Hi there,
I am interested in any type of Security Consultant/
Management/Engineer type positions in the Greater Boston
region.
I believe that understanding the business aspects of
Information Security are equally important as understanding
the technical aspects of it. I have a strong balanced
knowledge in this field of expertise.
I have 6-7 years experience in the Information Security
industry with key certifications such as CISSP, CCSE, CCNA
and MCSE to my name. My specialty areas include the design
and implementation of Security Infrastructures across a
wide variety of industries including e-commerce and e-
business. My knowledge of technologies include Firewalls,
VPN's, PKI, IDS and Remote Access. I have performed many
security assessments, penetration tests, security audits
and designed security policies as well as provided
recommendations and solutions. I have a strong background
in both MS Windows and UNIX platforms. Other specialty
areas include Project Management and Business Development.
I have also trained and mentored other engineers.
I have been a consultant for 4 years working for companies
such as Lucent, SIAC (a subsidiary of the New York Stock
Exchange) and the Sydney Police Department. I have also
worked with more than 15 clients around the Greater Boston
region including Fidelity, Genuity, EMC and Starwood
Hotels.
I have a Bachelor of Electrical and Electronic Engineering
and I am currently pursuing a part time MBA at Babson
College.
I thank you for taking the time to review my resume seen
below.
Regards,
Rajesh Pradhan
---------------------------------------------------------
RAJESH PRADHAN
[EMAIL PROTECTED]
Education:
Pursuing a Masters in Business Administration (MBA), 2nd
year.
Babson College, Wellesley, MA - evening program
Bachelor of Engineering - Electrical & Electronic, Dec
1995.
University of Canterbury, New Zealand.
Certifications:
Certified Information Systems Security Professional
(CISSP), Sep 2000.
CheckPoint Certified Systems Engineer 4.0 (CCSE), May 2000.
Checkpoint Certified Systems Associate 4.0 (CCSA), May 2000.
Cisco Certified Network Associate (CCNA), Feb 2000.
Microsoft Certified Systems Engineer (MCSE), Sep 1999.
Microsoft Certified Professional + Internet (MCP+I), Sep
1999.
Specialty Areas:
Security Infrastructure Design & Implementation
Document the design and configuration for new local and
wide area network security infrastructures.
Design and implement network security solutions
encompassing Firewalls - DMZ setup, VPN's, IDS, PKI
Infrastructure, Remote Access and Internet Services.
Perform security vulnerability assessment/penetration
testing, security audits, security risk assessments and
policy design.
Implement recommendations based on assessment and audits
using best practices, industry trends and standards.
Provide Incident Handling strategies.
Implement security infrastructures across a variety of
industries including e-business and e-commerce.
Project Management
Participate in kickoff meetings with clients to discuss the
Statement of Work, project methodology and final
deliverables.
Perform requirements gathering to prepare the Project
Definition Document. This document outlines the scope,
schedule, key milestones and deliverables of the project.
Develop and manage the high level and detailed level
project plans as the project lead and mentor junior
engineers.
Provide status reports to the client at status meetings to
communicate issues and milestones on a weekly basis.
Communicate final deliverables to the client at the
completion of the engagement through a formal presentation.
Business Development
Develop business opportunities for the Security Practice
considering the strategic goals and growth objectives of
the company.
Pro-actively look for new business opportunities at client
engagements.
Review RFI's and prepare RFP's to be submitted to the
client.
Participate in pre sales calls as a subject matter expert
to gain business. Prepare Statements of Work.
Develop new security service offerings and solutions.
Develop training material and facilitate security training
to engineers to grow the Security Practice.
Technical Skills Summary:
Protocols: TCP/IP, EIGRP, RIP, SNMP, DHCP,
DNS, SMTP, HTTP, FTP.
Firewalls: Checkpoint, Cisco PIX, Gauntlet,
Cyberguard, Lucent -Brick, Raptor.
VPN's: Nortel-Contivity, Timestep, Cisco,
Lucent-Brick.
Security Tools: ISS products, NMAP, Nessus, Encase.
IDS: Cisco IDS, ISS Real Secure, Snort.
Authentication: RADIUS, TACACS, SecureID.
Operating Systems: Solaris (2.x, 7&8), Linux 7.x,
IRIX, HP-UX 10,11, Windows 2000, Windows NT, Win98.
Hardware Platforms: Cisco Routers, Cisco Catalyst
Switches, Sun SPARC stations.
WAN Protocols: ATM, Frame Relay, ISDN, PPP.
LAN Protocols: Ethernet, Token Ring, Wireless
(802.11).
Network Tools: HP LANanalysis, CiscoWorks, Cisco
Secure Policy Manager.
Languages: Shell and Perl scripting.
Professional Experience:
Lucent Technologies - Enhanced Services & Sales,
Burlington, MA
Security Consultant - (Jun 1999 - Present)
Notable Clients:
Genuity, Fidelity, EMC, NaviSite, Starwood, E-travel, CMGI,
Infinium, LifeCare, Norwich University, Ironmoutain,
Network Plus, Sepracor, Amherst, Oregon State Lottery.
Designed a network based Intrusion Detection System for an
Insurance/Healthcare organization using Cisco IDS and Cisco
Secure Policy Manager.
Performed an internal UNIX based DNS security assessment
for a large Financial Corporation and provided
recommendations based on findings to improve the overall
security posture. Recommended solutions to stop the threat
of virus attacks such as Nimda, Code Red etc.
Performed a security assessment including
vulnerability/penetration testing for a large Application
Service Provider. This included assessing the company's
information security covering all 10 CISSP domains and
comparing it to an ISO17799 based standard to provide a gap
analysis report. The environment was Cisco and Windows NT.
Performed forensic analysis of systems using tools such as
Encase to detect the activities of a suspicious employee
and gather evidence against this employee. Other forensic
tools were also used and vulnerability scanning was
performed.
Designed and installed a Lucent Managed Firewall VPN
solution for a Military University. This also included the
installation and configuration of Steel Belted RADIUS
integrating NT domain authentication.
Developed test procedures for the Nortel-Contivity 100
gateway in large ISP environment. Tested the Cisco VPN
Client with the Contivity 100 platform. Designed gateway
configurations for large Contivity 100 customer offering.
Also worked with the Nortel Contivity 1500, 2500 platforms
for testing various features of the product.
Tested new versions of code for Timestep VPN gateways in a
large ISP environment. Troubleshooter and tested various
configurations, encompassing IPSEC, Entrust CA's, X.500,
shared secret and CERT based tunnels.
Performed a complete security audit for large organization
including penetration testing with various tools (ISS,
Nmap, Nessus). Audit included host and network security
assessment. The environment consisted of Cisco, Unix and
Windows NT platforms.
Implemented Cisco PIX firewalls series 5.x for two large
Application Service Providers with failover. Also
implemented Cisco VPN solution using PIX firewall and
Cisco's Safenet VPN Client.
Designed and documented DMZ, which consisted of a Cisco PIX
Firewall 5.x series, connected to Checkpoint FW for 3rd
Party access. Troubleshooted Firewall issues relating to
Cisco Secure (TACACS) and NAT. Migrated FTP traffic from
Gauntlet to Checkpoint environment.
Performed several Internet, Database and System Scans using
ISS products for a large Storage company. Scans included
UNIX and Windows NT hosts. Recommendations were made to
improve security using scan results.
Tested large telecommunications Firewall solution,
including service procedures and technical details.
Implemented a Linux test host. This host was configured for
inbound and outbound ftp, telnet, ssh, http, smtp to test
access through Gauntlet 4.0 Firewall.
Implemented and designed a Checkpoint FW-1 4.0 Firewall
solution for large State Lottery Commission. Designed
policy, network address translation and routing details on
SUN Solaris 2.6 platform. Hardened OS to tighten host
security. Made available Internet Email and Web access to
Lottery staff.
Performed Project Management across all engagements.
Developed business opportunities for the corporation.
Started a CISSP study group to certify engineers and make
them more marketable.
SIAC - subsidiary of New York Stock Exchange (NYSE),
Brooklyn, NY
Network Security Consultant - (Mar 1999 - Jun 1999)
(contracted through RKA)
Documented the External Access Backbone Network (EABN)
which consisted of approximately 20 Gauntlet Firewalls. The
EABN linked the NYSE Corporate LAN, Member Firms, SIAC
Corporate LAN and various test networks.
Built customer reports that contained Firewall
configurations, HP-UX host networking and routing
information.
Developed Perl scripts to automate the extraction of host
information to be used in automated configuration checks.
This was in an HP-UX environment.
Also developed complex Perl scripts to extract policy
information from TIS Gauntlet Firewalls including
Source/Destination Rules, Networks, Packet Filtering and
NAT. Made configuration changes to TIS Gauntlet Firewall
and developed scripts to allow a smoother migration to
Checkpoint Firewall-1.
Opened ports on TIS Gauntlet 3.1 and 4.1 Firewalls to allow
NYSE Corporate LAN to talk to servers on the SIAC Corporate
LAN.
Raymond Karsan Associates (RKA), Woburn, MA
Network Security Consultant - (Jan 1999 - Jun 1999)
Created a business proposal for establishing a VPN using
Point to Point Tunneling Protocol taking into account
issues of security and feasibility.
Recommended the best solutions for using PPTP and RAS on
Windows NT/95.
Established a VPN across the Internet for clients within
RKA to external vendors.
Designed and implemented new LAN technologies for RKA staff
connections to external companies via the Internet.
Provided networking support for the organization in a UNIX
environment.
New South Wales Police Service, Sydney, Australia
Security Project Manager - (Jul 1998 - Oct 1998)
Project managed the design and implementation of the New
South Wales (NSW) Police Service's Internet, Firewall and
Intranet System architecture.
Enabled NSW (16000) Police staff members access to the
Internet using UNIX/NT environment that included Web
Browsing, Email, and FTP.
Worked on a Government rated (E3) firewall system
consisting of two firewalls, an Inner Guard (CyberGuard on
HP-UX) and an Outer Guard (Checkpoint FW-1 on a Windows NT
Server).
Implemented ISS RealSecure Intrusion Detection System for
monitoring potential hackers from the Internet. Point of
contact to Internet Service Provider to provide appropriate
Internet connections.
Implemented SMTP Mail Gateways and FTP/HTTP Gateways using
Trend Micro's Interscan Viruswall and eManager.
Implemented MS Exchange Server for testing the complete
email system, and integrated it with Mainframe based email
systems.
Designed Proxy system with MS Proxy 2.0 for Internet and
Intranet access, taking into account bandwidth limitations
and security.
Telecom New Zealand Ltd (TNZL), Auckland, New Zealand
Network Analyst - (Feb 1996 - May 1998)
Maintained & supported TNZL's Wide Area Network/Internet
Systems for the entire country in order to provide a fault
free environment for the company's staff.
Responsible for TNZL's Internet Gateway and Firewall system
including mail, news and proxy server's. Tasks involved
System Administration, developing/modifying Perl scripts
and shell scripts, rotating logs, running cronjobs and
maintaining SGI IRIX Hosts.
Set up Auckland's global view of the Wide area network
using Cisco Works on a Sun Sparc station. Developed scripts
on Solaris to automate routine tasks.
Maintained, configured and installed Cisco Routers/Switches
(7500-2500's), UB Hubs, ATM Cisco catalyst 5000/5500's and
Lightstream ATM 1010 switches.
Responsible for Bootp (running Linux) and DHCP/DNS servers.
Related Course Work:
Communications, Software and Hardware Engineering.
Checkpoint FW-1 on Solaris, Cisco Secure and Safeword.
Introduction and UNIX.
Advanced Cisco Router Configuration, Introduction to Cisco
Router Configuration, Cisco ATM.
Financial and Managerial Accounting, Statistics for
Business and Economics, Organizational Behavior.
Project Management, Consulting Workshop.
References and Recommendations:
Available on Request
