Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
1 like614 views
Finto Thomas is an Information Technology Security Consultant with over 8.5 years of experience advising large businesses and Fortune 500 companies. He has expertise in network and security architectural design, implementation, and review. Some of his skills include cyber threat intelligence, penetration testing, firewall configuration, and cloud/mobile security. He is certified in CISSP, several Cisco certifications, ITIL, and IBM Qradar. He has worked as a Project Manager at IBM India and held security roles at Wipro and Trimax Data Centre.
Finto InfoSec ExIBM- CISSP ITIL CCSP CCIE JNCIS MCP 8.5 Yrs
- 1. Finto Thomas Bangalore, India fintont@gmail.com; + 91 9916 320 524 Information Technology - Security Consultant Employers Certifications CAREER HIGHLIGHTS : Enterprise Security consultant, experienced in advising and IT architecturing of Mid to large business and fortune 500 clients in past 8.5 years. Expertise in network & security multitier architectural design & review, system integration and in various application architecture. It covers Multi-vendor & heterogeneous architects. Self starter and Solution oriented with good interpersonal skills to drive towards closure with taking ownership on various process / situations. More than 8.5 years of experience in IT (Data Center services) , Banking, Insurance, Retail, Mining industries and in Electronic consumer durables. Hands on Implementation experience of a Public Data Centre (1.5Lacs Sq.ft) and setting up NOC & SOC. Hands on experience of risk assessment procedures, authentication technologies, policy formation, and security attack pathologies (VA PT). Delivering results on time, within budget, and to the highest specification, And Developing accurate and achievable project plans. Received Customer satisfaction award from IBM – 2012 & 2014. TECHNICAL SKILLS OPERATIONAL SKILLS Cyber Threat intelligence Network & Security - Planning, Design, Implementation Datacenter, SOC NOC implementation and Disaster Recovery Procedures Penetration Testing & Vulnerability Assessments, Firewall , IDS/IPS , SIEM,VPN, Proxy and Antispam technologies Routing & Switching , failovers, load balancers Cloud & Mobile Security & Virtualization Security Incident Response Project Management System Integration Planning Technical Documentations Regulatory Compliance Risk Management Lean Methodology (GDF) PROFESSIONAL EXPERIENCE IBM India Pvt., Bangalore, KAIN, Project Manager (SME & Security Delivery Specialist), July 2010 – April 2014. WIPRO Infotech Pvt., Mysore, KAIN, Senior Engineer Security Management, Jan 2010 – July 2010. TRIMAX DATA CENTRE., Bangalore, KAIN, Netwok And Security Engineer, April 2009 – Dec 2009. WIPRO Infotech Pvt. Cochin / Bangalore, KAIN, Network Engineer , Nov 2006 - April 2009. (Contract: Prudent technologies (P) Ltd & DNC Communication). Logics Infotech, Thrissur. KLIN, Field Engineer, April 2004 – April 2005. TECHNOLOGY SUMMARY Security Technologies: Intrusion systems IDS/IPS (Proventia , Cisco , Checkpoint, Crossbeam); Anti Spam (Proventia, Ironport, Brightmail); AAA; Proxy - URL /Content filtering (Ironport, Websense, Squid, Sonicwall); VPN (Cisco , Checkpoint, Juniper, Fortinet); Anti-Virus Tools (Norton, Symantec, Ghost, etc.); Digital Certificates; DLP (Websense). Vulnerability & Penetration test: Backtrack / Kali, Retina , GFI, Nessus , Nmap, Burp, OWASP zap, Metasploit, SQL injection , XSS, ISS VMS, Proventia Enterprise scanner. Networking: TCP/IP , LANs (Nortel L2/l3 Switches), WANs, VPNs, Routers, Firewalls (Cisco, Juniper, Checkpoint, fortinet, IP tables), Load balancer (Bluecoat, F5), WAN optimizer. Applications: Remedy, Maximo, Whatsupgold, Qradar, Siteprotector, MS Office (Visio), Wireshark. Operating Systems: Unix-Based Systems (Solaris, Linux, BSD, Android); Windows (all flavors) CERTIFICATIONS AND COURSEWORK ISC2 - Certified Information Systems Security Profestonal (CISSP) - ID # 500482 Cisco - CCNA, CCSP & CCIE (Written R&S (2012) . ID # CSCO10999833 Implementing Cisco Intrusion Prevention Systems (IPS: 642-533). Certified in Cisco Network Admission Control Specialist (CNAC: 642-591). Certified Cisco Firewall Specialist. (SNPA: 642-522). Certified Cisco Information Security Specialist. (SND: 642-552). Cisco Certified Network Associate (CCNA: 640-801). Committee on National Security Systems (CNSS) 4011 & 4013 Recognition certification. Juniper Network Certification Internet Specialist Juniper Network Certification Internet Specialist (JNCIS-SEC: JNO-330).
- 2. Juniper Network Certification Internet Associate (JNCIA-EX: JNO-400). Microsoft Certified Professional - Microsoft Exchange Server 2003 (MCP: 70-284). (2005) EXIN - ITIL Foundation v3 (2012) IBM Qradar Foundation & Clould Architect IBM Certified Solution Architect - Cloud Computing Infrastructure V1. IBM Certified Associate - Security QRadar V7.0 MR4. * pursuing OSCP (2014). EDUCATIONAL QUALIFICATION Govt. Polytechnic Diploma (3 years) in Electronics and communication , 2004 University of Govt Of Kerala, Technical Department. Thrissur (India) Technical High School Matriculation (2001) Under Govt Of Kerala, Technical Department. Thrissur (India) PROFESSIONAL SUMMARY PROCESS AND PROCEDURES IBM: Project Management, India Level SME (Subject Matter Expert) and Focal point for SOC Operations & infrastructure Protection. WIPRO: Lead for Network & Security members of an insurance company. Remote Data Centre support for one of the major Insurance stakeholder. Maintain and improve the Confidentiality, Integrity and Availability Trimax: Member for public Data centre implementation team measuring large 1.2 lacks sq. ft. Working with Lean (GDF) methodology to improve performance and utilization in-line with business needs. Service Activation & Deactivation Process in-line with compliance for ISEC policy ISEC policy document creation for each device group In charge for monitoring the structured cabling of the Data centre end to end. Vulnerability Assessment and security audit was done and the reports have been accepted by clients. Feasibility report creation for Leased line installation and VSAT conversions. Ethical Hacking: Supporting Customer/3rd Party Ethical hacker on Penetration Tests. Periodic Compliance activities to validate the device security based on ISec Policy & Privilege Revalidation. Analysing suspected/infected files, web URL’s with extended support from most AV vendors. New deal deliverable review, Process building & documentation, Member of Architectural design / review, Project transition. Automation tasks to reduce human effort and also minimizing human errors. TECHNICAL SKILL HIGHLIGHTS Hands on Implementation experience of a Public Data Centre (1.5Lacs Sq.ft) and setting up NOC & SOC. Configuration of site-to-site, Remote Access VPN with IPSec on different vendor firewalls. Performed Vulnerability Assessment on servers, client PCs, routers, and switches using tools (such as Nessus and GFI Languard) and fixed the threats. Expertise in designing and assigning IP addressing scheme in an enterprise level. Expertise in Yearly Data Centre maintenance | Shut Down activities. Implemented port security for our clients to prevent internal network attacks. Experience on Cisco routers 7507, 7206, 3660,1841,1721,1711 and 1750 and Cisco PIX 515E firewall and Switches (6509, 3750, 3560 and 2960) for the enterprise needs. The network comprises of E1/CE1/PRI/BRI technologies pan country. The entire network infrastructure is being managed from Data Centre as well as in Distribution points, using various monitoring tools. Configured Cisco ACS for TACACS+ authentication and authorization. Familiar with monitoring software's like Cisco LMS, Juniper NSM and Manage Engine (OP Manager, Netflow Analyzer and Device Expert). Planning and implementation of systems & network devices hardening process. Migrating Juniper Firewall configurations into NSM server, with cluster configurations, without down time. Threat Analysis and Research, Security Intelligence Advisory service. Websense - Web security gateway, Data Security (DLP) & Email Security Installation & migrati Web Security administration for URL filtering based on IP address & Active Directory (DC agent) user based polices, Backups & Restore of data bases. Configuration and maintain Checkpoint – Nortel Alteon firewall (6416) and checkpoint VSX 9070 firewall through Checkpoint R65 Management server & Cisco ASA 5520 IPS module through Cisco Security device manager. Support and Management of PortWise SSL VPN, Symantec Bright mail Security, PGP-Encryption And Etc... Managed the backbone device like Juniper ISG Firewalls and Cisco High end Switch 6509. Configuration of Juniper ISG 1000 firewall and Sonicwall NSA 240 firewall for public data centre. Configuration of Packet Shaper (Bluecoat 3500) for bandwidth allocation to servers at data centre and client PCs in NOC areas. VLAN management on Nortel ERS L2/L3 Switches - 8100, ERS-8300 and ERS-8600 series. ODC connected to one of the telecom testing company, through Redhat Linux Firewalls and OPENVPN. CRM tool E- Help, and Bandwidth monitoring through MRTG. Yearly Activity, Power shut down and maintains of Global Delivery Centre, as well other facilities. Configuration of DDR with dialer profiles for ISDN as backup for leased line circuit.
- 3. Failover configuration, Hardware installation and configuration of PIX firewall 515E. Extensive experience on network monitoring tools like Tivoli netview and Solar winds Troubleshooting of Leased line, channelized E1 and ISDN problems. BUSINESS AND RESOURCES IMPROVEMENT PLAN Training and sharing of the technical and process details to the Service line resources (IBM / Wipro). Part of new recourse selection Board and created/modified documentation for on boarding, off boarding process each accounts specific. (IBM / Wipro / Trimax) Owner & Author of IBM internal Blog and forum on Infrastructure Protection, which initiated for a common platform for sharing knowledge between employees under our service line. (IBM) Created and consolidated resource role improvement training materials available internally (IBM) Remote Access VPN implementation on Check Point SBox-200. (for the employee flexibility ) Redesigned the network for two clients with exiting devices, to improve the performance and security. Good experience and understanding on public Data centre infrastructure. CHALLENGES AND COST CUTTING SOLUTION TO BUSINESS Expertise in design and configuration bandwidth usage for billing system for shared Data centre on volume and speed. Replaced brand router and firewall product with Linux machine using IP tables & untangle products for cost saving. Playing key role in a bank network where it has a distributed wide area network which covers 500 branches across the country. Coordinated, planned and migrated IDS devices into IPS Inline with signature tuning across the globe in expected time frame. Coordinated, planned and upgraded routers IOS and Hardened over 20 remote locations within a period of One Month. Coordinating with the Network Hardware vendors. ISS Proventia Migration & implementation – Real sensor replacement with providential for Windows & Linux. Nortel Core Switch’s Up-gradation without full outage. Effective ODC segregation between labs (testing environments). MAJOR PROJECTS Implementation of a Public Data Centre (1.5Lacs Sq.ft) with virtualization and high availability. IBM & Trimax - Duration: 9 Month Team Size: 12 Members Location: India Setting up NOC & SOC Team along with onshore and off shore NOC room architecture to the Data Centre. IBM & Trimax - Duration: 6 Month Team Size: 10 Members Location: Global Coordinated, planned and Implemented / migrated network security devices across the globe in expected time frame along with business needs. IBM, Wipro & Trimax - Duration: 1– 6 Months Team Size: 6 Members Location: Global Designed and configured bandwidth usage for billing system for shared Data centre on volume and speed. Wipro & Trimax - Duration: 1 Month Team Size: 2 Members Location: India Redesigned the network for two clients with exiting devices, to improve the performance and security, according to the risk assessment. Wipro & Trimax - Duration: 1 week Team Size: 2 Members Location: India Configuration of site-to-site, Remote Access VPN with IPSec on different vendor firewalls. Replaced brand router and firewall product with Linux machine using IP tables & untangle products for cost saving. Played key role in a bank network where it has a distributed wide area network which covers 500 branches across the country. Coordinated, planned and upgraded routers IOS and Hardened over 20 remote locations within a period of One Month. PERSONAL DETAILS Date of Birth : 30th May 1986 Marital Status : Married Nationality : Indian Communication Skills : English and Malayalam Passport No : M0237945 NSR IT-Pin : 691034416708 LinkedIn : http://ae.linkedin.com/in/fintothomas/ Proffestinal Blog : http://infosecpt.blogspot.com Reference will be provided upon request.