Tamerity – Vancouver, B.C Present
Systems Analyst/Security/Product Manager
As a Certified Cloud Security Professional applied conventional security and compliance concepts in a hybrid cloud environment (Azure, AWS)
IT Security expertise in Cloud technologies, Identity and Access Management, Logging and Monitoring, SDLC, Threat and Vulnerability Management, Incident Response.
Defined, Designed and Deployed a complete Fortinet Security Fabric topology: Fortigate NGFW Firewall prevention, detection and intrusion systems; FortiSandbox proactive threat detection; FortiAnalyzer data logs; FortiWeb application layer; Fortiauthenticator identity management
Provided engineering support to integrate security and compliance requirements (ITIL, NIST 800-171, 800-30, PCI DSS) into all enterprise information systems and projects as part of the SDLC process.
Resolved complex operational problems through detailed analysis of statistics, packet captures, logs; coordinated problem resolution with vendors and maintained a peer of technical expertise liaison
Using a business impact analysis (BIA) assessment identified priorities given to each asset and process to determine critical paths and single points of failure. Allowing a thorough cost expenditure to determine service level agreements.
Documented and deployed WAF for PCI DSS 6.6 compliance by protecting against OWASP vulnerabilities
Multitasking multiple projects, prioritized workload based on management direction, and worked under pressure to resolve challenges and meet project deadlines.
Dhesi Enterprises – Burnaby, B.C July 2017 – Oct 2017
AWS Infrastructure/Product Manager
Worked as a consulting architect on a multi-region AWS infrastructure project included implementation and security hardening of (IAM, VPC, EC2, Glacier, S3, NoSQL Database)
Leveraged (Centrify) software for auditing and reporting services for session recording of CloudTrail and Cloudwatch; identity broker service to apply secured privileged access to EC2 instances and extended the Active Directory to AWS
Integrated 3rd party(AlienVault) software in AWS to provide behavioural monitoring (baseline, signatures and anomalies); Asset and Auditing; SIEM and Log Management.
AEconcrete – Langley, B.C March 2017 – May 2017
Microsoft Azure/Vmware/Product Manager
Calculated the total cost of ownership using the MS assessment and planning tool which allowed me to migrate MS Exchange to Office 365 and integrating AD connect for monitoring, synchronization and AD federation services.
Managed a segregation project that included a new configuration setup of Hybrid Microsoft Azure and VMware Domain/File Servers. Group Policy, Cisco Network infrastructure and a complete Incident Response and Disaster recovery strategy
Fortinet Technologies – Burnaby, B.C November 2009 – December 2015
Senior Security Network DevOPS / Dev QA Engineer / Product Owner
Using an Agile methodology successfully provided major oversight and creativity on a 6-year project focused on developing a complete network authentication appliance now a multi-million-dollar unit with worldwide sales.
Consulted with the IT teams on customer risk level assessment findings and delivered optimal security policy standards and frameworks (ISO 27000, NIST 800, OWASP).
Excellent communicator and equally at ease explaining security vulnerabilities to sales, developers, project and QA teams
Built the enterprise level lab with VMware vSphere and vCenter, enabling team to test and troubleshoot Fortiauthenticator features by replicating customer infrastructures, requiring numerous configuration changes.
Bug fixing and testing using a combination of manual and automated testing techniques.
Python web penetration testing, analyzing HTTP responses, web crawling with Scrapy and extracting information.
Configured 50 + enterprise level cross-platform environments using Red Hat, Ubuntu and Windows Servers
Experience with Python / Selenium QA automation framework
FortiSIEM and FortiAnalyzer to log security, compliance levels, and troubleshooting
Continuous Integration / Continuous Deployment pipeline using jenkins
In-Depth knowledge of Fortinet products and features (Web application firewall, Sandbox, NAT, Routing, ACL)
2-factor Authentication, CA management and User Certificate Signing, LDAP/Radius Directory Services, Single-Sign-On, Social Login, Captive Portal, Fortiauthenticator VPN client, OWA agent OTP, Git
GPS Industries Inc. – Surrey, B.C June 2007 – February 2009
Senior Systems Administrator
Managed the budgets and ensured a high level of fiscal control and accountability including estimates and forecasts
Maintenance, monitoring and configuration of IPSec Site-to-Site VPN tunnel between four offices in North America and with minimal disruption moved all legacy databases and windows servers to VMware ESXi
Defined and implemented Sarbanes Oxley compliance roadmap which includes identifying systems and designing the right IT security solutions for safeguarding customer data.
GINDSINGH 