Network Security Consultant
NBN
Total years of experience :20 years, 5 Months
● Security operations & design for infrastructure, Applications, hybrid cloud (IAAS/PAAS) & OSS/BSS.
● Managing security platforms such as Cloudflare (Cache, WAF, Proxy), Palto Alto, FortiGate, TrendMicro, Checkpoint WAF, AWS & VMWare.
● Design, deployment and operations of firewalls which cover architecture, scalability, failover, and access control etc.
● Develop firewall rule sets based on business/technical requirements. Test & Maintain rule sets.
● Firewall vendors include Imperva, Cisco PIX, Checkpoint/F5 and Symantec.
● Participate in BAU Operations, Upgrades, Integration testing, Migrations, Outages, Attack Mitigations, Zero Day Threats, Patching etc. for assigned platforms.
● Looking after enterprise security solutions such as identity management, federation systems, WAF, DBF, DC Firewall, Perimeter Firewalls, Access Management and SIEM.
● Integration of security components with monitoring systems like SPLUNK, New Relic, Cyber Ark and Solar winds.
● Solution design/implementation based on AWS and VMWARE cloud platforms.
● Network & Security architecture design for various internal & external customers of NBN.
● Participate in Security design Policy for all internal NBN IT, Network core and access domains.
● Internal Security Risk Assessment, Compliance and Risk Mitigation.
● Customer Presales, Bid Management, Proposal/Contracts, CRM, Customer Design & Presentations.
● Responsible for vulnerability scans, penetration tests, reporting for core networks, enterprise networks and customer networks.
● Security Risk Assessments for 3rd Parties, Vendors and Suppliers with Procurement.
● Design & installation of security solutions including network firewalls, application firewalls, SIEM, IPS/IDS and sandboxing solutions.
● Assist in budgeting resources, schedules, and costs required for the solutions.
● Microsoft and Google Datacenter security architecture design & planning in Qatar.
● Participation in setup of IBM cloud Infrastructure for offering applications Microsoft CRM, ERP, SharePoint and GIS applications utilizing IBM Storage Systems.
● Operational Meetings, Management Presentations, Customer Meetings, Documentation and reporting for projects.
1. Network Design & Implementation - Datacenter, ISP, Colocation Power/Space, Metro Ethernet, Business VPN, IP Network, OSS, Enterprise Security etc.
2. IP/MPLS network design and support, L2/L3 VPN for banks/large corporate customers over fiber, microwave, wimax etc.
3. DSL/GPON solutions for compounds
4. Documentation: Request For Proposal (RFP), Low Level Design LLD), Request to Purchase (RTP), Purchase Order, Network Readiness for Use, ATP Testing, Solution documents, Test Plans, ROI Calculations, Internet Performance Analysis etc.
5. Engineering Technical support to operations team
6. Planning/PoC for LTE & FTTH
7. Internet Setup (Cache, Load-balancer, Filtering, Firewalls, IPv6, Contention, DPI)
8. Google Global Cache Project
9. Bluecoat cache and filtering project
10. Cisco SCE DPI solution upgrade (collection manager, subscriber manager)
11. Cisco CAR/CNR, CIC, Cisco ACS, Configuration Engine, IP Solution Center etc.
12. Capacity Planning and Lifecycle Management
1. Core network Planning and Design - IP/MPLS network, L2/L3 VPN, Metro Ethernet, Internet Datacenter, ISP Network, IBM Hosted Datacenter
2. Metro Ethernet (10G) rings in Major cities of Pakistan. MPLS POP deployment in over 22 cities
3. GPON/DSL/FTTH integration in the core network
4. Contract Finalization, Project Execution, Core Integration, Vendor Selection, Vendor Scope of Work, UAT
5. Hosted Data Center, Co-Location, IBM Netcool/Tivoli, Network Security, OSS, LDI Voice, IN, Billing etc.
6. Documentation: Network Readiness for Use, ATP Testing, Solution Architecture Documents, customer solution documents, Feasibility Studies
7. Broad hop/SESM portal for internet service authentication using Cisco CAR as AAA. Cisco ISG/SSG for BW throttling. Cisco SCE for monitoring
8. Customer Design testing using MPLS test bed, CPE testing. Customer MPLS solutions, Design owner for MPLS services in the network
9. Design, Service design, Concept Papers, Product Books, SLA Management etc.
1. Network design and implementation for Global VPN infrastructure of Customers i.e. Philip Morris, ANZ Bank, BHP Billiton etc.
2. Managing technology and design for IP MPLS Network providing hosted voice, data, messaging for globally scattered customer network.
3. New MPLS POP planning and deployment in China, Pakistan, Australia and Malaysia
4. Customer presales & post sales consultancy - Solutions based on vendors Juniper, Cisco, Radcom, Alteon, PIX.
5. Customer CoS/ QoS definition and SLA management
1. Core Network design & Implementation (EDN/Routed Data Network/IMS Net/Switched Data Network) and Internet Data Center.
2. EDN network infrastructure upgrade in over 50 multi-story buildings of Telstra.
3. Equipment includes Juniper M320, T640 and J series routers, Netscreen firewalls. Cisco GSR, 10k, 7600,
4. 7200 and smaller router. Switches include 8500, 6500, 4500 and smaller switches.
5. Management overlay network IMSNet design and provisioning ownership for new platforms.
6. Capacity planning and management utilizing MRTG, Netflow, Cacti graphs and Cisco Works for core links.
7. Network Management - HP Open view, Netcool etc.
8. IBM Internet Data Center design and support. Power, Network and storage management. Network design, BW planning and network security.
9. Change management using Telstra CIP (Change Implementation Plan) and iTAM. Outage Management
10. Installation Planning. Configuration management. Six Sigma processes.
11. Telstra managed IP network based on Cisco Call Manager and Unity. IMS Solution
12. Telstra IP Telephony Testing: Network testing, Platform (Proof of concept) testing
13. VoIP CPE User Acceptance Testing, Applications Features Testing etc.
14. Prepare test environment specifications, Write Test cases & plans and Test execution in Mercury Test Director and HP Quality Center
● Certified Ethical Hacker certification (CEH) ● Certified Information Security Manager (CISM) ● Palo Alto Certified Network Security Engineer (PCNSE) ● Fortinet Network Security Expert (NSE), ● AWS Certified Solution Architect (AWS), ● Microsoft certified Azure Fundamentals, ● Juniper Network Certified Internet Expert (JNCIS) ● Cisco Certified Internetwork Expert CCIE (R/S Written), ● Cisco certified network associate (CCNA), ● Cisco Voice over IP (CVOICE) ● IT Infrastructure Library (ITIL v3) Certification, ● Projects in Controlled Environments Certification (Prince2), ● Agile Scrum master Certification (ASM) ● Certified Network Security Specialist (CNSS)