Senior Network Security Engineer
Saudi Arabian monetary agency (Central bank of
Total years of experience :15 years, 6 Months
• Implementing and configuring Access Rules, Nat Rules on the Juniper Firewall for the internet facing applications
• Configuring Site-to-Site VPN on the Juniper firewalls depending upon the needs & requirement
• Implementing and configuring Access policies, on the Fortigate Firewall for the new requirement
• Configuring, troubleshooting any routing issues in the DMZ.
• Troubleshooting the configured policies, VPN and investigating & analyzing the logs to resolve the issue
• Upgrade the firewalls to keep up with security patches, new vulnerabilities and bug fixes.
• Load balancing the application’s and frontend Servers with Virtual servers on F5 BIG-IP LTM according to the needs & requirement
• Assess security needs and choose an appropriate F5 ASM security policy methodology
• Apply F5 ASM Security policies for the custom in-house developed application’s and customize it
• Determine the appropriate criteria for initial policy definition based on application requirements
• Updating attack signatures on F5 Big-ip ASM and updating the F5 Big-ip with latest hotfixes.
• Deployed F5 Big-Ip APM for remote access to various resources via SSL VPN and integrated RSA authentication Manager for second factor authentication.
• Deployed & Published many application like OWA etc… with F5 BIG-IP APM
• Administering, configuring, troubleshooting RSA Authentication Manager and assigning tokens to the new VPN user when required.
• Investigating Root-cause based on the dump files extracted from the devices deployed in the network.
• Provisioning new BGP, L2vpn, L3vpn connections for the customers.
• Performing preliminary acceptance test and integrate the newly added routers and switches to the network.
• Troubleshooting network issues like congestion, Routing issues etc
• Identifying the irrelevant configurations and cleaning up of the routers.
• Troubleshoot the tickets related to Customer issues (l2vpn, l3vpn, DIA) etc.
• Performing the Change managements to perform software, hardware, and design changes with the network elements.
• Troubleshooting and managing issues with Juniper T640, M320, MX960, MX480 and MX240 core routers etc
• To maintain the uptime of the network of the organisation and resolve the critical issues related to LAN &WAN.
• Implemented Cisco IOS firewall & IPS(Intrusion Prevention System)
• Troubleshooting any reported problems.
• Upgraded the Head-office network with Cisco ASA firewall & implemented routing and firewall rules on the Cisco ASA Firewall.
• Responsible for managing western region of network (ie. includes cisco routers, switches, ASA Firewall).
• Implemented IPsec site-site Vpn across the branches.
• Configured NAT to allow Web applications and Web servers to be available through the public network.