Manager Network & Infrastructure Security
Engro Corp
Total des années d'expérience :14 years, 3 Mois
Responsible for ensuring the network security of JS Bank's network from threats originating from inside and outside the bank.
•Verify proper configuration and operation of firewalls and network infrastructure. Verify proper configuration and operation of security agents.
•Management of Qradar SIEM Solution, Integration of Log Sources, Performance & capacity management.
•Qradar Daily & weekly & Monthly Reports such as:
•TOP FW IPS/IDS alerts, AV alerts
•TOP BW consuming application/Users
•Weekly/daily User authentication activity
•Weekly/daily Firewall allow/deny activity
•Qradar Offense Management:
•Review & assignment of daily Offenses generated to relevant teams.
•Review Network change requests (CRF) and make recommendations to ensure they comply with standards.
•Perform periodic risk assessments, internal/external penetration testing and vulnerability scans. Take corrective actions to resolve all issues pertaining to network security.
•Identify security issues and risks, and develop mitigation plans. Architect, design, implement, support, and evaluate security-focused tools and services.
•Provide technical assistance to network team to fix configuration weaknesses in firewalls, routers, switches & comply as per best practices.
•Evaluate and make recommendations on security and network products that can enhance the posture of the JS Bank's Network.
ACCOMPLISHMENTS
• Implementing Beyond Trust PAM (Privilege Access Management) across the bank’s Critical resources (In-Progress). The Product Power Broker Password safe & session monitoring will give the Administrators full visibility & control over the privileged accounts of critical resources of the bank.
• Implemented IBM Qradar SIEM (Security information & Event management) & brought up logs/alerts from all critical Systems/Network devices for compliance & centralized monitoring.
• Performed Vulnerability Scanning, Policy Scan of Several Core Systems using QualysGuard Express solution as per the Vulnerability Management Program & reports were shared with concerned teams.
• Web Application Scanning of JS Bank Services exposed over internet using QualysGuard Express.
• Network design reviews of DC, branch WAN and Campus design.
• Procured Nipper Studio Configuration Assessment tool. Performed Config Audit & highlighted weakness in configurations of Core Network Devices.
• Design & Introduced CRF (Change Request Form) in order to record & track Network/System changes within bank. Proper sign-off procedure is being followed in contrast to previous method of email approvals.
• Updated Core Network Diagram with the help of provided configuration & information. The new diagram is providing better understanding of all Core Segments of the Bank such as:
Internet, Extranet, DMZs, Branches, Core Sites, VPNs with Business Partners, Serverfarm etc.
• Performed & document over all Network Security review of JS bank Core Network & highlighted Major issue such as:
Non High Availability of Network Devices
Vulnerabilities/Weakness in Network Configurations
Failover test of Devices in HA
End of Sale/support Network Equipment
End of Support/vulnerable Firmware
User's Account/Role Management
Managing complete internet segment using SRX 1400 (Services DMZ, TMG, Internet Banking, IPSEC VPNs with business partners & international UBL sites, Public FTPs & SFTPs).
•SSL VPN (Remote) users' management using Juniper SA4000 with feature of Network Connect.
•Extranet Segment management using juniper SSG 320 (Services Master Card, Swift, 1link etc).
•Primarily responsible for Network Security Operations, Also work in alliance with WAN Operations Team managing Core WAN & Global Sites.
ACCOMPLISHMENTS
•IPSEC VPN between UBL & ABM, Infotel, CDC for project Tijaari.
•SSL VPN users' complete profiling on Juniper SA400. (User's detail, Access detail)
•IPSEC VPNs profiling on Juniper SRX 1400. (VPN Peers, Proxy IDs, NAT, Contact Detail
JOB RESPONSIBILITIES
• Managing & administrating overall Network security operations and provide support for all network related issues (Including Internet/Extranet/ADC/DMZ Segments, Payment Systems’ channels & Access Control etc).
• Configuration, Management, Maintenance, Implementation & troubleshooting of multi-vendor Core Network Security devices.
• Design & Maintenance of Extranets Segment including 1link, SMS Gateway Service, Payment Systems (Master Card, VISA, CUP) & VPNs with International sites.
• To figure out necessary network upgrades & point of Failures within Security domain and suggest, plan and implement mitigations after the approvals from the higher management.
• Interact with senior corporate management and the user community to analyze current operations, suggest improvements and implement systems according to their requirements.
• Coordinate with vendors and consultants for all network related projects, support and maintenance of network devices.
• Assist network operations team in troubleshooting daily operational and major issues.
• Provide services of Cisco Remote VPN, SSL VPN (Juniper SA4000, PALO ALTO Global Protect) to provide users access from remote locations & home.
• Develop and execute implementation test plans in an adroit effort with the internal or vendor team.
• Perform and document system operations process and procedures including the installation and testing of network upgrades, failover, and configuration, BCP, DR plans, Incidence Response reporting, change management and updating topologies of network.
• Complete Administration and Monitoring of AAA Server (CISCO ACS 5.5)
• Administration, monitoring and daily reporting of logs through Intrusion Detection/Prevention
System Module
• Tier 3 support to network related issues, on call/online/off working hrs. (Including 1link/ibank shifting to pri/bkp as per need, remote VPN & AAA ids issues, in case of any unforeseen network/device failure).
PROJECTS
• Complete Migration of Internet Segment to Next Generation Firewall PALO ALTO (PA-5020) in all three regions (Including ISB, LHR & KHI).
• ACS (AAA server) Migration from version 4.2 to 5.5, Included all User/Device data migration to new version with all enhanced features implemented.
• Upgrade of 1link (Primary, Backup) segment with Auto Shift failover implemented (Hardware changed from Juniper netscreen/junos to Cisco 3845)
• Citi-HBL Merger of Citi Bank with HBL (Complete Network setup).
• Extranet Segment Revamp Replacement of HOK Extranet segment FW IBM ISS MX5010 with Cisco ASA 5545.
• HBL-Euronet connectivity for interbank POS acquiring traffic. (dedicated channel with Auto failover from Primary to Secondary link)
• Oracle Flexcube Complete setup.
( include Configuration of Load Balancers AX/Firewall ASA/ Routers 2801 & DMZ)
• Complete migration of Cisco Remote vpn client to PA Global protect SSL VPN. ( User account/group/policies & access control migration)
• HBL-Warid connectivity for Ethernet POS terminals.
• Complete Migration of CUP, Swift, VISA segments on Extranet Firewall ASA 5545.
• PHEONIX-IRIS Migration Project of Live Phoenix (involved in I-BANK, ATMs, Online Payments, Fund transfer & POS terminals) to IRIS including all the required Core network level communication for the new Servers & allocation of new VLAN scheming for the old servers with connectivity to Core Switch.
• HBL Branch Less Banking Project (Performed the entire related task to Core Network Level including VLAN creation at Core Firewall FWSM for all Branchless Banking servers & allowed their communication within & outside HBL network).
• IPSEC VPN connectivities with Telecard, Mobilink, Bank Of Punjab, FBR, Monet, APL, Paycol, Vectracom for different business services on extranet segment.
• Iremit, MTP, CRPL, HBL ipayments & other business services channel configuration over Internet segment
• RTGS STP project with SBP using ASA 5505.
Provide support to corporate customers regarding (Internet and P2P Data), DSL, ADSL, RDSL & G.SHDSL links, Radio Frequency links, Frame Relay & MPLS links, DVB links, DDP, ISDN, DOTS connectivity, Domain Hosting, E-mail solutions and Fiber Optics integration and troubleshooting.
•Provide clear, concise, accurate and frequent communications to clients regarding their technical issues and actual root cause of the problems.
•Document and log all pertinent call information (customer info, nature of problem, solution, etc) via software SIEBEL Communications.
•Gathering link detail & client information via software TERMINUS, CSR&CONMAN.
•Troubleshooting & Monitoring the all the DSL links performance through NMS (Network Monitoring System).
•Troubleshooting & Monitoring the performance of RF, WiMax & Fiber links on MRTG
BS Electronics
FSC Pre Engineering
SSC Science.