Section Head IT Security
Confidential
Total years of experience :24 years, 7 Months
Certified Information Security Manager, CISM. CC ISC2, Cyber Security Specialist
Current job description is to design manage and secure the network of 230 nodes by using misc Cisco Hardware and Microsoft OS.
Currently working on the IBM Blade center HS21 servers.
Cisco 6500 series core switch with integrated Firewall and Intrusion detection/Preventation modules and Cisco 2800 series routers.
Mcafee ePolicy Orchestrator 3.6.1 and Intrusion Prevention System.
Microsoft Exchange 2003 and ISA 2006 servers on the 2003 platform.
WIndows server 2003 Domain with Clustering and Network Load Balancing Environment for SQL Server.
Deployment of Oracle Engineered System hardware, for implementation of core banking project on Oracle engineered systems, Oracle ExaData and ExaLogic and ZFS storage.
Security hardening the banks private cloud at different layers to enhance the system security.
VMware VSphere6 virtualization with Operations manager and Disaster Recovery Services with Site recovery manager on Lenovo x240 blade centers with replication between Primary and DR sites.
Hardening the core banking environment, application, databases and network infrastructure.
OS Integration of IBM Qradar SIEM for KMBL SOC (Security Operations Center)
Email infrastructure upgrade from Exchange 2003 to Exchange 2010 & 2013.
EMC VNX 5400 SAN deployment and integrate with HP and IBM existing SAN.
Site migration of the core Data Center for the bank.
AD upgrade from Windows 2003 to Windows 2012 and Exchange upgrade from 2003 to 2013.
Participate in internal and external Penetration testing projects for improving the overall system security design of KMBL infrastructure.
Job Responsibilities:
Performing gap analysis of security Policies, Procedures, Guidelines and Use cases.
Ensure that latest evolving threats are addressed through custom use case development.
Technical Lead to propose Security Solutions in the infrastructure related to new projects.
Develop and fine tune security Policies, Procedures, Workflows to meet upcoming requirements.
Develop and implemented policies and procedures based on internationally accepted best practices/standards i.e. ISO 27001, NIST and involve in auditing and reviews to ensure compliance. Compiled a comprehensive IT Incident reporting and Response procedures.
Work in close conjunction with IT & Business teams to exactly understand business requirements aligned with CoBIT & ITIL framework & convert business requirements into secure solutions for smooth service delivery coordinate with Incident Response team to ensure that attacks are timely responded.
Driving initiatives that are based on business requirements, technically and financially sound, communicated to key stakeholders, and revised as technology and business need changes.
Report to management the status of all events as per the escalation procedures.
Perform the Vulnerability assessment and patch management exercises for enhanced security.
Ensure adherence of standards for infrastructure, hardware, software and security policies under the Datacenter domain.
Participate in analysis and trending of security log data from core devices, systems and IPS.
Integrate and share information with other analysts and other teams
Maintain and control the job scheduling of system software and preparing production schedules for all jobs and jobs streams at central computing as well any remote facility of the bank.
Implement and maintain environment control for the Data centers/Server rooms.
Planning for the implementation of the new projects and coordinate with other departments for to carry out the smooth deployment of projects at different levels.
Develop and test disaster recovery plans for the Data Center.
Be abreast with new development through various learning tools such as industry literature, vendor road shows and appropriate professional development workshops.
Successfully deployed Oracle Engineered System hardware, for implementation of core banking project using Oracle engineered systems, Oracle ExaData and ExaLogic with ZFS storage.
Assisted in deployment of Oracle IDM with two factor authentication for the internet and mobile banking users.
Completed the security hardening the banks private cloud at different layers to enhance the system security.
VMware VSphere6 virtualization with Operations manager and Disaster Recovery Services with Site recovery manager on Lenovo x240 blade centers with replication between Primary and DR sites.
Successfully completed security Hardening of core banking infrastructure, databases and network devices.
Successful Windows & Linux OS Integration with IBM QRadar SIEM for KMBL SOC (Security Operations Center)
Successfully upgrade Email infrastructure from Exchange 2003 to Exchange 2010 & then exchange 2013.
Successfully deployed EMC VNX 5400 storage and integrate with HP and IBM existing SAN solutions.
Achieved a major milestone by successfully migrating core Data Center to a new location with all services running at DR
Achieved the AD upgrade from Windows 2003 to Windows 2012 and windows 2016 domain controllers.
Assisted internal and external Penetration testing projects for improving the overall system security.
Technical Lead to propose Security Solutions in the infrastructure related to new projects.
Developed and implemented policies and procedures based on internationally accepted best practices/standards i.e. ISO 27001, NIST and involve in auditing and reviews to ensure compliance.
Worked in close conjunction with IT & business teams to exactly understand business requirements aligned with CoBIT & ITIL framework & convert business requirements into secure solutions for smooth service delivery.
Coordinate with Incident Response team to ensure that attacks are timely responded & risk mitigated timely.
Report to management the status of all events as per the escalation procedures.
Perform the Vulnerability assessment and patch management exercises for enhanced security.
Develop and test disaster recovery plans for the Data Center.
Successfully replaced the LAN infrastructure from traditional Linux based router setup to Cisco switches.
Successfully upgrade the core infrastructure and Implemented Juniper SRX3400 Firewall, IPS in active-passive mode.
Upgrade branch connectivity infrastructure & deployment of failover connectivity for 120 branches using Juniper devices.
Performed risk assessment of the network infrastructure and take corrective measures.
Successfully hardened the network infrastructure and devices to protect core network from external threats.
Network configuration review and testing using nipper, NMAP and resolve the security gaps found in network devices (routers, switches and firewalls) configurations.
Performed network security architecture review and suggest the architecture changes as per best practices.
p-3
Managed 120 branches network connected through VPN. Network operations staff, develop, maintain, monitor, analyze and troubleshoot network equipment.
Secured the internet traffic by implementing Linux Squid and Microsoft Forefront Threat management gateway 2010.
Key player in deployment of redundant connectivity solution along with DR plan.
Maintain and Update standard operating procedures for LAN and WAN networks.
Deployed the latest firewall technology on the Juniper platform (SRX 3400) and provide access to remote branches through secure VPN tunnel so that remote servers may be accessed and managed locally. Implement IDP to protect DMZ and internal servers.
Coordinated security audits (External, internal and SBP audits) and ensure the compliance of IT security policy.
I am currently working at the Electronic Government Directorate as Network Administrator (Team Leader leading 11 network/system administrators) under the project of “Federal Govt. Data center and intranet”.
The scope of the project is to interconnect the Federal Govt. Ministries/Divisions and departments through a Fiber Optic Ring and make a MAN and a centralized data center for their communication and security. We are currently providing the Email facility through OCS and Security through the Hardware based Firewall including Watch Guard and Juniper SSG 520 to all the Ministries and Divisions.
I was mainly responsible for the operations and Implementation of the Cisco PIX Firewall 525 V6.3 to secure the network from the attackers. I have worked there on the Industry standard Cisco Devices including 7500 series routers and Lucent MAX TNT switches. I have worked on IBM ® xSeries® machines with RAID Implementation for proxy, MRTG, DNS and FAX Servers, providing the Fax over IP (FoIP) and other ISP related Services
Working as a Senior Network Administrator I have done the migration of the old Windows NT/2000 Network to the Windows 2003 and Linux Mixed Environment. This position includes tasks such as:
Design for the modularity of the Network, as a properly planned/designed network can be expanded by the incremental addition and upgrade over the years and implement using the windows 2003, windows 2000 and Linux Operating Systems.
Use hardware/software protocol analyzers to trace the Network problem to the source.
Fault tolerance through Redundancy and protect data against catastrophic data loss that occurs when disk drives fails and RAID Subsystem can’t regenerate the data.
Deploy the backup strategy, ensuring the Backup Integrity and RAID Implementation. Planning for the future growth by examining the trend of the past few years and examine the expected changes for the near future.
Internet Connection Sharing & Internet problem solving also using the Microsoft ISA Server 2000 for the Cashing, Firewall and Internet access.
Configure & deploy the new Software with the network so that all the clients can access that specific software by connecting through their own machines on the network.
Configuration of the Windows 2000 Network Security Model also experience of the Network Security in the LAN Environment against the Internet threats.
Configuring and troubleshoot the RRAS in the Windows 2000 environment so that the clients can access their account & data by connecting from remote locations.
Implementation of VPN on the Windows 2000 providing the connectivity to the remote Internet Clients for the Local Network using their VPN Clients
MS (Computer Networks) expeciality in Computer Networks
MSc in Statistics (Specialization in computer subjects including Operations Research and Computer Languages)