Kanwaljeet Singh
Verified Expert in Engineering
Cloud Security Architect and Developer
Delhi, India
Toptal member since January 31, 2023
Kanwal is a cloud security architect with over a decade of experience with Azure, IT security operations, security information and event management (SIEM), information security, and vulnerability management. His expertise is backed by various cybersecurity certifications from vendors such as ISC2, Microsoft, Cisco, and Palo Alto Networks. Kanwal is currently working on projects related to the cloud and cybersecurity.
Portfolio
Experience
Availability
Preferred Environment
Cloud Security, Cybersecurity, Security, Infrastructure, IT Security, Vulnerability Management
The most amazing...
...projects I've delivered include building a design, developing a strategy, and migrating business-critical workloads from an on-premise data center to the cloud.
Work Experience
Chief Cloud Security Architect
A Company in the Electronics Field
- Designed a secure defense-in-depth, zero-trust cloud architecture to migrate critical business applications from on-premises to the cloud. Supported implementation teams during the cloud infrastructure implementation and application migration.
- Migrated a gateway stack in the US, Europe, and Asia data centers to a highly available Palo Alto-based zero-trust network architecture.
- Headed the security assessment of all gateway stacks globally to ensure secure entries into the organization network.
- Worked on cloud security compliance tools to ensure the cloud architecture conforms to industry regulations.
- Developed a high-level design (HLD) and low-level design (LLD) based on business requirements and liaised with architecture and security teams based in France to implement the new design.
- Provided design and expert technical support for engineering network security solutions based on recognized standards and best practices.
- Prepared reports on key compliance and operational metrics for security infrastructure.
- Performed periodic security assessments of firewalls, routers, switches, VPNs, SSL concentrators, and other network security configurations.
- Analyzed client requests (RFP, RFQ, RFI, etc.) to understand technical requirements, schedules, and other matters of the projects.
- Collaborated with other SMEs in Europe on all matters relating to ST service, product, compliance, and legal agreements.
Senior System Administrator
Emind Learning Software Services Private Limited
- Implemented an IDS/IPS system in the California data center to monitor and block hacking and cyberattack attempts.
- Tracked and fine-tuned the IDS signatures to ensure a minimum number of false positives.
- Collaborated with a compliance manager to ensure a successful data center audit.
- Performed security reviews to mitigate security issues.
Network Engineer
HCL Infinet
- Delivered a project for a customer to connect 100 branch offices to headquarters using a secure infrastructure comprising of Cisco routers, Sonicwall firewalls.
- Delivered a project for Bose to allow secure connectivity from their branch offices to their headquarters in the US using a secure infrastructure.
- Headed a project to set up an offshore call center for customer support calls.
- Performed a technology refresh of the Gateway stack successfully from Cisco ASA to SonicWall firewalls.
Network Engineer
Primenet Global
- Developed the HLD and LLD for ISP infrastructure implementation to provide secure connectivity to various customers.
- Participated in implementing the ISP infrastructure from scratch, including border gateway protocol (BGP) that was peered with multiple ISPs.
- Prepared a traffic monitoring solution to give visibility to customers and businesses on traffic utilization.
- Procured an autonomous system number and IP address space from the Asia Pacific Network Information Center (APNIC).
Experience
Secure Cloud Infrastructure
Migrated 35000 Remote Access Users to a One-time Password Solution
Integration of Remote Access Service with Azure MFA
Integration of On-Prem AD with Azure AD
Technology Refresh of an Internet Gateway Stack
Certifications
Microsoft Azure Security Engineer Associate (AZ-500)
Microsoft
Palo Alto Certified Network Security Engineer (PCNSE)
Palo Alto Networks
Certified Information Systems Security Professional (CISSP)
ISC2
Cisco Certified Network Professional (CCNP) – Security
Cisco
Skills
Tools
VPN, IBM QRadar, Sentinel, Azure Network Security Groups, Prisma, Terraform
Platforms
Azure, Burp Suite, QualysGuard, Amazon Web Services (AWS)
Industry Expertise
Network Security, Cybersecurity
Paradigms
Penetration Testing
Storage
Database Security, Azure Active Directory
Languages
Python
Frameworks
Windows PowerShell, WebApp
Other
Certified Information Systems Security Professional, Palo Alto Networks, Cloud Architecture, Cloud Security, IPsec, Web Application Firewall (WAF), Security, Architecture, Network Engineering, Antivirus Software, Application Security, Routing, IDS/IPS, Border Gateway Protocol (BGP), Infrastructure, IT Security, Azure Cloud Security, Monitoring, Cisco Routers, Cisco, Open Shortest Path First (OSPF), Check Point, Vulnerability Management, Web Security, Data Loss Prevention (DLP), ASA, Networks, Dynamic Routing, SAML-auth, SonicWall, Fortinet Firewall Configuration, ASA Firewalls, Networking, Firewalls, Cyberattacks
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring