Monika Tewari

Experience

• 

  WatchGuard Technologies

  Jul 2006 - Oct 2011

  Sr. Technical Analyst

  - Provided Technical support: Watchguard firewalls such as XTM mail firewall, Firebox for VPN, HTTP/HTTPS, Data packets, Policies and XCS Firewall to comply with the security policies. Daily duties included installation of new releases, testing new functionality to determine bugs, reporting defects with high attention to details and accuracy in a timely fashion. - Performed network security health checks and implemented custom security policies and Intrusion Prevention for Risk mitigation. - Modified Endpoint detection rules: updated ACL, block lists, IP heuristics and etc.- Assisted in securing customer environments by providing Threat Prevention, Zero day Threat Protection, Kasperesky for AntiVirus, SurfControl categorization, SSL Encryption through Verisign, Cisco PostX mail encryption, specific custom rules manipulation and creation of custom Access control list, whitelisting and black listing by IPs and DNS names and etc.- Logged into customer environments from backend to monitor logs and used UNIX shell scripting to customize existing Cron jobs and scripts to users requirements.- Assisted with configurations of network interfaces, proxies, Direct Packet rules, Exchange Plug-in, Active Directory, Ldap, Quarantine server, Cluster administration, HALO, Centralized Management, load balancer, setup Outlook Web Authentication, Remote Authentication, Queue Replication, SMTP mail delivery with zero delay, and Web URL categorization. Tweaked FW rules to allow for large sized email pass through.- Created Power point presentations to train coworkers, partners and resellers with proper testing demonstrations. - Performed TCP dumps, binary captures to monitor network traffic using Ethereal and Wireshark. Show less

• 

  Symantec

  Oct 2011 - Nov 2019

  SQA Engineer

  - Updated WebSecurity Portal through the secure cloud services provided by AWS. Key responsibilities were to ensure latest builds are working as expected and up to date; double check using SPLUNK and report generation- Deployed proprietary SCIM server (manages users) on AWS using DOME9 security groups.- Daily activities: verification of components using AWS stack creation, cloud formation, auto scaling, Elastic Beanstalk, Elastic Cache, and RDS.- Deployed windows servers on AWS such as WIN server, created a DC in Server Manager, installed WSS Symantec product called AuthConnector on AD to provide user/group information to WSS for policy enforcement. - Used QTest Manager and HP Quality Center to manage Software Development Life cycle (SDLC). - Tested user authentication: SAML authentication, SSO with 3rd party IDPs such as MS Azure, Okta, Active Directory, and Symantec AuthConnector using SCIM server to store the user/group information.- Worked on FedRamp project which required Secure Private cloud environment to the Government, followed GDPR guidelines for risk mitigation- Troubleshoot networking issues: DNS in VMs, monitor logs in Linux/Unix for Cloud testing, DB records/backups, ensure Threat Protection, signature updates, HTTP/HTTS traffic, virus scanning and run MySQL queries for data logs used for report generation and scheduled log deletion.- Worked in Agile and lead some projects independently by creating Test Plan/Results, Use Cases and tested softwares such as Smart Connect VPN client for Remote Auth, SSL Encryption, and Configuration Builder for distribution of new security Signatures to all servers, Rulespace Categorization, Squid CSP etc. Show less

• 

  Broadcom Inc.

  Nov 2019 - now

  R&D Quality Engineer at Broadcom

  - Provide Continuous delivery by using Jenkins pipeline to deploy Cloud WebSecurity on Google Platform- Use tools such as Splunk, Pulse Secure Virtual Traffic Manager, Linux workstation, bastion connections to the GCP VM instances to ensure deployment is successful.- Automate Test Scenarios using pytest; use Robot framework and Pycharm as IDE.- Validate production issues; document OPS upgrade steps.- Assist in Application Threat Analysis using the OWASP top 10 model to help find vulnerabilities in REST APIs; also test API integrations using SOAP API, Chrome developer tools, Burpsuite, and Jconsole.- Work in Agile environment and engage is daily team standups, discuss new fixes, improvements/changes, and assist with customer problems and production issues. Show less