Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Thank you. Your report has been submitted and will be reviewed shortly.
Salem Binmunef, Senior Security Engineer| CISSP 831782| Security Architecture(GDSA)| CCIE#50155| Intrusion Analyst

Salem Binmunef

Senior Security Engineer| CISSP 831782| Security Architecture(GDSA)| CCIE#50155| Intrusion Analyst·Saudi Telecom Company - Stc

Saudi Arabia

Bachelor's degree, Computer Engineer

Work experience

Total years of experience: 13 years, 8 months

Senior Security Engineer| CISSP 831782| Security Architecture(GDSA)| CCIE#50155| Intrusion Analyst

July 2020 - Present

Saudi Telecom Company - Stc

Riyadh, Saudi Arabia

July 2020 - Present

- Engaged in the IT projects to collect and decide on security requirements in the start phase
of new IT system development and integration.
- Ensuring IT Security Policy enforcement by enabling and select the security controls as part
of the design phase before system implementation.
- Establish and review the HLD and LLD of security solutions with Security vendors and security
implementation team
- Working on escalated technical issues with security operation for production issues.
- Working with implementation team for datacentre migration to plan physical and logical
security controls requirements
- Engaged in security assessment with cyber security compliance team for any policy exception
and infrastructure change to maintain compliance with regulatory and security program
requirements
- Assist in developing and enhancing the security roles, policies, and controls implemented on
the security devices and security process and procedures.
- Participate in the IT change management process by reviewing the change requests and
provide feedback when required.
- Analyse existing security systems and make the changes or improvements if required to fix
vulnerability and emerging risk
- updating the risk register for IT security projects and systems.

Company industry:
Telecommunications
Job role:
Security

Senior Network Security Engineer CCIE R&S 50155 | Intrusion Analyst (GCIA) 12721 | PCNSE | CCNP Sec

March 2014 - Present

ELM Company

Riyadh, Saudi Arabia

March 2014 - Present

- Continues review of network attack surface, for deficiencies in visibility, protocols, OS vulnerability, encryption, authentication, and authorization.
- Run auditing tools for Network devices ( Nipper) to fix all CISecrity level 1 benchmarks, and most level 2
- Harden the switches, port-security, DHCP snooping, configuring Private VLAN, disables vulnerable services, enable strong password hashes, enable logging.
- Harden routers, Neighbour authentication, EIGRP, BGP routing authentication, Block bogus IPs, enable SNMPv3, NTP authentication, and apply ACL.
- Cisco ASA, Palo alto, Fortinet firewalls configurations and implementations. Apply the required firewall segmentation( DMZ), security rules, NAT rules, packet captures, enable logging.
- Migration of layer 3/4 ASA Firewall to Next-generation Firewall, Palo alto or Cisco Firepower.
- Move port tcp/udp firewalls rules to rules include (application+ tcp/udp ports), user-base rule-set, enable intrusion prevention in firewall rules, Malware sandboxing ( inbound and outbound files), DLP, URL filtering, DNS filtering, and Geolocation rule-sets, enable SSL decryption.
- Cisco Firepower IPS, configure and monitor cisco IPS, as well as read, interpret, and analyze network traffic and related log events, and configure the required snort rules.
- Configuring Web proxy cisco WSA, Bluecoat. Controlling Internet access by enable authenticated access, banners for unknown URLs, site category filtering, url whitelisting and Blacklisting
- Cisco IRON PORT, configure anti-spam, email spoofing, phishing emails. Enable sender verification and authentication, SPF DNS TXT records. Domainkey( DKIM), DMARC, cousin domain blacklist, rate-limiting.
- Implementing and configuring cisco SSL VPN anyconnect for remote access user, implementing different groups base on employee user or vendor and give them the required access, enables radius user authentication with multifactor authentication.
- Configure and establish remote networks access securely by IPSEC VPN, GRE DMVPN and enabling the required authentication, and encryption controls. By cisco ASA, and Cisco Routers.
- Cisco ACS to manage access policies for network devices administration, TACACS+, Radius for network devices, VPN remote user, and integrate the authentication process with AD, multifactor authentication ( RSA).
- Validate, plan and carry out software version upgrades of various network and security devices in periodical timely manner

Company industry:
Software Development
Job role:
Information Technology

Senior Network Engineer

November 2012 - March 2014

Emircom (www.emircom.com)

Riyadh, Saudi Arabia

November 2012 - March 2014

Etihad Etisalat Company (Mobily), Managing and Operating Hosted Data center and Cloud Services Project.

Managing and Operating Mobily Hosted Data Center Network and Security Infrastructure (Malga Data Center), Managing and Operating Costumer WAN IPVPN, DIA to get access to their network at Malga HDC through Mobily MPLS VPN, Or public Internet.
Identifies, troubleshoots and resolves hardware, software- network-related problems
encountered by end-users of the network, the Internet, the servers or network and security infrastructures

Configuring VLANs and Switch Infrastructures, VLAN trunking, port-channel, STP to extend VLANS from CISCO ASA5580, core Nexus7000 C7018, cisco Nexus5020, Cisco Catalyst 4507, Cisco IPS Sensors, ACE load balancer to customers production servers.
Configuring routing and implementing VRF for each costumer, OSPF, BGP, to distribute routes from costumer networks through Mobily MPLS, Mobily Data centers Core to customers Servers Networks.

Managing and operating CISCO ASA5580, ASA5540 firewalls, software update, licensing. Hardware fail-over, Active/Active Failover.
Configuring virtual firewalls (contexts), for each customer. Applying rules (ACLs) to allow traffic from internet and MPLS segment to customers Servers. Configuring static NAT for Public Servers. And global NAT.
Managing and configuring Management ASA Firewall, for out of band management HDC devices and Mobily different team access to costumers Servers.
Troubleshooting traffic session on cisco ASA, traffic capture, and analyzing Flags and logs to identify issues in connections throw ASA or terminated.
Implementing and troubleshooting IPSec site to site VPN on edge ASR1006 Internet Router for Costumers Production traffic through public Internet.
Implementing and troubleshooting AnyConnect SSL VPNs on ASA 5540 Firewall, for management access to all Customers Servers. Manage SSL AnyConnect connection profiles, Group-Policy, User and Devices authentication.

Cisco ACE4710, managing the appliance, SW upgrading, licenses, implemnting failover, configuring serverfaram, server load balancing policy policy .

Configuring and managing cisco IPS 4270 Intrusion Prevention Sensor Appliances, image recovery, application update, signature update.
Implementing IPS in interface vlan-pair or Promiscuous mode to analyze traffic and customizing IPS operation for Network environment.
Tuning signatures to produce the required alerts and summary, monitoring events and apply action for each signature and global actions, monitoring events and generating attacks reports.

Company industry:
Telecommunications
Job role:
Engineering

Education

University of Science and Technology

June 2006

June 2006

Bachelor's degree, Computer Engineer

Yemen

GPA (point): 3.4 out of 4

GPA (point): 3.4 out of 4

Bachelor, Computer Engineering - Average 3.4 out of 4 Saudi Council of Engineer #115856

Skills

Network Security

Expert

MPLS

Expert

WAN

Expert

IP

Expert

Speaking English fluently and good communication skill

Expert

IP addressing and subnetting

Expert

Network Security and VPNs

Expert

Cisco Routers and Switches configuration and troubleshooting

Expert

Implement VLAN based solution

Expert

WAN configuration and troubleshooting

Expert

Good ability in writing reports and letters (English&Arabic)

Expert

OSPF and EIGRP configuration

Expert

Implementing BGP and Internet connectivity

Expert

Network Security

Expert

MPLS

Expert

WAN

Expert

IP

Expert

Languages

English

Expert

Arabic

Expert

Training and Certifications

Certifications
CISSP Certified Information Systems Security Professional
Mar 2021 - Apr 2024
GIAC Defensible Security Architecture and Engineering ( GDSA )
Sep 2019
CCNP Security
Feb 2013
CCNP R&S
Jan 2012
Palo Alto Networks Certified Network Security Engineer (PCNSE)
Feb 2017
GIAC Certified Intrusion Analyst (GCIA) 12721
Jul 2018
CCIE Routing and Switching (50155)
Sep 2015 - Sep 2019

Training
Palo Alto Firewall: Install, Configure, and Manage & Firewall: Configure Extended Features
palo alto
Feb 2017
Security Essentials Bootcamp
SANS
Nov 2016
Intrusion Detection In-Depth
SANS
Dec 2017
Defensible Security Architecture and Engineering
SANS
Jul 2019