
Master of Computer Applications – Anna University Bachelor of Computer Science – Madras University