"Network & Perimeter Security: Firewalls (Palo Alto, Fortinet, Cisco ASA/FTD), IDS/IPS, NAC (Cisco
ISE, Aruba), proxy, WAF, DDoS mitigation.
- Network Segmentation: VLAN design, micro-segmentation (VMware NSX, Cisco ACI), SD-WAN
security, SDN.
- OT / ICS Security: Purdue Model, ISA/IEC 62443, OT network monitoring (Claroty, Dragos, Nozomi),
protocol gateways.
- Cloud Security: AWS Security Hub, Azure Defender, GCP SCC; CSPM (Wiz, Prisma Cloud); CWPP;
CNAPP.
- Identity & Access: Zero Trust / ZTNA, IAM, PAM (CyberArk, BeyondTrust), MFA, federation (SAML,
OIDC).
- Endpoint & Detection: EDR/XDR (CrowdStrike, SentinelOne), SIEM (Splunk, Microsoft Sentinel),
SOAR.
- Application Security: DevSecOps, SAST/DAST, API security, threat modelling, OWASP Top 10.
- Data Security: Encryption (TLS, PKI), DLP, tokenisation, secrets management (HashiCorp Vault,
AWS KMS).
- Frameworks: NIST CSF, ISO 27001/27002, MITRE ATT&CK, CIS Controls, IEC 62443, DPDP Act,
RBI cyber frameworks."