Network Security Engineer
Juffali - Butler Blue-Scope Steel Buildings
Total years of experience :17 years, 1 Months
I’m working in one of core team of Juffali Group as a Network Security Engineer and Team Leader.
Responsible for handling project which includes Consulting, Planning, Designing, Configuration and Documentation, Presentations, for enterprise and also provides excellent support for existing setups.
- Design and configuration of security infrastructure, such as secure DMZ, by using all security equipment’s firewalls, secure access servers, high availability, clustering & certificate based access.
- Monitor & Control network security events received from monitored servers, and then take appropriate action based on security policy standards, and procedures with SIEM tools (Splunk).
- Investigate intrusion incidents, conduct forensic investigations and mount incident response using SIEM solution.
- Administration and Monitor Antivirus services Antivirus Endpoint Security (Avast & McAfee ePO).
- Use vulnerability Assessment tools (Nexpose, Nessus, NMAP, Metasploit, Netcat) to identify known and unknown network vulnerabilities and ways to counteract them.
- Implementation and configure Cisco ASA NGFW, VPN, ISE, WSA, ESA, WLC, AP, Core Switches & Routers in multiple sectors.
- Implementation and configuration ISE v1.2, v2.2 & v2.4 Dot1x Auth, wired, wireless, VPN configurations using AAA, profiling, posturing, BYOD, TrustSec and SGT’s.
- Secure Administrative Access for ASA FW & Routers by using AAA server such as Certificate-based, ISE & RADUIS.
- Hands on day-to-day monitoring Firewall Web & Application Filtering, IPS and block abnormal activates.
- Implementation and configure Firepower FMC and deploying, configuring NIGPS, FTD and fine tuning the policies.
- Implement NGIPS Security Intelligence Feed to download a new Feeds, System & Application Vulnerabilities, new viruses, threats, malicious by cloud Talos Cisco Intelligence Team.
Duties & Responsibilities:
- Administration of Domains & Workstations, Data & Programs (AD, AD Additional, AD Child, OU, Security Permissions, Sharing, DNS & DHCP, WSUS, etc…), Daily Backup Schedules & Disaster Recovery.
- Implementing Network Infrastructure in a new site from scratch (Configure Vlans, Cisco VPN Site to Site, Sophos Firewall, Hyper-V Hosts Server, Additional DC and File share with DFS).
- Migrate 4 Physical servers from 2008R2 to 2016 and Import VMs.
- Design, plan and implement Group Policy, delegate strategies and OU structure.
- Upgrade 3 DC and migrate Active Directory from Win Server 2008R2 to 2012R2.
- Configuring visualization VMware ESXI, Citrix Xen Server, Hyper-V services, Failover Clustering.