('binary' encoding is not supported, stored as-is) Hi there, I am interested in any type of Security Consultant/ Management/Engineer type positions in the Greater Boston region. I believe that understanding the business aspects of Information Security are equally important as understanding the technical aspects of it. I have a strong balanced knowledge in this field of expertise. I have 6-7 years experience in the Information Security industry with key certifications such as CISSP, CCSE, CCNA and MCSE to my name. My specialty areas include the design and implementation of Security Infrastructures across a wide variety of industries including e-commerce and e- business. My knowledge of technologies include Firewalls, VPN's, PKI, IDS and Remote Access. I have performed many security assessments, penetration tests, security audits and designed security policies as well as provided recommendations and solutions. I have a strong background in both MS Windows and UNIX platforms. Other specialty areas include Project Management and Business Development. I have also trained and mentored other engineers. I have been a consultant for 4 years working for companies such as Lucent, SIAC (a subsidiary of the New York Stock Exchange) and the Sydney Police Department. I have also worked with more than 15 clients around the Greater Boston region including Fidelity, Genuity, EMC and Starwood Hotels. I have a Bachelor of Electrical and Electronic Engineering and I am currently pursuing a part time MBA at Babson College. I thank you for taking the time to review my resume seen below. Regards, Rajesh Pradhan --------------------------------------------------------- RAJESH PRADHAN r_pradhan1at_private Education: Pursuing a Masters in Business Administration (MBA), 2nd year. Babson College, Wellesley, MA - evening program Bachelor of Engineering - Electrical & Electronic, Dec 1995. University of Canterbury, New Zealand. Certifications: Certified Information Systems Security Professional (CISSP), Sep 2000. CheckPoint Certified Systems Engineer 4.0 (CCSE), May 2000. Checkpoint Certified Systems Associate 4.0 (CCSA), May 2000. Cisco Certified Network Associate (CCNA), Feb 2000. Microsoft Certified Systems Engineer (MCSE), Sep 1999. Microsoft Certified Professional + Internet (MCP+I), Sep 1999. Specialty Areas: Security Infrastructure Design & Implementation Document the design and configuration for new local and wide area network security infrastructures. Design and implement network security solutions encompassing Firewalls - DMZ setup, VPN's, IDS, PKI Infrastructure, Remote Access and Internet Services. Perform security vulnerability assessment/penetration testing, security audits, security risk assessments and policy design. Implement recommendations based on assessment and audits using best practices, industry trends and standards. Provide Incident Handling strategies. Implement security infrastructures across a variety of industries including e-business and e-commerce. Project Management Participate in kickoff meetings with clients to discuss the Statement of Work, project methodology and final deliverables. Perform requirements gathering to prepare the Project Definition Document. This document outlines the scope, schedule, key milestones and deliverables of the project. Develop and manage the high level and detailed level project plans as the project lead and mentor junior engineers. Provide status reports to the client at status meetings to communicate issues and milestones on a weekly basis. Communicate final deliverables to the client at the completion of the engagement through a formal presentation. Business Development Develop business opportunities for the Security Practice considering the strategic goals and growth objectives of the company. Pro-actively look for new business opportunities at client engagements. Review RFI's and prepare RFP's to be submitted to the client. Participate in pre sales calls as a subject matter expert to gain business. Prepare Statements of Work. Develop new security service offerings and solutions. Develop training material and facilitate security training to engineers to grow the Security Practice. Technical Skills Summary: Protocols: TCP/IP, EIGRP, RIP, SNMP, DHCP, DNS, SMTP, HTTP, FTP. Firewalls: Checkpoint, Cisco PIX, Gauntlet, Cyberguard, Lucent -Brick, Raptor. VPN's: Nortel-Contivity, Timestep, Cisco, Lucent-Brick. Security Tools: ISS products, NMAP, Nessus, Encase. IDS: Cisco IDS, ISS Real Secure, Snort. Authentication: RADIUS, TACACS, SecureID. Operating Systems: Solaris (2.x, 7&8), Linux 7.x, IRIX, HP-UX 10,11, Windows 2000, Windows NT, Win98. Hardware Platforms: Cisco Routers, Cisco Catalyst Switches, Sun SPARC stations. WAN Protocols: ATM, Frame Relay, ISDN, PPP. LAN Protocols: Ethernet, Token Ring, Wireless (802.11). Network Tools: HP LANanalysis, CiscoWorks, Cisco Secure Policy Manager. Languages: Shell and Perl scripting. Professional Experience: Lucent Technologies - Enhanced Services & Sales, Burlington, MA Security Consultant - (Jun 1999 - Present) Notable Clients: Genuity, Fidelity, EMC, NaviSite, Starwood, E-travel, CMGI, Infinium, LifeCare, Norwich University, Ironmoutain, Network Plus, Sepracor, Amherst, Oregon State Lottery. Designed a network based Intrusion Detection System for an Insurance/Healthcare organization using Cisco IDS and Cisco Secure Policy Manager. Performed an internal UNIX based DNS security assessment for a large Financial Corporation and provided recommendations based on findings to improve the overall security posture. Recommended solutions to stop the threat of virus attacks such as Nimda, Code Red etc. Performed a security assessment including vulnerability/penetration testing for a large Application Service Provider. This included assessing the company's information security covering all 10 CISSP domains and comparing it to an ISO17799 based standard to provide a gap analysis report. The environment was Cisco and Windows NT. Performed forensic analysis of systems using tools such as Encase to detect the activities of a suspicious employee and gather evidence against this employee. Other forensic tools were also used and vulnerability scanning was performed. Designed and installed a Lucent Managed Firewall VPN solution for a Military University. This also included the installation and configuration of Steel Belted RADIUS integrating NT domain authentication. Developed test procedures for the Nortel-Contivity 100 gateway in large ISP environment. Tested the Cisco VPN Client with the Contivity 100 platform. Designed gateway configurations for large Contivity 100 customer offering. Also worked with the Nortel Contivity 1500, 2500 platforms for testing various features of the product. Tested new versions of code for Timestep VPN gateways in a large ISP environment. Troubleshooter and tested various configurations, encompassing IPSEC, Entrust CA's, X.500, shared secret and CERT based tunnels. Performed a complete security audit for large organization including penetration testing with various tools (ISS, Nmap, Nessus). Audit included host and network security assessment. The environment consisted of Cisco, Unix and Windows NT platforms. Implemented Cisco PIX firewalls series 5.x for two large Application Service Providers with failover. Also implemented Cisco VPN solution using PIX firewall and Cisco's Safenet VPN Client. Designed and documented DMZ, which consisted of a Cisco PIX Firewall 5.x series, connected to Checkpoint FW for 3rd Party access. Troubleshooted Firewall issues relating to Cisco Secure (TACACS) and NAT. Migrated FTP traffic from Gauntlet to Checkpoint environment. Performed several Internet, Database and System Scans using ISS products for a large Storage company. Scans included UNIX and Windows NT hosts. Recommendations were made to improve security using scan results. Tested large telecommunications Firewall solution, including service procedures and technical details. Implemented a Linux test host. This host was configured for inbound and outbound ftp, telnet, ssh, http, smtp to test access through Gauntlet 4.0 Firewall. Implemented and designed a Checkpoint FW-1 4.0 Firewall solution for large State Lottery Commission. Designed policy, network address translation and routing details on SUN Solaris 2.6 platform. Hardened OS to tighten host security. Made available Internet Email and Web access to Lottery staff. Performed Project Management across all engagements. Developed business opportunities for the corporation. Started a CISSP study group to certify engineers and make them more marketable. SIAC - subsidiary of New York Stock Exchange (NYSE), Brooklyn, NY Network Security Consultant - (Mar 1999 - Jun 1999) (contracted through RKA) Documented the External Access Backbone Network (EABN) which consisted of approximately 20 Gauntlet Firewalls. The EABN linked the NYSE Corporate LAN, Member Firms, SIAC Corporate LAN and various test networks. Built customer reports that contained Firewall configurations, HP-UX host networking and routing information. Developed Perl scripts to automate the extraction of host information to be used in automated configuration checks. This was in an HP-UX environment. Also developed complex Perl scripts to extract policy information from TIS Gauntlet Firewalls including Source/Destination Rules, Networks, Packet Filtering and NAT. Made configuration changes to TIS Gauntlet Firewall and developed scripts to allow a smoother migration to Checkpoint Firewall-1. Opened ports on TIS Gauntlet 3.1 and 4.1 Firewalls to allow NYSE Corporate LAN to talk to servers on the SIAC Corporate LAN. Raymond Karsan Associates (RKA), Woburn, MA Network Security Consultant - (Jan 1999 - Jun 1999) Created a business proposal for establishing a VPN using Point to Point Tunneling Protocol taking into account issues of security and feasibility. Recommended the best solutions for using PPTP and RAS on Windows NT/95. Established a VPN across the Internet for clients within RKA to external vendors. Designed and implemented new LAN technologies for RKA staff connections to external companies via the Internet. Provided networking support for the organization in a UNIX environment. New South Wales Police Service, Sydney, Australia Security Project Manager - (Jul 1998 - Oct 1998) Project managed the design and implementation of the New South Wales (NSW) Police Service's Internet, Firewall and Intranet System architecture. Enabled NSW (16000) Police staff members access to the Internet using UNIX/NT environment that included Web Browsing, Email, and FTP. Worked on a Government rated (E3) firewall system consisting of two firewalls, an Inner Guard (CyberGuard on HP-UX) and an Outer Guard (Checkpoint FW-1 on a Windows NT Server). Implemented ISS RealSecure Intrusion Detection System for monitoring potential hackers from the Internet. Point of contact to Internet Service Provider to provide appropriate Internet connections. Implemented SMTP Mail Gateways and FTP/HTTP Gateways using Trend Micro's Interscan Viruswall and eManager. Implemented MS Exchange Server for testing the complete email system, and integrated it with Mainframe based email systems. Designed Proxy system with MS Proxy 2.0 for Internet and Intranet access, taking into account bandwidth limitations and security. Telecom New Zealand Ltd (TNZL), Auckland, New Zealand Network Analyst - (Feb 1996 - May 1998) Maintained & supported TNZL's Wide Area Network/Internet Systems for the entire country in order to provide a fault free environment for the company's staff. Responsible for TNZL's Internet Gateway and Firewall system including mail, news and proxy server's. Tasks involved System Administration, developing/modifying Perl scripts and shell scripts, rotating logs, running cronjobs and maintaining SGI IRIX Hosts. Set up Auckland's global view of the Wide area network using Cisco Works on a Sun Sparc station. Developed scripts on Solaris to automate routine tasks. Maintained, configured and installed Cisco Routers/Switches (7500-2500's), UB Hubs, ATM Cisco catalyst 5000/5500's and Lightstream ATM 1010 switches. Responsible for Bootp (running Linux) and DHCP/DNS servers. Related Course Work: Communications, Software and Hardware Engineering. Checkpoint FW-1 on Solaris, Cisco Secure and Safeword. Introduction and UNIX. Advanced Cisco Router Configuration, Introduction to Cisco Router Configuration, Cisco ATM. Financial and Managerial Accounting, Statistics for Business and Economics, Organizational Behavior. Project Management, Consulting Workshop. References and Recommendations: Available on Request
This archive was generated by hypermail 2b30 : Fri May 17 2002 - 10:35:56 PDT