Sr. Network Security Engineer
Saudi Railway Company (SAR)
Total years of experience :15 years, 11 Months
Selected Tasks:
• Deployed Forcepoint Web Content Gateway (Web proxy in SAR HQ Premises)
• Upgraded Palo Alto 3020 firewall and Global Protect VPN.
• Upgraded Symantec SEPM and EDR Appliance.
• Upgraded Fortinet D200 Firewall and FortiAnalyzer Appliance.
• Established IP Sec Tunnel between SAR and OCI.
• Established IP Sec Tunnel between SAR and NourNet.
• Upgraded Citrix NetScaler Appliances.
• Deployed SSL Offloading in Citrix for Web Applications.
• Other operational and troubleshooting tasks.
IT Security Systems design, implementation, integration & administration.
Selected Tasks:
• Migration of YASREF Riyadh Data Center from Mobily to STC DC. Migrated 70+ network & security devices. Installed all devices in STC DC. Mainly includes ASA, FTD, Palo Alto, and Force Point Firewalls. McAfee NDLPs, NIPS, NSM, ATD, Cisco TG, FMC, ISE. Cisco and HP Routers and switches.
• Deployed Palo Alto NGFW 3220 and 3250 as perimeter and OOB firewall in YDC.
• Implemented Force Point 3201 firewall for new management network in Riyadh DC.
• Implemented Force Point 3301 firewall as an edge security appliance for YASREF Plaint Network in YANBU.
• Migrated ASA 5545, 5555, Palo Alto 3060, Network switches and other security devices.
• Firmware upgradations - Cisco 3850 stack switches (DMZ, EDGE, PRT, Server Farm switches)
• Upgraded Force Point SMC and Force Point, Palo Alto and ASA firewalls firmware.
• McAfee ePO administration. Experience with McAfee Endpoint security products and H-DLP.
• McAfee NSM and IPS administration. Worked on McAfee DXL, TIE, ATD and DE.
• IP SLA and ECMP deployment on ASA and Palo Alto firewall.
• Implemented Palo Alto 3060 as extranet firewall.
• Implemented IPsec Site to Site VPN, YASREF RDC to AVAYA Systems.
• Implemented Client to Site IP Sec VPN Gateways.
• Redesigned YASREF Riyadh Data Center Network and Security Infrastructure.
• HP Switches (5500, 7510, 3500YL) & cisco (3850) network devices integration and management.
• Implemented McAfee Stone-Soft firewalls 3201, McAfee 3201 IPS Engine.
• Implemented IRF, VRRP, SSH, NTP, RADIUS, Syslog, SPAN.
• Integrated Symantec and McAfee security systems for 2 factor (DUO) authentication.
• Citrix, HP, Cisco, Stone-soft Multi-vendor Ether channel configuration.
• Static routing, route preferences, default routing configurations.
• Redesigned YASREF RDC Edge Network (DIA Multi Links).
• Stone-soft firewall clustering, HA and failover implementation.
• McAfee SMC routing and traffic management for multilink gateways.
• IOS Up gradation. (Cisco 3850, 2800, HP 7510, HP MSR 3060, HP 5500 & 3500yl, Stone-soft 3201, 1301, Citrix NetScaler.)
• McAfee SMC and log server administration.
• Citrix Management, Dual Factor authentication configurations.
• Firewalls ACL & NAT rules configurations and Troubleshooting.
Project: 616-C02. RCJY facilities MAN Fiber Optic Network Implementation.
Implementation and management of network and network security solutions of corporate and enterprise clients. Data Center Network design and installations. L2 Support for enterprise clients.
Selected Accomplishments:
• Deployed long distance sight to sight W-LAN connectivity, V-LANs implementation, Domain Controllers, CMS Server installation / management, Designed developed and implemented Parking management system of Park Lane tower, CCTV and IP cameras, Lotus Domino Mail server configurations, RFID based Network Control Units, ISA server management, Switching and V-LANs, Access control lists, Virtual Private Networks.
• Migrated complete data center from old to new DC location.
• Mobilink Black Berry Server installation, Norton antivirus server installation, Network and VoIP Management of Call center and Data centers of Bahria Town.
• Gate Defender Firewall administration.
Specialized in CS