Senior Network Security Engineer / Team Lead
ELM
Total years of experience :27 years, 7 Months
Key Responsibilities and Deliverables
• Managing Network & Security Infrastructure of ELM Data Center and NIC (National Information Center
• Providing managed services of roll out, infrastructure readiness & Security Implementation and O & M of customer sites and network services
• Maintaining services’ availability to 99.9% and complying to Operational SLA
• Optimization of Network security systems to guarantee smooth and reliable operations
• Carry out day-to-day tasks like Service Request approvals, implementations of Service Requests, addressing critical P1 tickets, ensuring meeting the SLAs in closing the P1 tickets.
• Planning and executing IOS/ Firmware upgrades for critical devices like Nexus 7K, 5K, 6500/4500 Series Switches, ASA/ Palo Alto/ Fortinet /Juniper Firewalls, Cisco Routers, ACS/Bluecoat/ Iron Port Appliances.
• Lead the team to deliver on committed goals and KPIs
• Learnt the art of coaching and delegation to direct reports to increase productivity
• Conflict management and ensuring harmony within the department
Presales Functions
• Presiding over the presales, design, troubleshoot and implementation of the Enterprise Networks for various customers (Banks, Universities, Government Organizations, Petro Chemical Industries, Health Care Organizations etc.)
• Driving the project from Designing phase > Implementation phase > Operational phase.
• Staging, Implementing, and managing the proposed network solutions to various customers (Includes Multi-Vendor Firewalls, Nexus Switches, Cisco Catalyst Switches, Routers, Email Gateways, WAAS, F5 /Netscaler Load Balancers, ISE, Wireless etc.)
• Develop High Level Design (HLD), Low Level Design (LLD), Network Implementation Plan & Detailed Technical specification (DTS) documents
• Presenting various technical presentation to customers
Technical Projects
Design and Implementation of Cloud ready Data Center
Design of Cloud based Datacenter having mix of Cisco ASA 5585-X, ASA 5555, N7k, N5k, N2k, and N1000v, Source Fire NGIDP, Fortinet Firewall, Palo Alto Firewall, Iron Port Email gateway, Blue Coat Proxy SG,
Design includes
Context based active-active configurations of ASA 5585-x and ASA 5555
VDC, VRF-Lite, VPC configurations on N7k, FCOE based setup of N5k
Layer-3 connectivity of N1k through Appliance, Port profiles and security Architecture for Virtualization
Successful Implementation of Network services for HAFIZ for Ministry of Labor
Network Solution and security design & implementation of ELM’s most secure and successful hosted Data Center web service for Ministry of Labor, HAFIZ.
• Design and deployed cloud ready infrastructure to incorporate ELM cloud initiative from which MaaS and SaaS were successfully launched for high value governmental organizations
• Publishing ELM Internet services via multiple ISPs. (BGP Multi-homing) to ensure committed availability of 99.99%. Strategic project removing dependency of ELM production services from a single ISP
• Design of ELM Secure WAN Cloud (DMVPN technology) to interconnect customers and corporate sites to ELM datacenters.
• Leading and direct the Network and Infrastructure Section of King Fahad Specialist Hospital (KFSHD)
• Responsible for design, management an Implementation of the IT Infrastructure environment for the premises, data center, network and systems
• Leading the Network and Infrastructure Section team comprises of Security, LAN, Wireless and Data Center team in implementing KFSHD IT standards, framework and strategy as required, operates and utilizes all systems to support business application and systems
• Collaborating with the organization's technical and non-technical teams to bridge the gap between business and technology issues and advises both sides on how to address best practices and technical possibilities
• Establishes key performance indicators and service level agreements as part of a continuous improvement program
• Influences senior level business owners and end users through change management initiatives, ensuring that professional standards are maintained
• Manages the IT Infrastructure budget, identifying and selecting new products, services, and technologies
• Builds and maintains relationships with Infrastructure vendors
• Conducts performance reviews of team members and gives them feedback, as well as making promotion recommendations or salary increases if and when applicable.
• Lead Architect for the design, operation, configuration and installation of the King Fahad Specialist Hospital Campus Network with following Devices
o Cisco ASA Firewalls, Cisco Load balances, Cisco Email Gateways, Blue Coat proxy SG servers, VPN, Nexus 7000 Core Switches, Cisco 6500 Series Distribution and Aggregation Switches, Cisco Wireless Controllers, Cisco IPS, Cisco Digital Media Signage, Cisco Web Ex etc.
• Work alongside executive management (CIO) in creating and implementing operating plans, infrastructure budget, and strategies
o Provide vision and direction in terms of technology trends and developments especially for upcoming new medical city King Khaled Medical City (www.kkmc.med.sa)
• Draft IT security policies and procedures and ensure that policies and procedures are incorporation with local regulatory bodies and major health regulatory bodies like JCI, CAP etc.
• Evaluate technical proposals and select vendors to carry out projects including upgrades to the disaster recovery data center and network infrastructure
Key Achievements:
• Project Manager for “Network Infrastructure Upgrade Project” which comprised of four phases covering areas such as Data Center Virtualization, Network Security, Network Monitoring, Campus LAN, Campus Wireless, Servers Upgrade, SAN, DMS, Web Ex, Blue Coat, Email Security and Archiving
• Lead architect for the following:
o Network infrastructure design and development, Data center design and management, LAN/WAN, Wireless, VPN, Firewalls, DMS, Web EX and Telepresence
• Designed a Tier 3 Data Center (in coordination with AECOM) for an upcoming new Medical City (www.kkmc.med.sa)
• Successfully led high level projects with total responsibility from commencement through to implementation:
o Designed, implemented and managed KFSH Data Center Network and Campus Network Comprises of Cisco Nexus 7010, Nexus 5000, Nexus 2000, Cisco Catalyst 6500 Series Switches and Cisco 3750 E Series Switches.
o Designed, implemented and managed Blue Coat SG proxy including polices
o Designed and implemented Network Security solutions comprised of Cisco ASA firewalls, IPS and WAF for both internal and external network
o Designed, implemented and managed NAC solutions for KFSH for over 3000 users
• Currently working on design of Disaster Recovery Center for King Fahad Specialist Hospital
• Project Manager and Lead Auditor for ISO 27001:2005 Project
o Led the ISO:27001 project and was successful in attaining ISO 27001,
Al Khaleej Computers and Electronics Systems, Dammam, Saudi Arabia November 2001 - May 2012
Leading high-end IT service provider offering services including System Integration, Software Development, IT Operation & Maintenance and Technical Support.
Senior Network Engineer: (August 2004 - May 2012)
* Appointed to design, build and operate a Field Data Center and Network Infrastructure (including both wireless and wired network) at the King Fahad Specialist Hospital, Dammam
* Implemented the network infrastructure upgrade project with three phases comprising of data center expansion based on TIA 942 standards, enterprise campus network upgrade and enterprise edge upgrade
* Selected as the Practice Solution Leader for Data Centre Optimisation Services
o Delivered data center strategic planning, design and deployment solutions
* Involved in the HIS implementation and New Network Infrastructure
* Documented the network using Microsoft Visio
* Analysed and monitored the network using NMS software's including:
o Cisco LMS 3.2, Cisco Works Common Services 2.2, OP Manager, Net flow analyzer, Device Expert, Firewall Analyzer, Solar Winds What's up Gold and HP Procurve Manager
Key Achievements:
* Spearheaded the migration of the old data center network to the new enterprise campus network
o Successfully migrated the old network to the new network with less than 2 minutes of downtime
* Effectively implemented/administered an Access Control System (ACS 5and 4) across the KFSH Campus Network
* Involved in the design, configuration and execution of the following major projects:
o KFHS Campus LAN
> Cisco 6513 Series Switches used as Core Switches, and Cisco 3560 and 3550 as Edge Switches along with IP address scheme, VLAN design, and redundant network.
o Enterprise Edge Solution Project
> Provided Service Provider Edge, Corporate Access and DMZ, Remote Access and edge distribution to KFSH users and partners for remote support
o Enterprise Campus Network Upgrade Project
> Data center aggregation and service layer with Nexus 7010 switches with 4 VDC acting as campus core and data center aggregation switches, Server Farm Switches comprises of Nexus 5020 and Nexus 2148 Switches
o Campus Distribution Network
> 6500 E Series Switches as Distribution and Cisco 3750-E Stacked Switches as Access Layer Switches
o IP Address Scheme for the entire network
> VLANS for each closet to support both voice and data traffic, QOS for voice traffic all over campus network.
o Wireless Network Redesign
> Transfer from IOS Access points to an LWAPP centralised solution based on Cisco WiSM in conjunction with Cisco Aironet Access points (1250 Series) and Cisco Wireless Control System to provide the complete wireless coverage for KFSH campus
* Deputation at Saudi Customs Information Center, Ministry of Finance
o Assigned to oversee the administration, design, management and support for WAN / LAN Devices, Fiber Connectivity, Lease Lines, and Dial Up Connectivity for 36 remote sites of Saudi Customs located across Kingdom of Saudi Arabia
* Administered Workgroup Switches such as Cisco 3550, 3500, 2900, 1900 Series, Bay Stack 303, 350, 450, Fore Systems ES 2810, 3810 Series, Acton 3500 Series, 3com Smart Stack
* Managed the Windows DHCP and monitored all network circuits and specific HQ hosts through CNS, What’s up Gold, Cisco Works
* Managed the Router & Switch Configurations / Access Lists
o Maintained router and switch configurations
Key Achievements:
* Migrated the Network from Novel Netware to Windows 2003
o Migrated non Cisco Network Equipment’s into Cisco Networking Devices
* Resolved the problem created by the blaster virus by using IP cache flow to detect the infected machines
* Selected to be part of building the Data Center at Jeddah Islamic Seaport for Saudi Customs, the biggest seaport of Saudi Arabia
* Delivered VoIP configuration for all remote sites using a 3640 series router using voice cards
o Handled the configuration and management of Cisco Backbone Switches (6500, 4000 Series) Fore Systems ASX 1000 and 200 Series, Foundry Big Iron 8000, 4000 Series, Cabletron 8600 Series (Smart Switch Router) Nortel Accelar 1200 series, etc.
Managed various LAN projects across Kingdom of Saudi Arabia.
Handled the design, implementation and setup of large customer networks, such as Saudi Telecom, Ministry of Commerce, HP, Titan, Ernst & Young, with servers, switches, modems, structured cabling systems (Lucent), and Wireless LAN (Lucent Orinoco).
Involved in the logical, performance and physical audits of existing networks.
Designed the new customer network and upgraded the existing ones.
Reviewed, analyzed and resolved difficult problems at local and remote sites.
Rendered effective on-site project management and technical support.
Travelled across Kingdom of Saudi Arabia to implement & install new projects.
Attainments:
Relocated the Data Centre of Ernst and Young to the new location with downtime of 8 hours
Handled the Saudi Telecom network upgrade project kingdom wide.
* Installed, managed and operated online and Offline UPS systems for Computers Systems
* Involved in design and installation of UTP cabling