network and security engineer
BAHRIA ENTERPRISES SYSTEM & TECHNOLOGIES
Total des années d'expérience :9 years, 2 Mois
Manage LAN / WAN infrastructure having more than 2000 users.
Managed more than 200+ Network Infrastructure L2/L3 Switches/Routers
2960, 3550, 3560, 3750x, 4806, N9K-C9372, 3845-CCME/K9, C6807, ISR4331-S.
Manage fortigate, ASA Firewalls policies, rules for the entire infrastructure.
Blocking Malicious attacks/URLS advised by Security Team.
Creating Access control list, VPN Access for Users Outside Network.
Managing F5 Load Balancers, Polices, Rules. Add or remove user for VPN access.
Open tickets to vendors for the technical issues and/or as a service request.
Manage WLAN, access points and Users connectivity for the Network.
Manage NAC authentication, user’s profiles, BOYD and Guest Network.
Support IP Phones configuration.
Network Switches implementation such as VLANs, HSRP, VTP Ether channel. VLAN.
Managing Distribution and Aggregation Layer switches and Configuration.
Managing Kaspersky Anti-Virus for all the users, policies, weekly Scanning, updating
and Upgradation.
Creating rules for inbound and outbound traffic for local users and VPN users.
Handling Technical Tickets assigned by L1 Team.
Support User Issues I-e Network Connectivity Issue, Wifi, IP Phones setup, Password
Reset etc.
Managing FortiWAN and FortiAnalyzer.
Manage AD Users and Groups.
Interact with vendors for IOS upgrade.
Designand deploy LANs, WANs, networks, including servers, routers, switches, AccessPoints.
• Administration Network and DevicessuchL2/L3Switches.
• Trouble End User system / Network issues.
• Install software’s/Drivers and agents for end users i-e printers, Kaspersky, adobe, ms word etc.
• Manage Users and Groups for user in Active Directory reset password, adding removing OU.
• Assign IP address to users and troubleshoot network connectivity.
• Respondto email and phonecalls to address notifications of network and security incidents.
• Scanning Network Hardware / Software/ Servers/L2/L3 devices for vulnerabilities.
• Manage firewall and security policies, configurations and logs monitor on firewall.
• Monitoring and analyzingtraffic for malicious activity using SIEM.
• Monitor threats insider/Outsiders.
• Prioritizing and differentiating potential incidents and false alarms.
• Investigate, document andreport onsecurity issues.
• Hands onexperience in Internet Access Gateway, manage online/offline users, Force authentication.
• Creating rule/polices in IAG for user authentication via LDAP/AD/Radius.
• Creating ACL/NAT/PAT on the firewall.
• Creating Policies as per requirements block/allow traffic.
• Creating Trunk /access links, Ether-Channel, HSRP for distribution Layer
• Generate reports for incoming /outgoing traffic in IAG.
• Managing Storage Area Network, Creation, allocation of Space for servers/ PC.
• Authentication/Integration of Network Switches with NAC.
• Preventing Network based attacks such a DOS/DDOS, OS Finger Printing, SQL Injection using
intrusion prevention system.
• Scanand detect Endpoint&Servers vulnerabilities.
• Maintainthe latest patch/firmware builds across all managed network devices.
• Tuning of Falsepositives to avoid unnecessary alerts in future.
• Detecting suspicious logs, creating reports and charts for easy understandingof client.
• Back-up and restore of all critical resources including IPS, IAG, QRADAR, Switch, Routers &Firewall.
• Overseenew and existing equipment, hardware, and softwareupgrades related to network.
• Interact and negotiatewithvendors, outsourcers, andcontractors tosecurenetworkproducts andservices.
• Providing operational support and project implementation for Cisco-based network infrastructure, including switching, cabling, load balancing, routing, firewall security.
• Analyzing and evaluating network security threats and vulnerabilities.
• Supporting in the implementation and documentation of network policies, standards and guidelines
• Promoting network policies, standards and procedures through adherence in daily operational activities
• Participating in on-call responsibilities in support of a 24 x 7 x 365 production environment.
• Handled administrative tasks, such as password resets, permission management, account creations, remote software installations, etc.
• Controlling access to Shared Drives and Third party applications for users.
• Maintained technical and operational documentation and training materials for installation and configuration activities.
• Responsible for daily checking up Back up operations of the data.
• Managing IP Addressing for end users and its documentation. • Managing Active Directory Users/Groups.
• Handling of DHCP and DNS Servers.
Responsible for configuration of network devices Cisco catalyst 2950, 2960, 3550 and HP, DELL (2734)
Switches/ Routers. Administer and monitor for inbound / outbound rules, ACLs, Nat/Pat, exception
lists, data utilization, logs, limit bandwidth prioritization.
• Testing networksecurity with different tools and systems. Lookfor openand unused ports.
• Back-up and restore of all critical resources including router & switchesIOSand configuration.
• Configuringand Troubleshooting, HighAvailability protocols suchasGLBP, VRRP.
• Configuring STP/RSTP/PVSTProtocol forL2/L3Switches.
• Implementing Port Security, 802.1q, Ether-Channel protocols.
• IPv4Addressing assignment for number of users andmaintain record.
• HandlingClients/Dealer/Users througha series of actionvia email or phone.
• Troubleshooting Networknodes/devices.
• Switches/Routers/Servers/Firewall/UPSMonitoring
• Configuring users’wireless routers, VPNdialers.
• VMware(ESXI), Creating, managing and backupof virtual machines.
• ManageWindowsServer 2008/2012 And Role’s AD, DHCP, andDNS.
• Domainuser creationandPasswordReset.
• Data backup Manually andSchedule Task (Script) and transfer via FTP Client.
• Support, Installation, Configurationof WindowsXP, 7, 8, 10 clients for this network.
• Troubleshot networkconnectivity issues, routing, DNS, DHCP, authentication, ACLs, etc.
• Investigated the cause of problems and implemented the best solution, also kept rigorous
preventive maintenance to ensure decreased issues and down time.
• Handled corporateclients& users via email or phoneand resolved issues.
• Back-upand restoreof all critical resources includingrouter& switchesIOSand configuration.
• ManagingVMware (ESXI), Creating, managingand backup of virtual machines.
• Diagnosed client’s computer issues remotely on the network using Windows Remote
Desktopapplication/any desk.
• Replaced end of life hardware, including servers, switches, routers, WAPs, firewalls, workstations, etc
• Trained new employeeonsystems, software, and services.
Hardware Used: Cisco catalyst 2950, 2960, 3550, 3560, 3750, 4506x
Performed installation, configuration and testing of LAN/WAN devices.
Supporting and troubleshooting Wifi and Cisco routers, switches, and firewalls.
Testing and Troubleshooting (Media Converter) including fiber-optics, Patching Category 5e and Category 6.
Handling of DHCP and DNS Servers.
Managing Active Directory Users/Groups.
Cisco, HP, D-link, TP-link routers/switches Configuration/Troubleshooting.
Assisted network engineers in resolving network outages.
Handled the tasks of documenting network problems and resolutions for future reference.
Maintained technical and operational documentation and training materials for installation and configuration activities.
Managing classless and classful IP Addressing for end users and its documentation.
Responsible to daily check daily FTP server for backup.
Handled administrative tasks, such as password resets, permission management, account creations, remote software installations, etc.
Shared Drives, Windows and Third party applications administration and troubleshooting.