Senior Network Security Engineer
Etisalat UAE
Total years of experience :14 years, 4 Months
Currently working as Network Security Engineer in the biggest Telecom Provider in Middle East & Africa. My role is to ensure Network Security of Emirates Telecom Corporate Engineering.
Managing over more than 200 Multi-vendor Firewalls includes Fortigate, Cisco ASA, Juniper SRX, Juniper Net Screen and Huawei.
Additionally my responsibilities are:
• Responding to SOC & Sec. Planning Queries & Compliance.
• Network Security Analysis.
• Network architecture & Design.
• Management of Security Appliances and configuration of firewalls with respect to day to day operations.
• Managing assigned projects and program components to deliver services in accordance with established objectives.
• Development & Deployment of security concepts.
• Incident response to network security threats.
• Ensure adherence to IT Security policies and procedures.
• Managing and configuring different Monitoring tools.
• Involved in Systems Integration with Infrastructure deployment like firewalls, Routers, Switches Configurations.
Since my association with GBM I have gained exposure to the contemporary IT networks and the various cutting edge solutions which are deployed in today’s enterprise networks and provide support to customers.
I worked extensively on equipment of Cisco, HP, Fortinet and Aruba but I also comfortably configured other vendor equipment that is in the same technological domain.
Projects:
• Emaar - Resident Engineer at Emaar IT to provide support for Cisco ACI Data Center. GBM provide a solution of overall design and configuration of Cisco ACI Data center which was implemented to migrate existing data center to Cisco Nexus platform.
• Saudi German Hospital - Installation and configuration of Cisco 6513-E chassis with ASA-SM and WISM2 module.
• Afridi & Angell - Installation and configuration of Cisco 2901, ASA-5525, WLC-2504, AIR-CAP3702I-E-K9, Cisco Prime Infrastructure.
• African & Eastern - Design, installation and configuring HP 5406, HP 2520, Aruba WLC-7010, AP-225, AP-275, IAP-225, IAP-275 and F5 LTM 4800 for share point application.
• Al Tayer Group - Migration of 89 Stores switches to Cisco 2960X.
• Honda Motors - Designing, installation and configuration of Wireless Solution in which we used Cisco 2504 WLC and 1832I, 2702I, 2702E access points.
• G4S Security - Designing and Migration of G4S old network to New network where we installed and configured Brocade ICX6610 Core Switches, Fortigate 200D, Barracuda Load Balancer 340.
• Al Ghurair University - Design, Installation and configuration of Palo Alto 3000 and 200.
My major responsibilities are:
• Analyzing, designing, installing, configuring and maintaining of network infrastructure.
• Install, support and maintain hardware and software infrastructure according to best practices, including routers, switches, Wi-Fi Access Points & controllers, and firewalls.
• Management of Security Appliances.
• Design, setup and configure complex switching environments and manage VLAN’s as per defined criteria.
• Responsible for the administration of firewall which includes, application based filtering, content filtering, NAT/PAT and integration with Domain controller.
• Responsible for the management of implemented firewalls (ASA/Fortigate).
• Provide network and host based security, incident response, firewall and VPN management and administration.
• Managing assigned projects and program components to deliver services in accordance with established objectives.
• Follow and prepare standard operating procedures in accordance with the best IT practices.
During projects I have worked on Cisco Routers, switches and ASA Firewall, Foritnet Firewall and FortiAnalyzer, Juniper MAG. In the wireless networks domain I mainly worked on Cisco and Ruckus controllers and access points.
Projects:
• Fortigate 800C Deployment:
Gain hands on experience on Fortigate 800C and FortiAnalyzer by configuring Fortigate in cluster mode and applying different policy as per department requirement. Enforced bandwidth control, Data Leak Prevention, content filtering and application filtering policy based.
• Juniper MAG 2600 Deployment (SSL VPN):
Configured and installed MAG 2600 VPN box in HA cluster mode. Customize different profiles for home based users and executives for secure VPN connection to connecting with organization network from home.
• Highly Available Switching:
Planning and ensuring execution of redundant distribution layer which comprises of acute physical infrastructure, prudent MSTP design, HSRP instances and lastly robust L3 design to give a finishing touch.
• Wireless Network:
Hands on Cisco AIR-CT5508 Wireless controller and Air-cap3502 access points, complete wireless network setup in all buildings of BOL. Configured and categorized SSID as per user requirement and allow in-house application and local calling facility to users.
Responsibilities included:
• Administration and maintenance of Local & Wide Area Network (LAN & WAN) and firewall for smooth operation of network.
• Troubleshooting and rectification of networking issues.
• Vendor management for all network related projects.
• Provide technical leadership to other team members.
• Information Policy Drafting
• Responsible for inventory, SOP's and documentations of communication networks for Data Center.
During my tenure with trueWIRELESS, I mainly focused and hands on long rage Altai wireless equipment 2.4GHz and 5GHz, HP AAA controller and on Zyxel switches, access points and Wi-max CPE. My routine work and major responsibilities were:
• Installation of LAN and WLAN network (2.4GHz and 5GHz).
• Installation of Point-to-Point and Point-to-Multipoint Radio link.
• Work on HP ProCurve MSM760 Controller and Zyxel GS-2024 and ES-4124 switches.
• Hands on Altai “A8 Super Wi-Fi Base Station, A2 Wi-Fi Pico Access Point, Wi-Fi CPE and
Ruckus Access Point/ Repeater”
• Hands on Peplink Multi-WAN Router and different IP PBX.
Received Scholarships three years from Sindh Endowment Board Paksitan.