Primary Cisco ISE (Identity Services Engine) & Network Access Control (NAC): Deploy, configure, and manage Cisco ISE for Network Access Control (NAC). Implement 802.1X authentication, RADIUS/TACACS+, and posture based access control. Integrate Cisco ISE with Active Directory (AD), MFA, and endpoint security solutions. Design policy based access control (RBAC) for wired, wireless, and VPN networks. Ensure compliance with Zero Trust Architecture (ZTA) and Least Privilege Access. Firewall Security (Fortinet FortiGate & Palo Alto): Configure and manage Fortinet FortiGate and Palo Alto (PAN OS) firewalls to secure network traffic. Implement firewall policies, IPS/IDS, threat prevention, and advanced security features. Deploy SSL/TLS decryption, URL filtering, and anti malware protection. Manage VPN (IPsec, SSL VPN) and site to site connectivity for secure remote access. Optimize firewall performance and conduct regular security audits. Fortinet FortiManager (FMG) & FortiEMS (Endpoint Management Server): Centralize Fortinet firewall policy management and automation using FortiManager. Manage and deploy configuration templates, policies, and firmware upgrades. Oversee Fortinet Endpoint Security Management (FortiEMS) for FortiClient deployment, Zero Trust Network Access (ZTNA), and endpoint security posture enforcement. Integrate FortiEMS with Cisco ISE for endpoint compliance checks and automated responses. Security Monitoring & Incident Response: Monitor firewall logs, Cisco ISE logs, FortiAnalyzer, and SIEM solutions (Splunk, ELK, Sentinel) for threats. Investigate security incidents, apply mitigation strategies, and perform root cause analysis. Collaborate with SOC teams to proactively manage security alerts and breaches. Automation & Compliance: Automate security, NAC, and firewall configurations using Terraform, Ansible, or scripting (Python, Bash). Ensure compliance with ISO 27001, NIST, PCI DSS, GDPR, and other regulatory standards. Perform regular security assessments, penetration testing, and policy enforcement.
