Anuj Pratap, Developer in Delhi, India
Anuj is available for hire
Hire Anuj

Anuj Pratap

Verified Expert  in Engineering

IT Security Developer

Location
Delhi, India
Toptal Member Since
March 30, 2023

Anuj is an accredited IT security professional with 14+ years of hands-on and academic experience. As a security operations center manager, he has gained extensive knowledge of network security implementation, deployment, configuration, and support. Anuj's areas of expertise are next-generation firewalls, load balancers, IPsec VPN, vulnerability assessment, network intrusion prevention systems (IPS/NIPS), cloud security solutions, solution documents, and high- and low-level designs.

System AdministrationFirewallsVulnerability ManagementCiscoCheck PointCloud SecurityCloudApplication SecuritySingle Sign-on (SSO)SonicWallSecurityNetwork SecurityAzure Cloud ServicesAWS IAMFortinet Firewall ConfigurationNetwork Access Control (NAC)Zero TrustCisco Network DevicesCybersecurityCisco RoutersCisco SwitchIPsecPalo Alto FirewallsAzure SecurityProxy

Portfolio

BT Group
Firewalls, Palo Alto Networks, Load Balancers...
HCL Technologies
Checkpoints, ASA Firewalls, F5 Networks, IPsec, BlueCoat Proxy, Websense...
Accenture
ASA Firewalls, Cisco, Cisco Routers, Cisco Switches, LAN, WAN...

Experience

Checkpoints - 12 yearsFirewalls - 10 yearsIPsec - 9 yearsLoad Balancers - 8 yearsPalo Alto Networks - 8 yearsVulnerability Management - 7 yearsAzure Cloud Services - 4 yearsAWS Cloud Architecture - 4 years

Availability

Full-time

Preferred Environment

Intrusion Prevention Systems (IPS), Load Balancers, AWS Cloud Architecture, Azure Cloud Services, Palo Alto Networks, Checkpoints, Firewalls, Antivirus Software, Zero Trust, SonicWall

The most amazing...

...opportunity I had was to design and configure layers of cybersecurity solutions, implement industry best practices, and conduct thorough security audits.

Work Experience

Cyber Security Consultant

2013 - PRESENT
BT Group
  • Migrated the customer data center next-generation firewall (NGFW) from Juniper SRX to Check Point R81 firewall.
  • Contributed to a migration project of a customer data center's load balancer from Cisco ASE to F5 BIG-IP Local Traffic Manager (LTM).
  • Deployed Check Point and Palo Alto firewalls on the Azure cloud.
  • Managed a vulnerability assessment cycle and worked with the application and server teams to remediate all identified vulnerabilities.
  • Designed and implemented the Cisco FTD 4145 and ASA firewalls.
  • Handled a Fortigate 3000 firewall, firewall rules, interface configuration, and VDOM creation and management.
Technologies: Firewalls, Palo Alto Networks, Load Balancers, Security Operations Centers (SOC), Intrusion Prevention Systems (IPS), IPsec, Proxy Servers, Network Security, Check Point, TCP/IP, ISO 27001, Information Security Management Systems (ISMS), IT Security, Networks, Azure, Azure Active Directory, Vulnerability Assessment, Netskope, Cisco, Fortinet Firewall Configuration, IDS/IPS, Antivirus Software, Zero Trust, Cisco Networking, Cisco LAN/WAN, Data Center Management, VXLAN, Amazon Web Services (AWS), Application Security, Vulnerability Management, Single Sign-on (SSO), SonicWall, Google Cloud Platform (GCP), VPN, Managed Security Service Providers (MSSP)

Security Track Lead

2009 - 2013
HCL Technologies
  • Acted as the project lead. Managed the customer network security environment and worked with customers to streamline business operations and deployed new security solutions.
  • Provided managed security service for multiple accounts. Managed a team of five Level 2 security engineers.
  • Delivered several network security projects, like 14 Checkpoint firewall updates, 8 IPSec VPN tunnels set up across the globe, Deployed BlueCoat Proxy solution, UAT testing, etc.
Technologies: Checkpoints, ASA Firewalls, F5 Networks, IPsec, BlueCoat Proxy, Websense, Network Security, Check Point, TCP/IP, Information Security Management Systems (ISMS), IT Security, Networks, Palo Alto Networks, IDS/IPS, Cisco Networking, Cisco LAN/WAN, Data Center Management, VXLAN, Single Sign-on (SSO), SonicWall, VPN, System Administration, Managed Security Service Providers (MSSP)

Network Engineer

2007 - 2009
Accenture
  • Worked as part of the Accenture India LAN/WAN team.
  • Upgraded Cisco router and switches IOS firmware. Replaced faulty IT network hardware appliances and configured new replacement devices from scratch.
  • Involved in implementing and configuring innovative solutions such as Cisco routers, switches, and Cisco PIX firewalls.
Technologies: ASA Firewalls, Cisco, Cisco Routers, Cisco Switches, LAN, WAN, Incident Management, Change Management, IT Operations Management (ITOM), Cisco Networking, Cisco LAN/WAN, Network Engineering, VPN, System Administration, Managed Security Service Providers (MSSP)

Design and Deployment of Security Solutions for Data Centers

This project aimed to construct 10 data centers across India. As a cybersecurity manager, I oversaw the entire process, from solutioning to design, implementation, and integration. We designed data centers and implemented cybersecurity solutions. I also played a key role in end-to-end design and deployment.

SASE and Zero Trust Solution

I collaborated with several original equipment manufacturers (OEMs), including Palo Alto Prisma, VMware, Cato Networks, and Fortinet, to develop their secure access service edge (SASE) solutions. During this project, I identified the benefits, risks, and use cases of zero trust network access (ZTNA). Additionally, I discovered use cases for continuous trust verification and continuous security inspection within the context of ZTNA.

Baseline Standards for Cisco Routers, Switches, and Firewalls

I created baseline and best practices documentation for Cisco routers and switches and Check Point and Palo Alto firewalls. The goal was to comply with ISO audit requirements for hardware, software, and configuration. I communicated with the customer multiple times and reviewed all of the solution configurations. I also collaborated with the change management team to ensure they were up-to-date with the new baseline standards.

Perimeter Next-generation Firewall Design and Implementation

This project involved designing and implementing a complete end-to-end next-generation perimeter FortiGate firewall into the customer's primary and secondary data centers.

ACCOMPLISHMENTS
• Design documentation for the high and low levels of the firewall.
• Performed the initial firewall configuration—POST—and interface settings.
• Configured firewall objects and rule bases.
• Integrated the FortiManager firewall.
• Managed several VDOM setups.
• Performed troubleshooting.

Azure ExpressRoute and IPsec VPN Tunnels Setup

This project was the first step towards establishing client IaaS on Azure Cloud. We established a connection between the customer's primary and secondary data centers using Azure ExpressRoute and IPsec VPN tunnels.

Furthermore, we migrated Check Point CloudGuard firewalls and NSG groups based on workloads.

Vulnerability Assessment and Penetration Testing

As part of this project, I managed the full vulnerability management cycle for the customer's Data Centre infrastructure. There were 26 public websites, 32 internal websites, around 30 public IP addresses, and 271 internal customer assets. In addition, I collaborated with the application/server team to address any detected issues. I used Nessus and Burp Suite as tools.

Netskope Proxy

In this project, I managed Netskope cloud-based proxy solutions. My work included overseeing the entire proxy solution and process, from solutioning to design, implementation, and integration. I also reviewed the Netskope policy design and day-to-day activities.

CONTRIBUTIONS
• Policy creation
• Collaboration with end users
• Configuration
• Troubleshooting

Upgraded Cisco Firewall Active/Active Failover Configuration and Context Management

This project involved upgrading ASA5555-x Cisco firewall devices in HA failover from 9.4(4)5 to 9.6(3).1. 

FEATURES
• No-downtime capability
• User application testing
• Failure analysis
• Firewall configuration verification

Firewall Migration - Cisco ASA to Palo Alto

This project was to replace the client datacenter existing Cisco ASA firewall with the Palo Alto firewall.

DUTIES
• Design
• Review
• Implementation
• Software upgrade
• Integration with Panorama
• ACL, NAT rules configuration
2019 - 2020

Post Graduate Diploma in Information Security in Information Security

Indira Gandhi National Open University - Delhi, India

2006 - 2009

Bachelor's Degree in Telecommunications

University of Rajasthan - Jaipur, Rajasthan, India

2000 - 2003

Engineering Diploma in Electronics and Communication Engineering

Board of Technical Education - Delhi, India

AUGUST 2023 - PRESENT

Foundations of Cybersecurity

Google | via Coursera

SEPTEMBER 2022 - PRESENT

Vulnerability Management

Qualys

AUGUST 2022 - PRESENT

Vulnerability Management Detection and Response (VMDR)

Qualys

AUGUST 2022 - PRESENT

Vulnerability Management - Foundation

Qualys

NOVEMBER 2021 - PRESENT

AZ-500: Microsoft Azure Solutions Architect Expert

Microsoft Azure

JULY 2021 - PRESENT

AZ-303: Microsoft Azure Architect Technologies

Microsoft Azure

APRIL 2018 - PRESENT

Certified Information Systems Security Professional (CISSP)

(ISC)²

SEPTEMBER 2015 - SEPTEMBER 2018

Palo Alto Networks Certified Network Security Engineer (PCNSE)

Palo Alto Networks

FEBRUARY 2015 - FEBRUARY 2017

Check Point Certified Security Expert (CCSE)

Check Point

NOVEMBER 2013 - NOVEMBER 2016

Cisco Certified Network Professional Security

Cisco

NOVEMBER 2010 - NOVEMBER 2013

Cisco Securing Networks with ASA Advanced

Cisco

Tools

VPN, AWS IAM, Websense

Other

Firewalls, IPsec, Load Balancers, CCNA Security, Checkpoints, Vulnerability Management, Network Engineering, System Administration, Managed Security Service Providers (MSSP), Intrusion Prevention Systems (IPS), AWS Cloud Architecture, Palo Alto Networks, Cisco, Security, Data Security, Security Engineering, Network Access Control, Check Point, TCP/IP, Information Security Management Systems (ISMS), IT Security, Networks, Cloud, Cloud Security, Netskope, IDS/IPS, Cisco Networking, Data Center Management, Application Security, Single Sign-on (SSO), SonicWall, Digital Electronics, Digital Transmission, Advanced Physics, Applied Mathematics, Disaster Recovery Plans (DRP), Security Operations Centers (SOC), Microsoft Azure Cloud Server, Proxy Servers, Applied Physics, Digital Communication, ASA Firewalls, Cisco Routers, Palo Alto Prisma Cloud, Azure Cloud Security, Next-generation Firewall, F5 Networks, BlueCoat Proxy, ISO 27001, FortiGate, Fortinet Firewall Configuration, Cisco Switches, LAN, WAN, Incident Management, IT Operations Management (ITOM), Business Continuity Planning (BCP), Security Audits, Vulnerability Assessment, Vulnerability Identification, Content Filtering, Antivirus Software, Zero Trust, Cisco LAN/WAN, VXLAN, Zero Trust Network Access (ZTNA)

Platforms

Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP)

Storage

Azure Cloud Services, Azure Active Directory

Industry Expertise

Network Security, Cybersecurity

Languages

Python, C++

Paradigms

Change Management

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring