1. Finto Thomas Bangalore, India
fintont@gmail.com; + 91 9916 320 524
Information Technology - Security Consultant
Employers Certifications
CAREER HIGHLIGHTS : Enterprise Security consultant, experienced in advising and IT architecturing of Mid to large business and fortune 500 clients in past 8.5 years.
Expertise in network & security multitier architectural design & review, system integration and in various application architecture. It covers Multi-vendor & heterogeneous architects.
Self starter and Solution oriented with good interpersonal skills to drive towards closure with taking ownership on various process / situations.
More than 8.5 years of experience in IT (Data Center services) , Banking, Insurance, Retail, Mining industries and in Electronic consumer durables.
Hands on Implementation experience of a Public Data Centre (1.5Lacs Sq.ft) and setting up NOC & SOC.
Hands on experience of risk assessment procedures, authentication technologies, policy formation, and security attack pathologies (VA PT).
Delivering results on time, within budget, and to the highest specification, And Developing accurate and achievable project plans.
Received Customer satisfaction award from IBM – 2012 & 2014.
TECHNICAL SKILLS OPERATIONAL SKILLS
Cyber Threat intelligence
Network & Security - Planning, Design, Implementation
Datacenter, SOC NOC implementation and Disaster Recovery Procedures
Penetration Testing & Vulnerability Assessments, Firewall , IDS/IPS , SIEM,VPN, Proxy and Antispam technologies
Routing & Switching , failovers, load balancers
Cloud & Mobile Security & Virtualization
Security Incident Response
Project Management
System Integration Planning
Technical Documentations
Regulatory Compliance
Risk Management
Lean Methodology (GDF)
PROFESSIONAL EXPERIENCE
IBM India Pvt., Bangalore, KAIN, Project Manager (SME & Security Delivery Specialist), July 2010 – April 2014.
WIPRO Infotech Pvt., Mysore, KAIN, Senior Engineer Security Management, Jan 2010 – July 2010.
TRIMAX DATA CENTRE., Bangalore, KAIN, Netwok And Security Engineer, April 2009 – Dec 2009.
WIPRO Infotech Pvt. Cochin / Bangalore, KAIN, Network Engineer , Nov 2006 - April 2009.
(Contract: Prudent technologies (P) Ltd & DNC Communication).
Logics Infotech, Thrissur. KLIN, Field Engineer, April 2004 – April 2005.
TECHNOLOGY SUMMARY
Security Technologies: Intrusion systems IDS/IPS (Proventia , Cisco , Checkpoint, Crossbeam); Anti Spam (Proventia, Ironport, Brightmail); AAA; Proxy - URL /Content filtering (Ironport, Websense, Squid, Sonicwall); VPN (Cisco , Checkpoint, Juniper, Fortinet); Anti-Virus Tools (Norton, Symantec, Ghost, etc.); Digital Certificates; DLP (Websense).
Vulnerability & Penetration test: Backtrack / Kali, Retina , GFI, Nessus , Nmap, Burp, OWASP zap, Metasploit, SQL injection , XSS, ISS VMS, Proventia Enterprise scanner.
Networking: TCP/IP , LANs (Nortel L2/l3 Switches), WANs, VPNs, Routers, Firewalls (Cisco, Juniper, Checkpoint, fortinet, IP tables), Load balancer (Bluecoat, F5), WAN optimizer.
Applications: Remedy, Maximo, Whatsupgold, Qradar, Siteprotector, MS Office (Visio), Wireshark.
Operating Systems: Unix-Based Systems (Solaris, Linux, BSD, Android); Windows (all flavors)
CERTIFICATIONS AND COURSEWORK
ISC2 - Certified Information Systems Security Profestonal (CISSP) - ID # 500482
Cisco - CCNA, CCSP & CCIE (Written R&S (2012) . ID # CSCO10999833
Implementing Cisco Intrusion Prevention Systems (IPS: 642-533).
Certified in Cisco Network Admission Control Specialist (CNAC: 642-591).
Certified Cisco Firewall Specialist. (SNPA: 642-522).
Certified Cisco Information Security Specialist. (SND: 642-552).
Cisco Certified Network Associate (CCNA: 640-801).
Committee on National Security Systems (CNSS) 4011 & 4013 Recognition certification.
Juniper Network Certification Internet Specialist
Juniper Network Certification Internet Specialist (JNCIS-SEC: JNO-330).
2. Juniper Network Certification Internet Associate (JNCIA-EX: JNO-400).
Microsoft Certified Professional - Microsoft Exchange Server 2003 (MCP: 70-284). (2005)
EXIN - ITIL Foundation v3 (2012)
IBM Qradar Foundation & Clould Architect
IBM Certified Solution Architect - Cloud Computing Infrastructure V1.
IBM Certified Associate - Security QRadar V7.0 MR4. * pursuing OSCP (2014).
EDUCATIONAL QUALIFICATION
Govt. Polytechnic Diploma (3 years) in Electronics and communication , 2004 University of Govt Of Kerala, Technical Department. Thrissur (India)
Technical High School Matriculation (2001)
Under Govt Of Kerala, Technical Department. Thrissur (India)
PROFESSIONAL SUMMARY
PROCESS AND PROCEDURES
IBM: Project Management, India Level SME (Subject Matter Expert) and Focal point for SOC Operations & infrastructure Protection.
WIPRO: Lead for Network & Security members of an insurance company. Remote Data Centre support for one of the major Insurance stakeholder. Maintain and improve the Confidentiality, Integrity and Availability
Trimax: Member for public Data centre implementation team measuring large 1.2 lacks sq. ft.
Working with Lean (GDF) methodology to improve performance and utilization in-line with business needs.
Service Activation & Deactivation Process in-line with compliance for ISEC policy
ISEC policy document creation for each device group
In charge for monitoring the structured cabling of the Data centre end to end.
Vulnerability Assessment and security audit was done and the reports have been accepted by clients.
Feasibility report creation for Leased line installation and VSAT conversions.
Ethical Hacking: Supporting Customer/3rd Party Ethical hacker on Penetration Tests.
Periodic Compliance activities to validate the device security based on ISec Policy & Privilege Revalidation.
Analysing suspected/infected files, web URL’s with extended support from most AV vendors.
New deal deliverable review, Process building & documentation, Member of Architectural design / review, Project transition.
Automation tasks to reduce human effort and also minimizing human errors.
TECHNICAL SKILL HIGHLIGHTS
Hands on Implementation experience of a Public Data Centre (1.5Lacs Sq.ft) and setting up NOC & SOC.
Configuration of site-to-site, Remote Access VPN with IPSec on different vendor firewalls.
Performed Vulnerability Assessment on servers, client PCs, routers, and switches using tools (such as Nessus and GFI Languard) and fixed the threats.
Expertise in designing and assigning IP addressing scheme in an enterprise level.
Expertise in Yearly Data Centre maintenance | Shut Down activities.
Implemented port security for our clients to prevent internal network attacks.
Experience on Cisco routers 7507, 7206, 3660,1841,1721,1711 and 1750 and Cisco PIX 515E firewall and Switches (6509, 3750, 3560 and 2960) for the enterprise needs.
The network comprises of E1/CE1/PRI/BRI technologies pan country. The entire network infrastructure is being managed from Data Centre as well as in Distribution points, using various monitoring tools.
Configured Cisco ACS for TACACS+ authentication and authorization.
Familiar with monitoring software's like Cisco LMS, Juniper NSM and Manage Engine (OP Manager, Netflow Analyzer and Device Expert).
Planning and implementation of systems & network devices hardening process.
Migrating Juniper Firewall configurations into NSM server, with cluster configurations, without down time.
Threat Analysis and Research, Security Intelligence Advisory service.
Websense - Web security gateway, Data Security (DLP) & Email Security Installation & migrati
Web Security administration for URL filtering based on IP address & Active Directory (DC agent) user based polices, Backups & Restore of data bases.
Configuration and maintain Checkpoint – Nortel Alteon firewall (6416) and checkpoint VSX 9070 firewall through Checkpoint R65 Management server & Cisco ASA 5520 IPS module through Cisco Security device manager.
Support and Management of PortWise SSL VPN, Symantec Bright mail Security, PGP-Encryption And Etc...
Managed the backbone device like Juniper ISG Firewalls and Cisco High end Switch 6509.
Configuration of Juniper ISG 1000 firewall and Sonicwall NSA 240 firewall for public data centre.
Configuration of Packet Shaper (Bluecoat 3500) for bandwidth allocation to servers at data centre and client PCs in NOC areas.
VLAN management on Nortel ERS L2/L3 Switches - 8100, ERS-8300 and ERS-8600 series.
ODC connected to one of the telecom testing company, through Redhat Linux Firewalls and OPENVPN.
CRM tool E- Help, and Bandwidth monitoring through MRTG.
Yearly Activity, Power shut down and maintains of Global Delivery Centre, as well other facilities.
Configuration of DDR with dialer profiles for ISDN as backup for leased line circuit.
3. Failover configuration, Hardware installation and configuration of PIX firewall 515E.
Extensive experience on network monitoring tools like Tivoli netview and Solar winds
Troubleshooting of Leased line, channelized E1 and ISDN problems.
BUSINESS AND RESOURCES IMPROVEMENT PLAN
Training and sharing of the technical and process details to the Service line resources (IBM / Wipro).
Part of new recourse selection Board and created/modified documentation for on boarding, off boarding process each accounts specific. (IBM / Wipro / Trimax)
Owner & Author of IBM internal Blog and forum on Infrastructure Protection, which initiated for a common platform for sharing knowledge between employees under our service line. (IBM)
Created and consolidated resource role improvement training materials available internally (IBM)
Remote Access VPN implementation on Check Point SBox-200. (for the employee flexibility )
Redesigned the network for two clients with exiting devices, to improve the performance and security.
Good experience and understanding on public Data centre infrastructure.
CHALLENGES AND COST CUTTING SOLUTION TO BUSINESS
Expertise in design and configuration bandwidth usage for billing system for shared Data centre on volume and speed.
Replaced brand router and firewall product with Linux machine using IP tables & untangle products for cost saving.
Playing key role in a bank network where it has a distributed wide area network which covers 500 branches across the country.
Coordinated, planned and migrated IDS devices into IPS Inline with signature tuning across the globe in expected time frame.
Coordinated, planned and upgraded routers IOS and Hardened over 20 remote locations within a period of One Month.
Coordinating with the Network Hardware vendors.
ISS Proventia Migration & implementation – Real sensor replacement with providential for Windows & Linux.
Nortel Core Switch’s Up-gradation without full outage.
Effective ODC segregation between labs (testing environments).
MAJOR PROJECTS
Implementation of a Public Data Centre (1.5Lacs Sq.ft) with virtualization and high availability.
IBM & Trimax - Duration: 9 Month Team Size: 12 Members Location: India
Setting up NOC & SOC Team along with onshore and off shore NOC room architecture to the Data Centre.
IBM & Trimax - Duration: 6 Month Team Size: 10 Members Location: Global
Coordinated, planned and Implemented / migrated network security devices across the globe in expected time frame along with business needs.
IBM, Wipro & Trimax - Duration: 1– 6 Months Team Size: 6 Members Location: Global
Designed and configured bandwidth usage for billing system for shared Data centre on volume and speed.
Wipro & Trimax - Duration: 1 Month Team Size: 2 Members Location: India
Redesigned the network for two clients with exiting devices, to improve the performance and security, according to the risk assessment.
Wipro & Trimax - Duration: 1 week Team Size: 2 Members Location: India
Configuration of site-to-site, Remote Access VPN with IPSec on different vendor firewalls.
Replaced brand router and firewall product with Linux machine using IP tables & untangle products for cost saving.
Played key role in a bank network where it has a distributed wide area network which covers 500 branches across the country.
Coordinated, planned and upgraded routers IOS and Hardened over 20 remote locations within a period of One Month.
PERSONAL DETAILS
Date of Birth : 30th May 1986
Marital Status : Married
Nationality : Indian
Communication Skills : English and Malayalam
Passport No : M0237945
NSR IT-Pin : 691034416708
LinkedIn : http://ae.linkedin.com/in/fintothomas/
Proffestinal Blog : http://infosecpt.blogspot.com
Reference will be provided upon request.