Ahmad Barhoush

• Responsible for implementing and supporting FileCloud solutions, including designing, architecting, and deploying FileCloud (Redhat) environments integrated with client infrastructure. Built and managed MongoDB backends DB, Apache Solr for indexing, reverse proxy HAProxy and web tiers using Apache, configured, and integrated FileCloud with multiple storage types such as NAS, SAN block storage, and object storage (S3-compatible solutions). Configured storage access over NFS, CIFS/SMB protocols.
• Simulated and validated a proof of concept (POC) proxy-to-proxy by building a replica architecture for an air gapped environment, integrating F5 BIG-IP to HAProxy to FileCloud. Successfully deployed and implemented the solution in the customer’s production environment.
• Designed a highly available Proxmox cluster hosting FileCloud, leveraging CephFS as a backend storage to ensure fault tolerance, scalability, and continuous service availability.

• Designed and implemented a High-Availability Zabbix system across multiple sites, for traffic distribution and MariaDB Galera Cluster for database replication and fault tolerance. Configured redundant Zabbix Front End and Server components at Site A and Site B to ensure continuous service availability and automated failover.
• Designed and implemented a multi-site active/active architecture for Paperless-NGX, leveraging MariaDB Galera Cluster for synchronous database replication and GlusterFS for distributed, fault-tolerant file storage and ZFS on storage nodes to support future disk expansion.
• Deploying and configuring Cisco DUO Authentication Proxy, Access Gateway, and Network Gateway to enable secure two-factor authentication and integrate it with IT infrastructure SAML, OAuth, SCIM and LDAP.
• Designed and deployed ISC DNS BIND for internal and external domains and efficient DNS resolution for enterprise networks. Configure zone management and DNSSEC implementation.
• Designed and deployed Microsoft Active Directory Domain Controller, including configuration of Organizational Units (OUs), Group Policy Objects (GPOs), and user and service account management. Coordinated and integrated LDAP with hosted services and implemented and managed a Microsoft PKI (Public Key Infrastructure), including Certificate Authority (CA) setup, certificate issuance.
• Deployed and configured Nextcloud for real-time collaboration and file sharing, integrated with TURN server and Spreed signaling server as HPB and secure WebRTC calls.
• Deploying and configuring Qualys Vulnerability Management (VM) and Policy Compliance (PC) modules, integrating them with IT infrastructure and automating scans.
• Designed and implemented a real-time Change Data Capture (CDC) pipeline using Debezium, Kafka, and ClickHouse for efficient data streaming.
• Deployed and configured Cisco ACI Multi-Site architecture using Nexus Dashboard Orchestrator (NDO), integrating multiple ACI sites to provide centralized policy management and scalable multi-site connectivity.
• Deployed and configured Keycloak SSO and Samba AD and integrated with Client’s infrastructure.
• Implemented Infrastructure as Code (IaC) using Terraform to automate provisioning and management of infrastructure resources.
• Deployed and managed cloud infrastructure on Amazon Web Services (AWS), configuring compute, networking, and storage services to support scalable application deployments.

• Domain controller Active Directory deployment (OU's database, user and services account’s management, coordinates and integrates LDAP with hosted services, generate CA and maintain PKI certificates).
• NAC Cisco ISE (create shells/generic, profiles, command sets, access policies for RADIUS and TACACS+ AAA integration with other services and network devices).
• Hyperconverged infrastructure Cisco HyperFlex and VMware Vcenter ESXi hosts (Deploy, configure, clone, and manage virtual machines, configure standard switch, port group, VDS, VLANs, and security features, affinity rules, DRS Cluster, resource pools, VMotion migration, build servers, iSCSI, Data storage, and other related infrastructure).
• A10 Load balancer (interface configuration, vlan tagging, routing, SLB, service groups, virtual services and SSL offloading, certificate VIPs association and A10 Harmony Controller for application visibility).
• F5 BIG-IP LTM/GTM (virtual servers, pools, health monitors, self IPs, vlans, routing, WAF, SSL offloading, certificates, SNAT, persistence, iRules).
• Cisco Network management systems EPNM and Zabbix for network monitoring.
• Duo 2FA administration and configuration (DAG, DNG and SSO, create application policy, configure LDAP set and auth proxy and integrate with other services).
• Network systems administrations on DNS BIND Internal and External (Create DNS A, CNAME, PTR records), NTP and Windows DHCP scopes.
• Cisco ACI (VLANs access/trunking, VRF, vPC, VLP, physical domain, AEP, interface fabric access polices, bridge domain, contracts, EPG, application profile, static ports, eBGP, iBGP).
• Cisco Firepower FTD FMC NorthSouth/EastWest (Access control policy configuration, interface/port-channel configuration, static routing).
• Forcepoint NGFW Internal/DMZ (Access control policy configuration, BGP interface configuration, zones, VLANs, VPN gateway, CVI, VPN profile, site-to-site VPN, routing, NAT, IPS and IDS).
• Cisco Nexus 9300 (VLAN access/802.1Q trunking protocols, VPC, ARP, port-channel, SVI, RSTP, ROAS, HSRP, VRF, eBGP, iBGP, OSPF, RADIUS/TACACS+, SNMP).
• Cisco secure endpoint (AMP), Wazuh XDR, Qualys VM, Qualys PC and Trend Micro Manager.
• Administration in Linux (CentOS, Ubuntu, Rocky and RedHat), Windows and MacOS.
• Cisco WebEx and Microsoft Teams administration.
• Microsoft Office 365 Admin Center support and Microsoft Exchange 2019.
• Other Tools and Services: Squid proxy, phpIPAM, ITSM (ServiceNow), GrayLog, Wazuh Indexer, OpenSearch, Elasticsearch, Kafka, Vector and Kafka REST API Proxy.
• Coordinates the progress of contractors, projects and ongoing participation in technical support. Prepper High-Level Designs (HLD), Low-Level Designs (LLD) and Visio diagram for solutions.