Summary
Overview
Work History
Education
Skills
Affiliations
Passport Details - Visa Status
Coursework
Certification
Timeline
Generic

RAJESH TRIPATHI

Cyber Security Consultant
London

Summary

IT professional with 19 years of experience developing and implementing security solutions in fast-paced environments. Skilled in GRC, Cloud Security , Application and Network Security with proven history of delivering exceptional risk management support.

Overview

22
22
years of professional experience
2
2
Certifications

Work History

Cyber Security Consultant

Marks and Spencer Plc
07.2018 - Current
  • Work with Product Owners across various portfolios to review cloud migration and new system designs to identify security risks and developing risk plans
  • Help to deliver operational services in Azure Cloud while maintain data confidentiality, availability and integrity complying to M&S Infosec Policy and Standards
  • Review the Azure Security Center Recommendations and work the Product Teams to implement the security recommendations
  • Work closely with the cyber security governance and compliance managers to walk through risks and define plan for mitigation and identify any compensating controls
  • Identify & progress Security initiatives to optimise & provide more efficient tooling, where feasible across DevSecOps
  • Help to define pen testing scope for applications which handle regulated data – PII / PCI / Financial Data
  • Review Network Firewall and software configuration changes and create exceptions to policies and standards where required for Governance approvals
  • Fostering a good security culture within the team and sharing best practices and creating patterns for data security in cloud
  • Good skills in writing security assessments and risk documents for both infrastructure and applications particularly in the Azure environment
  • Perform Threat modelling and identifying key security controls across identity & access management, Networking, encryption, and Event Management and adjusting them to meet projects cloud computing needs.
  • Recommend improvements in security systems and procedures.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Used critical thinking to break down problems, evaluate solutions and make decisions.

App Sec Delivery Lead and Build F5 Security Irules

Lloyds Banking Group
10.2014 - 06.2018
  • Detailed requirements understanding for irules and creation of Low level design document for iRules
  • Create a build and test plan based on the requirements
  • IRules build and Unit Testing using JTCL/TesTCL Unit testing framework
  • Release management using Git/Gerrit/Jenkins framework
  • Deployment of irules on f5 ltm and component integration testing
  • Defects management / fixing the irule defects and Change requests management.
  • Resolved problems, improved operations and provided exceptional service.
  • Worked effectively in fast-paced environments.
  • Served as lead developer for isolated team, leveraging Agile project management principles to deliver error-free technology components.
  • Revised, modularized and updated old code bases to modern development standards, reducing operating costs, and improving functionality.
  • Collaborated on stages of systems development lifecycle from requirement gathering to production releases.
  • Designed customized solutions for proposals to potential customers.
  • Documented technical workflows and knowledge to educate newly hired employees.

Infrastructure Lead

TCS SMB
12.2010 - 09.2014
  • Network Team Management as Lead, On boarding of new customers in Cloud Data Center, Hardware and Software Upgrade of Network Devices, New Vendor Products Evaluation, Vendor and Service Provider Liasioning, DC Security and Compliance Validation, Period Log Analysis
  • Conduct Vendor and staff meetings and discuss new devices deployment plans
  • SLA violation analysis with service providers on quarterly basis
  • Conduct Half yearly Team Appraisal
  • F5 iRules build for application security.
  • Troubleshot complex multi-vendor network service provider issues.
  • Provided complete end-to-end engineering and installation of route-based IP network solutions.
  • Provided detailed network diagrams and procedural guidelines.
  • Detected intrusion attempts and promptly responded to DDoS attacks.
  • Recommended options for disaster recovery and remote access security.
  • Assisted with implementation and support of network monitoring tools.
  • Created VPN infrastructure and allowed for secure remote connections.

Infrastructure Lead

Suncorp
10.2009 - 12.2010
  • Non functional requirement gathering for computing & Network platform sizing
  • Worked on the Networking and Server Security Requirements, Vulnerability Assessment using tools like nmap & Nessus
  • Created the platform network connectivity & security architecture using Cisco ASA, Checkpoint Firewalls & Tippingpoint IPS Appliances for the Oracle HRMS platform in Melbourne & Sydney Data Centers
  • Worked on CheckPoint and Sidewinder Firewall
  • Worked on Data Center Layer 2 & Layer 3 Network Design in accordance with Cisco Data Center Multi-Tier Design best practices
  • Worked on Disaster Recovery plan and DR site infrastructure design in coordination with Suncorp Business Continuity Management Teams
  • Designed the backup & replication strategy to meet the Suncorp RTO & RPO objectives Created the endpoint security design with McAfee VirusScan Enterprise & McAfee ePO for windows based servers
  • Worked on Tipping point IDS Log management solution with Tipping Point SMS.

Data Center Deployment Designer – Element Managers

Microsoft Corporation
01.2003 - 12.2006
  • Assessment of Non Functional requirements on 21C Element manager systems (Reliability, Resilience, Scalability, Security, Interoperability, Maintainability, Performance) from BT’s 21C Vendors for deployment in BT’s Network to manage the Edge network elements
  • Worked as DR/BCP Coordinator for the BT’s 21C Element Manager Systems Deployment Program
  • Worked on Risk Assessment for BT’s 21C Data Center Networks, created BCP/DR Strategy for 21C EMS systems Created the DR Site replication strategy with synchronous and Asynchronous replication modes over Fiber Channel Networks and IP based SAN networks Worked Capacity planning for future procurement and deployment of EMS by study of volumes in 21C Rollout, working on the On the Night project which deals with the test of network migration on the cutover nights
  • Liaison with Vendors of BT to disseminate the NFR requirements and planning the deployment schedule at Data centers
  • Analyzing critical systems in the network, creating Business Impact documents, presenting to the clients Designed the monitoring solution for live site servers to report in events of failures or events of security breaches
  • Worked on the Datacenter AntiVirus and Patch Management Solution with HP Radia & Novadigm products.Build of windows server through RIS, Symantec Ghost or CD install
  • Configuration of DNS, DHCP, Active Directory, Domain Controller and other Services Automated the Loading of patches and service packs for testing them Run Functional/Non Functional regression tests on the new binaries from the patches, through WTT Tools (Windows Testing Technology) from MS
  • Check for the functional and performance issues on the servers for memory leak, high CPU usage and Network usage
  • File bugs for new issues on MS Product studio Worked with MS FTE’s at Redmond for resolving the new issues
  • Analyze and created new test cases in VB & WMI Scripts for security/performance issues reported by MS Clients
  • Create weekly tasks and assigned worked to subordinates
  • Conducting Knowledge Management Sessions for new Joinees in the Team.

Graduate Engineer Trainee

Emerson Network Power (I) Pvt. Ltd.
01.2002 - 06.2003
  • Quality Check for Single Phase and Three Phase Transformers
  • HV Insulation Testing, No Load and Short Circuit Testing
  • Production Floor Staff Work Stack Management
  • Educating Vendors on issues found with raw materials and suggesting potential correction steps needed.

Education

bachelor’s in electrical engineering -

University of Mumbai

Skills

TCL Language Hands-on

Wintel

Compliance Management

Firewall Management

Application Security

Intrusion Detection

Network Security

Privacy Regulations

Business Continuity

Data Protection

Network Protocols

Network Security Management

Risk Assessment

Security Needs Assessment

Information Protection

Security Assurance

Affiliations

ISC2, CISSP - 00014320

Passport Details - Visa Status

TIER2 ICT –Expiring March 2024. Need Visa Sponsorship

Coursework

  • B.E Electrical, Mumbai, University of Mumbai, 07/1997, 06/2001
  • HSC, Mumbai, Maharashtra Board, 06/1996, 06/1997
  • SSC, Mumbai, CBSE, 06/1994, 05/1995

Certification

CISSP - Certified Information System Security Professional

Timeline

Cyber Security Consultant

Marks and Spencer Plc
07.2018 - Current

App Sec Delivery Lead and Build F5 Security Irules

Lloyds Banking Group
10.2014 - 06.2018

Infrastructure Lead

TCS SMB
12.2010 - 09.2014

Infrastructure Lead

Suncorp
10.2009 - 12.2010

Data Center Deployment Designer – Element Managers

Microsoft Corporation
01.2003 - 12.2006

Graduate Engineer Trainee

Emerson Network Power (I) Pvt. Ltd.
01.2002 - 06.2003

bachelor’s in electrical engineering -

University of Mumbai

Similar Profiles

CREATE PROFILE
RAJESH TRIPATHICyber Security Consultant