Senior Solutions Architect
Etisalat
Total years of experience :26 years, 9 Months
- Member of the Change Advisory Board (CAB) for reviewing change requests impacting IT systems.
- Reviewing all IT budget and technology architectures' and performing analysis with corresponding teams.
- Reviewing architecture of billing and charging systems and introducing performance and cost optimizations.
- Contribution to several RFP documents and evaluating responses for GSM equipments & hardware like SMSCs.
- Performing capacity planning for all IT systems serving HR, Finance, IN, Engineering, Sales, Marketing, and IT.
- Information security assessment.
- Design & review of the NBD's DC, HQ, and branches security measures.
- Pinpointing & hardening of the core banking application platform.
- Design & presentation for Atheeb's 3 data centers' security and systems in Riaydh, Jeddah, and Dammam. Based on Secure Computing, Juniper, and Foundry boxes. Atheeb is Saudi Arabia's 3rd Data Service Provider (DSP).
- Operation and support for Saudi Telecom Company's (STC) Security Operation Centre (SOC) and several Saudi banks which is composed of Secure Computing's CyberGuard TSP & SideWinder firewalls, WebWasher URL & content filtering, and IronMail anti-Spam systems.
- Managed 4 teams, 26+ members, of IT operations, information security, infrastructure, and call call center.
- Run & supervised a GRE tunnel between Avaya's IP PBX and some access servers for PBX off-loading.
- Run & secured TE Data's point of sales joint-venture project with TE's exchanges, and Olympic Group's B-Tech.
- Deployed an IPSec VPN platform with PSK keys in a site-to-site setup for use with vendors and other corporates.
- Deployed a transparent anti spam/virus SMTP gateway with false-positives near zero, detection accuracy ~ 98%.
- Deployed company's IM Jabber-based system supporting Yahoo, MSN, GTalk, soft phones, and conferencing.
- Secured the ADSL configuration & redirection project.
- Run & secured BlackBerry push email service for top management.
- Improved voice quality by creating multiple voice VLANs instead of the common single voice VLAN deployments.
- Run a new branch with 150+ employees over WiFi, 802.1x, and PEAP over WiMax load balanced with copper link.
- Deployed a pass-through web content filter with categorization which greatly raised the security level.
- Deployed a wired roaming facility for HQ employees using 802.1x with RADIUS, PEAP, and ADS credentials.
- Deployed WiFi access for HQ with 802.1x and PEAP with MSCHAPv2 and MS' ADS credentials.
- Deployed a password notifier through email for employees outside the premises with a URL for changing password.
- Secured TE Data's attendance system using RFID cards, and bio-authentication finger printing with SQL backend.
- Secured the billing system running on Apache, Tomcat, PHP, .NET, Java, MSSQL, PostgreSQL, MySQL, and Oracle.
- Initiated the establishment of the Information Security and MIS' data center with latest security measures.
- Secured TE Data's initial VoIP call center from Wicom. A Windows based VoIP PBX and call center.
- Integrated all of TE Data's 7 branches, and 20 CSOs over a solid SSL/TLS VPN.
- Deployed corporate SSL/TLS VPN with X.509 certificates & MS' ADS credentials.
- Secured Oracle Financial, Oracle HR, and Tivoli management and monitoring systems.
- Secured MS' network which is composed of ADS Dcs, SMS, WSUS, SPS, and Exchange 2003.
- Secured ART's FIFA '06 world cup streaming joint-venture setup of the master streaming, and license servers.
- Built an automatically detectable web proxy based on WPAD facility and DHCP option 252.
- Secured TE Data's credit card gateway for e-payment with credit cards through Banque Misr's e-payment gateway.
- Deployed a DNS proxy as an acceleration and isolation layer between clients, local DNS, and Internet DNS servers.
- Deployed RIP v2 protocol among 5 gateways using Multicast with source authenticity using MD5 digests.
- Deployed several LAN security measures which ranged from port security measures to storm controls.
- Deployed MS' Exchange 2003 & OWA using NLB, and SAN storage for backend servers with firewall in between.
- Secured Cisco's IPT, and Avaya's IPT & CCE which is distributed among HQ, 7 branches, and 30+ CSOs.
- Deployed a Layer-7 P2P traffic filter. This increased the protection level and also reduced international bandwidth.
- Automated Cisco & Avaya's voice VLAN assignment with DHCP. Also deployed PXE server for RHEL installations.
- Designed and Deployed a highly-available LDAP directory service with multi-master support.
- Setup of TE Data's Jordan branch. A setup for a mini ISP plus technical training.
- Deployed TE Data's broadband SOAP web services using NuSoap implementation.
- Deployed TE Data & Vodafone's SkyPass authentication and billing system in PHP with support of auto-sensing.
- Migrated old qmail-ldap server into a cluster for high availability and high capacity which consisted of 6 nodes.
- Deployed the Egyptian Meteorological Authority's qmail-ldap server with a local LDAP directory plus training.
- Deployed Gomhuria's Thanawya A'amma results clustered and highly available website on years 2002 to 2004.
- Deployed webmail sites of Seven7s, TE, and TE Data using IMP and also reduced LDAP queries to 1 per session.
- Developed a prepaid billing plugin for SkyPass access in Cairo ICT 2004 / 2005 to disconnect customers.
- Developed tools in C with shell scripts' wrappers for daily system administration with staff training.
- Deployed and administered TE Data's ADSL resellers' forum using the phpBB bulletin board system.
- Developed PHP scripts for analyzing and reporting accounting information from Cistron & freeRADIUS.
- Developed an LDAP replication using OpenLDAP which consisted of both an LDAP master and a slave.
- Configured Linux servers like Sendmail, qmail, NTP, Apache, BIND, MRTG, MySQL, LDAP, and freeRADIUS.
- Deployed the email system of free-Internet project on Jan 2002 from from Sendmail to qmail-ldap with maildir.
- Troubleshooted customers’ dialup problems on phone or on site.
- Configured LAN modems, Analogue / ISDN modems, proxy servers, and firewalls.
- Instructed C and Java languages.
•Deployed the e-Government project of MCIT (Ministry of Communications & Information Technology) (http://www.mcitel.gov.eg). The project was firewall-protected by the Microsoft ISA 2000 firewall and composed of two web servers clustered with a Microsoft SQL 2000 back-end in a DMZ.
- Setup and operation of a high-speed video tracking system from Mil-Spec, USA & Hadland, UK.
- Brought focus on use of computer-aided applications, trained personnel, and developed a monthly pay-roll sheet.
- Troubleshooted customers’ dialup problems on phone or on site.
- Configured LAN modems, Analogue / ISDN modems, proxy servers, and firewalls.
- Instructed C and Java languages.
-Designed the AS/400 ODBC Arabic-Translation DLL in C. Responsible for the overall product design, including the user interface of the accompanying Control Panel program to change settings on the fly.
Graduated with degree of Good, 74.9% Electronics & Communication Engineering Dept. Computer and Control section Cairo University Facult of Engineering
