Senior Security Services Engineer
Orange Business Services
مجموع سنوات الخبرة :17 years, 7 أشهر
Click to edit position description• Design and develop new cloud security solutions based on vendor products (SIEM, Reporting and Proxy services)
• Design and develop new Security Solutions for the proxy, caching and CDN services
• In lab design and test of overall architecture and components
• Develop and execute test plans
• Perform systems integration across multiple platforms (Linux, Unix, Windows, BlueCoat, IronPort, ScanSafe, Zscaler)
• ISO images packaging to automate installation and configuration for services Arcsight SIEM and Splunk
• Provide operations teams with the appropriate documentation and training and lead them during the rollout and deployment
• Test and validate new features for customized and generic solutions in the lab on from specifications
• Design and test complex customer security solutions and architectures
• Provide high-level support for presales engineers
• Work closely with Customer Solutions, Professional Services, Service Delivery, Operations to design, develop and support Security solutions and on critical strategic occasions directly with Orange's customers
• Provide L3 support for security operation teams
Supporting and managing Enterprise & Web Applications including Customer portals, billing system backend applications, Email system and Anti Virus Anti Spam gateways to support multiple Operational Companies.
• Operating mission critical services and applications
• Integrated technologies including: OpenLdap, MySql, Jetty, Apache, Postfix, Squid, Nginx
• Web & Application servers (Apache-Tomcat-Weblogic-IIS)
• Develop tools/scripts to assist in identifying threats and generating documentation
• Windows and Linux/Unix system assessments
• TCP/IP Protocol Forensics and Traffic Analysis
• Root cause analysis and providing major incident reports to top management
• Application performance tuning
• Disaster recovery planning for operated services
• E-mail hosted platform vulnerability scanning and SPAM fighting
• Applications patching
• Contributing in forensic investigations by Vodafone Group
• Tracking newly discovered exploits for hosted applications
• Building custom scripts to perform health checks, any suspicious spamming activity and
automatted installers
• Platforms upgrade projects delivery
• Implementing rehearsal scenarios for supported services regularly
• Bash/Python scripting
• Improving security awareness among the team
Managing GSM core network Home Location Register component and Operation and Maintenance Center nodes for different operators in MENA region.
• Configure core network switches to achieve multi homing between different sites
• Configuring SAN Storage for Home Location Register (HLR) nodes
• Installing Veritas cluster software to achieve high availability for Home Location Register nodes
• Building scripts to automate backups
• Hardware/Software installation and self and integrate commissioning
• Performing acceptance tests for HLR and OMC core network nodes
• Validating GSM network protocol stack including SIGTRAN, H248, BICC, VOIP, SIP, RTP, etc. using packet sniffers
• Familiarity with network interfaces such as A-interface, Gb, Gn, Gp, IuCS, IuPS, Iur, Iub, Nc, Mc, etc.
Managing and supporting 2 datacenters for 24/7 to provide a complete solution for multiple brokerage firms including all infrastructure systems and required secure connections to connect to Saudi Stock Market Tadawul.
• Manging and maintaining application and database servers of all hosted brokerage firms
• Configuring and supporting backup and storage systems
• Configuring Linux server to work as router, core switch and firewall using IPtables to perform filtering and Source/Destination Nating
• Configuring IPSEC/GRE tunnels on ATM interfaces to connect to Tadawul
• Implementing Vpn-Gateway to Vpn-Gateway to encrypt the link between our two datacenters using OPENSWAN
• Using KEEPALIVED as a load balancer for web servers
• Deploying MUNIN to monitor the health of all datacenter resources including processor, memory, filesystem and network interfaces
• Deploying MRTG to monitor interfaces of switches, routers and firewalls
• Using TRIXBOX as VOIP and IVR system to replace legacy analog telephone system in the company
• conducting information security audits
• Network security auditing
• Internal & External Penetration Testing
• Ability to write and review security audit documents
• Windows Server 2003 Routing and Remote Access
• Applying Tadawul's Security Audit policy to datacenters
• Hardening windows and linux servers
• Installation and configuration of IDS system SNORT and HIDS system OSSEC
• Configuring Huawie, Cisco ip routers/switches and Junipers
Customizing SpamAssassin mail filter and Squid proxy server according to infrastructure team requests.
Supporting and operating broadcast systems in live environment.
•Health checks and performance monitoring
•Using IPtables to secure communication between different branches
Embedded system design Operating Systems Algorithms Electronics Statistics Information Theroy