Ehtisham Paracha, network and security engineer

Ehtisham Paracha

network and security engineer

BAHRIA ENTERPRISES SYSTEM & TECHNOLOGIES

Lieu
Pakistan - Karachi
Éducation
Baccalauréat, computer science
Expérience
9 years, 2 Mois

Partager Mon CV

Empêcher usager


Expériences professionnelles

Total des années d'expérience :9 years, 2 Mois

network and security engineer à BAHRIA ENTERPRISES SYSTEM & TECHNOLOGIES
  • Pakistan - Karachi
  • Je travaille ici depuis juin 2022
Network & Security Engineer à infasme LLC
  • Émirats Arabes Unis - Dubaï
  • décembre 2021 à mars 2022

 Manage LAN / WAN infrastructure having more than 2000 users.
 Managed more than 200+ Network Infrastructure L2/L3 Switches/Routers
2960, 3550, 3560, 3750x, 4806, N9K-C9372, 3845-CCME/K9, C6807, ISR4331-S.
 Manage fortigate, ASA Firewalls policies, rules for the entire infrastructure.
 Blocking Malicious attacks/URLS advised by Security Team.
 Creating Access control list, VPN Access for Users Outside Network.
 Managing F5 Load Balancers, Polices, Rules. Add or remove user for VPN access.
 Open tickets to vendors for the technical issues and/or as a service request.
 Manage WLAN, access points and Users connectivity for the Network.
 Manage NAC authentication, user’s profiles, BOYD and Guest Network.
 Support IP Phones configuration.
 Network Switches implementation such as VLANs, HSRP, VTP Ether channel. VLAN.
 Managing Distribution and Aggregation Layer switches and Configuration.
 Managing Kaspersky Anti-Virus for all the users, policies, weekly Scanning, updating
and Upgradation.
 Creating rules for inbound and outbound traffic for local users and VPN users.
 Handling Technical Tickets assigned by L1 Team.
 Support User Issues I-e Network Connectivity Issue, Wifi, IP Phones setup, Password
Reset etc.
 Managing FortiWAN and FortiAnalyzer.
 Manage AD Users and Groups.
 Interact with vendors for IOS upgrade.

Network Specialist à Bahria Enterprises System & Technologies
  • Pakistan - Karachi
  • mai 2018 à décembre 2021

Designand deploy LANs, WANs, networks, including servers, routers, switches, AccessPoints.
• Administration Network and DevicessuchL2/L3Switches.
• Trouble End User system / Network issues.
• Install software’s/Drivers and agents for end users i-e printers, Kaspersky, adobe, ms word etc.
• Manage Users and Groups for user in Active Directory reset password, adding removing OU.
• Assign IP address to users and troubleshoot network connectivity.
• Respondto email and phonecalls to address notifications of network and security incidents.
• Scanning Network Hardware / Software/ Servers/L2/L3 devices for vulnerabilities.
• Manage firewall and security policies, configurations and logs monitor on firewall.
• Monitoring and analyzingtraffic for malicious activity using SIEM.
• Monitor threats insider/Outsiders.
• Prioritizing and differentiating potential incidents and false alarms.
• Investigate, document andreport onsecurity issues.
• Hands onexperience in Internet Access Gateway, manage online/offline users, Force authentication.
• Creating rule/polices in IAG for user authentication via LDAP/AD/Radius.
• Creating ACL/NAT/PAT on the firewall.
• Creating Policies as per requirements block/allow traffic.
• Creating Trunk /access links, Ether-Channel, HSRP for distribution Layer
• Generate reports for incoming /outgoing traffic in IAG.
• Managing Storage Area Network, Creation, allocation of Space for servers/ PC.
• Authentication/Integration of Network Switches with NAC.
• Preventing Network based attacks such a DOS/DDOS, OS Finger Printing, SQL Injection using
intrusion prevention system.
• Scanand detect Endpoint&Servers vulnerabilities.
• Maintainthe latest patch/firmware builds across all managed network devices.
• Tuning of Falsepositives to avoid unnecessary alerts in future.
• Detecting suspicious logs, creating reports and charts for easy understandingof client.
• Back-up and restore of all critical resources including IPS, IAG, QRADAR, Switch, Routers &Firewall.
• Overseenew and existing equipment, hardware, and softwareupgrades related to network.
• Interact and negotiatewithvendors, outsourcers, andcontractors tosecurenetworkproducts andservices.

NETWORK/SYSTEM SUPPORT ENGINEER à xper2go Pvt Ltd
  • Pakistan - Karachi
  • janvier 2018 à mai 2018

• Providing operational support and project implementation for Cisco-based network infrastructure, including switching, cabling, load balancing, routing, firewall security.
• Analyzing and evaluating network security threats and vulnerabilities.
• Supporting in the implementation and documentation of network policies, standards and guidelines
• Promoting network policies, standards and procedures through adherence in daily operational activities
• Participating in on-call responsibilities in support of a 24 x 7 x 365 production environment.
• Handled administrative tasks, such as password resets, permission management, account creations, remote software installations, etc.
• Controlling access to Shared Drives and Third party applications for users.
• Maintained technical and operational documentation and training materials for installation and configuration activities.
• Responsible for daily checking up Back up operations of the data.
• Managing IP Addressing for end users and its documentation. • Managing Active Directory Users/Groups.
• Handling of DHCP and DNS Servers.

L1/L2 NETWORK SUPPORT ENGINEER à Connect Communication Pvt Ltd
  • Pakistan - Karachi
  • juin 2015 à décembre 2017

Responsible for configuration of network devices Cisco catalyst 2950, 2960, 3550 and HP, DELL (2734)
Switches/ Routers. Administer and monitor for inbound / outbound rules, ACLs, Nat/Pat, exception
lists, data utilization, logs, limit bandwidth prioritization.
• Testing networksecurity with different tools and systems. Lookfor openand unused ports.
• Back-up and restore of all critical resources including router & switchesIOSand configuration.
• Configuringand Troubleshooting, HighAvailability protocols suchasGLBP, VRRP.
• Configuring STP/RSTP/PVSTProtocol forL2/L3Switches.
• Implementing Port Security, 802.1q, Ether-Channel protocols.
• IPv4Addressing assignment for number of users andmaintain record.
• HandlingClients/Dealer/Users througha series of actionvia email or phone.
• Troubleshooting Networknodes/devices.
• Switches/Routers/Servers/Firewall/UPSMonitoring
• Configuring users’wireless routers, VPNdialers.
• VMware(ESXI), Creating, managing and backupof virtual machines.
• ManageWindowsServer 2008/2012 And Role’s AD, DHCP, andDNS.
• Domainuser creationandPasswordReset.
• Data backup Manually andSchedule Task (Script) and transfer via FTP Client.
• Support, Installation, Configurationof WindowsXP, 7, 8, 10 clients for this network.
• Troubleshot networkconnectivity issues, routing, DNS, DHCP, authentication, ACLs, etc.
• Investigated the cause of problems and implemented the best solution, also kept rigorous
preventive maintenance to ensure decreased issues and down time.
• Handled corporateclients& users via email or phoneand resolved issues.
• Back-upand restoreof all critical resources includingrouter& switchesIOSand configuration.
• ManagingVMware (ESXI), Creating, managingand backup of virtual machines.
• Diagnosed client’s computer issues remotely on the network using Windows Remote
Desktopapplication/any desk.
• Replaced end of life hardware, including servers, switches, routers, WAPs, firewalls, workstations, etc
• Trained new employeeonsystems, software, and services.
Hardware Used: Cisco catalyst 2950, 2960, 3550, 3560, 3750, 4506x

Network Intern à Pakistan International Airlines (PIA)
  • Pakistan - Karachi
  • février 2015 à mai 2015

 Performed installation, configuration and testing of LAN/WAN devices.
 Supporting and troubleshooting Wifi and Cisco routers, switches, and firewalls.
 Testing and Troubleshooting (Media Converter) including fiber-optics, Patching Category 5e and Category 6.
 Handling of DHCP and DNS Servers.
 Managing Active Directory Users/Groups.
 Cisco, HP, D-link, TP-link routers/switches Configuration/Troubleshooting.
 Assisted network engineers in resolving network outages.
 Handled the tasks of documenting network problems and resolutions for future reference.
 Maintained technical and operational documentation and training materials for installation and configuration activities.
 Managing classless and classful IP Addressing for end users and its documentation.
 Responsible to daily check daily FTP server for backup.
 Handled administrative tasks, such as password resets, permission management, account creations, remote software installations, etc.
 Shared Drives, Windows and Third party applications administration and troubleshooting.

Éducation

Baccalauréat, computer science
  • à Ilma University
  • mai 2018

Specialties & Skills

Network Security
Vulnerability Assessment
Intrusion Detection
Network Administration
ACTIVE DIRECTORY
ADOBE PHOTOSHOP
Access Control List
LAN/WAN
Switching
IP Camera
Fortinet/Sophos Firewall
Network Monitoring
Routing
Windows Server
Network Policy
IPv4/IPv6
Newtrok Design & Security
ESX VMware I/Virtualization
Routers/Switches/AP
Qradar SIEM
Vulnerability Assessment
security
IPS /IDS
routers
computer hardware troubleshooting
firewalls
system administration
network operations
cyber security
network engineering
windows server 2008
microsoft servers
windows network administration
Penetration Testing
Endpoint Security
Risk Management
Vulnerability Management

Langues

Anglais
Moyen
Hindi
Débutant
Urdu
Langue Maternelle

Formation et Diplômes

Cisco Certified Network Professional (Certificat)
Date de la formation:
February 2022
Valide jusqu'à:
February 2022
CCNP (Certificat)
Date de la formation:
July 2022
CCNA (Certificat)
Date de la formation:
February 2019
Valide jusqu'à:
July 2022
Network Fundamentals (Certificat)
Date de la formation:
November 2019
Sangfor IAG (Formation)
Institut de formation:
Sangfor
Date de la formation:
April 2021
Durée:
48 heures
IBM - Network Security Appliance (Formation)
Institut de formation:
IBM
Date de la formation:
October 2020
Durée:
24 heures
IBM - Qradar (Formation)
Institut de formation:
IBM
Date de la formation:
April 2020
Durée:
36 heures
Certified Network Security Spealist (Formation)
Institut de formation:
ICNS
Date de la formation:
October 2020
Durée:
48 heures
MCSA 0365 (Certificat)
Date de la formation:
July 2013

Loisirs

  • Learning
  • Watching movies
  • Football
  • Cricket
  • Snooker