Onkar Jog, Developer in Mississauga, Canada
Onkar is available for hire
Hire Onkar

Onkar Jog

Verified Expert  in Engineering

Security Engineer and Developer

Location
Mississauga, Canada
Toptal Member Since
December 30, 2022

Onkar is a network, endpoint, information, and cybersecurity professional with over 13 years of industry experience. He's worked on Zero Trust Network Access (ZTNA), security service edge (SSE), security information and event management (SIEM), security orchestration, automation and response (SOAR), endpoint detection and response (EDR), and network detection and response (NDR). Onkar is an expert in SWG, CASB, and DLP administration.

SecuritySecOpsNISTVulnerability ManagementInformation SecurityUnified Threat Management (UTM)FirewallsEndpoint SecurityWeb SecurityThreat IntelligenceThreat AnalyticsCloud SecurityCloudData Loss Prevention (DLP)CybersecurityIncident ResponseZero TrustSOARSecurity Operation Center (SOC)Incident Response

Portfolio

Teranet
Incident Response, Information Security, Cybersecurity, Zero Trust...
Sirius Computer Solutions
Incident Response, Cybersecurity, SIEM, Security Orchestration, Automation...
NTT
Cybersecurity, Information Security, SIEM, Firewalls...

Experience

IT Security - 10 yearsSecurity Operations Centers (SOC) - 8 yearsNetwork Security - 6 yearsCISSP - 6 yearsIncident Response - 5 yearsSIEM - 5 yearsSecurity Orchestration, Automation, and Response (SOAR) - 4 yearsZero Trust - 3 years

Availability

Part-time

Preferred Environment

SIEM, Incident Response, Threat Intelligence, Security Orchestration, Automation, and Response (SOAR), Cybersecurity, Zero Trust, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), Network Security

The most amazing...

...project I've developed is a SOAR workflow to fully automate the analysis of reported phishing emails saving several hours of daily manual work.

Work Experience

Senior Security Specialist

2020 - PRESENT
Teranet
  • Implemented a secure access service edge (SASE) solution to operationalize the idea of Zero Trust through user and entity behavior analytics (UEBA), posture assessments, and adaptive multi-factor authentication (MFA).
  • Administrated other features of the SASE solution, such as a cloud access security broker (CASB), secure web gateway (SWG), and data loss prevention (DLP), which are the pillars of an effective Zero Trust strategy.
  • Worked on implementing ZTNA to control the access to the company's in-house applications from users worldwide and centrally enforce access policies.
Technologies: Incident Response, Information Security, Cybersecurity, Zero Trust, Security Orchestration, Automation, and Response (SOAR), Web Security, CISSP, IT Security, Security, Cloud Security, MITRE, Azure, NIST, Automation, Threat Analytics, Certified Information Systems Security Professional, APIs, Vulnerability Management, SecOps, Cloud, Zero Trust Network Access (ZTNA)

Senior Security Consultant

2018 - 2020
Sirius Computer Solutions
  • Performed incident response and threat-hunting activities using SIEM, EDR, NDR, sandboxing tools, and available log sources.
  • Investigated security incidents using cyber kill chain references, Open Web Application Security Project (OWASP) data, and NIST, SANS, and MITRE ATT&CK frameworks.
  • Created new SOAR workflows and enhanced the existing ones.
  • Gathered threat intelligence with open-source intelligence (OSINT) resources, using them with existing tools to detect and prevent security threats and collect information about recently disclosed vulnerabilities and exploits.
Technologies: Incident Response, Cybersecurity, SIEM, Security Orchestration, Automation, and Response (SOAR), Threat Intelligence, Information Security, Security Operations Centers (SOC), Unified Threat Management (UTM), Network Security, Web Security, CISSP, IT Security, Security, Cloud Security, MITRE, NIST, Splunk Enterprise Security, User Behavioral Analytics (UBA), Python, Certified Information Systems Security Professional, APIs, Vulnerability Management, SecOps, MITRE ATT&CK

SOC Team Lead

2015 - 2018
NTT
  • Configured vulnerability and threat prevention profiles. Tuned intrusion prevention system and intrusion detection system (IPS/IDS) signatures and IPsec site-to-site and SSL remote access VPNs.
  • Supervised and troubleshot high-priority firewall issues and executed complex firewall, IPS, and IDS-related change requests.
  • Administered the configuration and policies of Blue Coat proxy devices.
  • Carried out the addition, deletion, and modification of security policies, security profiles, Network Address Translation, and routing changes on customer security devices.
Technologies: Cybersecurity, Information Security, SIEM, Firewalls, Unified Threat Management (UTM), Network Security, CISSP, IT Security, Security, Splunk Enterprise Security, Certified Information Systems Security Professional, SecOps

Senior Consultant

2009 - 2015
Capgemini
  • Managed firewalls, IPS/IDS devices, DNS/DHCP and Syslog servers, monitoring tools, NetFlow analyzers, and systems based on authentication, authorization, and accounting (AAA), such as Cisco TACACS+ and RADIUS servers.
  • Designed and configured network routers, switches, wireless access points, and VoIP telephony devices for new office setups comprising 100 to 5,000 users in Capgemini's Benelux and Nordic regions.
  • Participated in patching and upgrading network and security devices.
Technologies: Information Security, Network Security, Firewalls, CISSP, Security

Deployment and Implementation of a SASE Solution for Zero Trust

I participated in deploying and implementing a SASE solution to operationalize the idea of Zero Trust through UEBA, posture assessments, and adaptive MFA. I also enabled other features of the SASE solution, such as a CASB, SWG, and DLP—the pillars of an effective Zero Trust strategy. Finally, I implemented ZTNA to control access to the company's in-house applications from users anywhere in the world and centrally enforce access policies.

Security Operations Center (SOC) Development

I participated in building a SOC for our company, which involved deploying and implementing a SIEM solution and integrating different log sources with the solution. I supervised and collaborated with the SOC team to investigate, tune, and respond to security events and incidents. I also worked on the creation of SOAR workflows to automate manual tasks in the incident response process. Finally, I procured and implemented a threat intelligence solution for the SOC.
2005 - 2009

Bachelor's Degree in Computer Engineering

University of Mumbai - Mumbai, India

JUNE 2022 - PRESENT

ExtraHop Administrator Certification

ExtraHop

FEBRUARY 2022 - PRESENT

The Secure Access Service Edge (SASE) Accreditation

Netskope

AUGUST 2021 - PRESENT

GIAC Certified Incident Handler (GCIH)

SANS Institute

JUNE 2020 - PRESENT

IBM Certified Security Administrator – QRadar SIEM

IBM

AUGUST 2019 - PRESENT

Palo Alto Networks Certified Network Security Engineer

Palo Alto Networks

JUNE 2019 - PRESENT

CrowdStrike Falcon Host Certified

CrowdStrike

NOVEMBER 2018 - PRESENT

Blue Coat ProxySG Administrator

Symantec

DECEMBER 2017 - PRESENT

Certified Information Systems Security Professional (CISSP)

(ISC)²

JUNE 2016 - PRESENT

CompTIA Security+

CompTIA

DECEMBER 2015 - PRESENT

Certified Vulnerability Specialist

Qualys

Languages

Python

Paradigms

Security Orchestration, Automation, and Response (SOAR), Automation, User Behavioral Analytics (UBA)

Industry Expertise

Network Security, Cybersecurity

Platforms

Azure

Other

Zero Trust, Security Operations Centers (SOC), CISSP, IT Security, Security, SecOps, SIEM, NIST, MITRE, APIs, Vulnerability Management, Endpoint Security, Web Security, Certified Information Systems Security Professional, Incident Response, Threat Intelligence, Information Security, Firewalls, Threat Analytics, Unified Threat Management (UTM), Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), Splunk Enterprise Security, Cloud Security, Cloud, MITRE ATT&CK, Zero Trust Network Access (ZTNA)

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring