Security PS Team Leader-CCIE 53935
Equinox
Total years of experience :14 years, 3 Months
Lead and develop security PS team in resolving issues, achieving positive results and extra miles. Work with executive and management to develop company security profiles and partnerships. Keep abreast of the requirements of our clients and regulated environments. Plan, design, configure, and implement enterprises, security solutions and integrations. Evaluate, recommend new security products and services as well as maintain knowledge of emerging technologies for security to the clients. Coordinate with other teams (Presales, Sales and PM) to deliver projects successfully and expand other real opportunities with customers. Act as a security solution architect or technical manager on some of critical mega projects.
- Troubleshooting and resolving high complexity customer faults on ( Juniper Firewall SRX - Checkpoint
firewall - Bluecoat proxy - F5 BIGIP - Zscaler - Fortinet UTMs - Cisco IronPort, ASA, router & switch).
- Perform solution releases by authorizing, validating (changes, upgrades, updates, patches and
migrations) and implementing them.
- Perform service changes by assessing risk and implementing requests reported within the agreed
Change Management process through Orange Change tools.
- Resolve service problems by performing root cause analysis and designing action plans for unknown
errors reported through: Problem Management Dashboard.
- Manage customer (internal and external) complains and provide them with regular updates as per each
of the service support processes.
- Implement multi-vendor NGFW/IPS (Cisco, Sourcefire, Palo Alto, Fortinet, McAfee Sidewinder).
- Implement Cisco Web Security Appliance (Ironport) with WCCP and PAC files.
- Implement variety of VPNs (S2S, DMVPN, EzVPN, SSL client) on Cisco routers and ASA.
- Deploy management/control plane security features (CoPP/Cppr/quing-threshould/uRPF).
- Deploy switches security features (DAI/DHCP snooping/IP source guard/BPDU guard/port security/VLAN
hopping).
- Administrate Entrust Identity Guard (Authentication and Identity Management Platform).
- Administrate Cisco ISE, NAC and ACS.
- Administrate Nessus Vulnerability Scanner.
- Administrate load-balancing systems (F5 LTM, Cisco ACE).
- Provide security guidance and drive infrastructure decisions in collaboration with other teams
- Analyze and review vulnerability assessment, penetration test reports and fix security vulnerabilities.
- Enforcing the network security policies and complying with requirements of external security audits and
recommendations such as PCI and ISO.
- Execute and fix corporate and external customers changes and service requests.
- Communicate with vendors (Cisco, Palo Alto, Fortinet, etc...) TAC engineers to solve advanced cases.
- Deliver demos and PoCs design and demonstration for customers .
- Prepare solution documentations for knowledge transfer to the operation team.
- Assess the requirements and develop action plans for accomplishing company goals through
appropriate technical solutions.
- Implement, configure, and support all enterprise network routers and switches.
- Administrate IP address schemes and their assignment to network equipment.
- Propose and implement network enhancements to optimize network operation and availability.
- Develop and participate in disaster recovery planning and business continuity practices.
- Assist in planning and implementation of major modifications in the network.
- Meet with service providers (ISPs) to maintain all services SLAs.
- Document network changes and update diagrams accordingly.
- Perform the necessary upgrade for Cisco routers and switches.
- Monitor Network (LAN/WAN) performance and performs emergency and scheduled maintenance to
maintain its function operates properly.
- Analyze and diagnose repeated issues and take the required actions to eliminate the root cause.
- Implement site-to-site VPNs (IPSec over GRE tunnel, GET-VPN).
- Troubleshoot network issues of Vlans, HSRP, Ether channels, ACL, AAA, NAT, PBR, VPN and routing
protocols EIGRP, OSPF & BGP.
- Configure SNMP and Net-flow over all network devices.
- Update the database of monitoring systems and backup the configuration of network devices
periodically.
- I had successfully participated in Made In Egypt (MIE) competition with my graduation project (GPS tracking with indoor capability) and passed all its phases on its fourth round for the year 2008 – 2009.