Cloud NW & Security (Acting Team Leader)
EastNets Amman-Jordan
Total years of experience :18 years, 3 Months
• Assess the security risks associated with cloud network devices and ensure their compliance with SWIFT CSP & other security standards as: ISO 27K1, GDPR & NIST .
• Develop a risk management & governance framework with policies & solutions for Cybersecurity and compliance with ISO 27k & GDPR standards.
• Design and architect cloud network and security solutions based on SWIFT CSP standards, regulations & client requirements.
• Supervise configuring MS defender for all EastNets resources: Storage, Database, App services over Azure network.
• Develop security plans & policies for Incident Response, Disaster Recovery & Business Continuity for EastNets On-prem and Cloud-based sites.
• Configure data connectors in Microsoft Sentinel to collect and aggregate security data from various sources in EastNets environment over Azure cloud.
• Create and customize analytics rules in Microsoft Sentinel to detect specific security threats and anomalies.
• Monitor security events effectively using Azure Monitor to gain visibility into EastNets cloud environment.
• Manage application access in Microsoft Azure Active Directory (known as EntraID now) .
• Implement security controls and measures such as : threat protection, identity & access management/IAM for EastNets new environments over Azure & AWS cloud.
• Participate in creating new NW Security & Physical Access Policies for the cloud environments on both Azure & AWS networks.
• Design & Implement EastNets Disaster Recovery (DR) Site for both On-prem and over Azure Cloud and test its operability for auto Failover & Failback from the customer perspective.
• Evaluate and select vendors for cloud networking & security solutions & systems.
• Assist in PoC setups for SASE solutions from varied vendors such as : Palo Alto,
Cloud Flare and Zscaler to nominate one SASE solution / vendor at the end for securing EastNets On-Prem and Cloud-based networks.
• Design & build new Cloud Computing model for EastNets Service Bureau consisting of new PA FW/VPNs, Juniper SRXs, Ivanti SSL VPNs including Network monitoring & Security Tools.
• Provide the needed support & guidance for new IT engineers and help them solve new issues faced on EastNets new Azure & AWS cloud environments.
• Stay up to date with the latest security trends & technologies in Information & Cyber Security and Cloud Computing fields by attending specialized workshops & training programs, and actively participating in professional networking communities.
• Configure & troubleshoot network security devices: NGFW/VPN (PA, Cisco, Juniper), Juniper IPS, Cisco ISE and FMC for EastNets on-prem DCs.
• Process new change requests /CRs for Configuring new VLANs, DMZs, Routing, Firewall policies and publishing (if required) any new financial services.
• Adopt a collaborative & comprehensive team environment, encourage knowledge sharing, cross-training, and continuous learning between team members.
• Configure & troubleshoot new S2S VPN connections on VPN devices existing at the customer end and at
EastNets DCs .
• Discuss & new CRs for Configuring routing and switching security (Port Security, ISE, ACL, and VLAN filter, DHCP-Snooping, EIGRP Authentication and DMVPN).
• Enhance and tune network performance by configuring QoS, FHRP, HSRP, policy based routing (BPR), Port-Aggregation, IP-SLA on the required NW & Security devices.
• Participate in configuring and troubleshooting EastNets new Data Centers based on Spine-Leaf Architecture by Cisco SDN (ACI) using APIC controllers.
• Configure F5 Network Load Balancers (LTM, GTM) and applying security application policies using F5 WAF for EastNets internal network .
• Create and configure Palo Alto Enterprise Data Loss Prevention (E-DLP) data patterns and filtering profiles to prevent accidental data misuse, loss, or theft.
• Participate in preparing Security Hardening Template for all security devices & servers installed on all EastNets sites.
• Participate in preparing and publishing EastNets new VPN connectivity Troubleshooting Guide.
• Participate in upgrading EMC RSA Authentication server in for EastNets DR site from 6.1 up to 8.1 then to 9.0.
• Design & Build virtual Data Center for EastNets DR site based on VMware technology and using ESXi 4.1 server, vCenter 5.0 server& Vsphere Client4.0 & Web Client applications.
• Install, configure & tune monitoring tool (ME Op-Manager), Desktop Central & Firewall Analyzer for all EastNets sites.
• Upgrade virtual Data Center running on ESXi 4.1 to ESXi 5.5, vCenter 6.0 & Vsphere client 5.5.
• Participate in setting up & preparing EastNets Incident & Change Management Policy.
• Participate in Preparing EastNets VPN connectivity Troubleshooting Guide.
• Participate in preparing Security Hardening Template for all security devices & servers installed on all EastNets sites.
• Provide the needed answers for external Vulnerability, Assessment / Penetration Test Reports carried out by 3rd party security auditors on customer VPN boxes.
• Participate in setting up the designs for the last-mile solutions compatible with backbone networks for ISPs as: Orange JO, Zain & Umniah (Formerly Batelco).
• Install & configure OneAccess routers as a POC for the customers.
• Provide 1st & 2nd level of technical support to customers as ISPs: Orange JO, Zain & Umniah using phone calls or/and using support forums tickets.
• Provide 3rd level of support to Orange JO engineers & helping them with OneAccess devices configuration.
• Install, configure & troubleshoot NW devices as: Cisco Routers & Switches.
• Install, configure & troubleshoot security devices as: Juniper SSG, Cisco ASA, Symantec DLPs & Blue Coat (Proxy SG & Cash Engine) on the customer sites .
• Participate in configuring & commissioning Kulacom Wi-Max sites .
• Install & configure Core ATM SPS & MPS switches (New Bridge).
• Install & configure DSLAMs & (IP-based) DSLAMs (Alcatel-Lucent.
• Configure last mile CPE (routers & modems) using NW tools & utilities embedded within ATM Network Management System machine.
• Troubleshoot digital services lines (Physical Layer) using specific testing & diagnosing tools.
• Prepare & test IMMSP platform to provide Triple Play services (ADSL, Video on-Demand (VoD), Audio (VoIP) over Fiber cables (FTTH, FTTO, FTTC) as a last mile connectivity.
Princess Sumaya University Oct , 1999 – Feb , 2004 . Good , Electronics (Computer & Telecommunication Engineering) .