Security Technical Support
Resume:
Muhammad Ausaf Ali
Yousaf
NETWORK SECURITY ARCHITECT/CONSULTANT/INSTRUCTOR
+ OBJECTIVE
To work in a vying and challenging backdrop that can brush up my skills and knowledge and at the same time apply my present prowess for the amelioration of the organization giving me the opportunity to complement my expertise and dexterity for venturing further into networking
+ CONTACT
Address House # 1030, Sarhad Street, Gulberg III, Peshawar
KPK(NWFP)
Pakistan.
Telephone +92-091-****-*** +92-033***-*****
Email ****************@*******.***
Nationality Pakistani
Date of birth November 16, 1988
Gender Male
+ EXPERIENCES
Internetwork Experts
https://ine.com/
Role: Remote Author
Time Frame: 29 April 2016 -Present
Courses:
Juniper Network Certified Internetwork Expert – Security (JNCIE-SEC) https://ine.com/collections/juniper/products/jncie-sec-advanced- technology-course-jpr-932
Juniper Network Certified Internetwork Professional – Security (JNCIP- SEC) To be released soon.
Big Horn Networks
http://muhammad201333
1.wixsite.com/mysite3
Role: Network Security Consultant
Time Frame: 24 June 2016 -Present
Projects:
Deployment of a full scale Enterprise Solution in VMWare ESXi utilizing the follwowing equipemnt:
Dell Poweredge R810 using Dell iDRAC 7.x
Juniper Firefly Perimeter (x50)
Juniper vSRX (x2)
Various OS (Windows, Linux)
Private CA Server (Windows Server 2012 R2 Root CA) Muhammad Ausaf Ali Yousaf curriculum vitae – Page 1 of 9
Active Directory Server (Windows Server 2012 R2)
NDES (Windows Server 2012 R2)
Splunk
Cacti
Deployemnt of a full scale Security Solution using Juniper's approved methodology (PBO) in a company owned KVM Server utilizing the following equipment:
Juniper SRX 210 HE2 (x2)
Juniper SRX 1500 (x8)
Juniper JSA VM
Junos Space VM
Juniper Log Collector
Juniper Log Director
Junos Space Security Director
Sky Advanced Threat Protection
Juniper Policy Enforcer
Juniper vSRX (x25)
Geotechnical
Consultancy Services
Role: Network Security Architect
Department: IT-Security
Time Frame: 31 March 2013 -Present
Responsibilities:
Enhancing security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
Determining security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
Planning security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
Implementing security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
Verifiing security systems by developing and implementing test scripts.
Hail Mary Attacks
Kali Linux/Backtrack Pen testing (Begineer Level)
Maintaining security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
Upgrading security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements. Muhammad Ausaf Ali Yousaf curriculum vitae – Page 2 of 9
Preparing system security reports by collecting, analyzing, and summarizing data and trends.
Updating job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
Enhancing department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
Virtuilizing full company physical infrastructure to fully virtuilized DC.
Upgrading previous BYOD solution to new Juniper's approved Software Defined Secure Network (SDSN ) Architecture
Geotechnical
Consultancy Services
Role: Network Security Engineer
Department: IT-Security
Time Frame: 31 March 2010 -31 March 2013
Responsibilities:
Implement a structured Network Lifecycle Management approach
Plan
Asses
Liaise between other GCS network and security
engineers/groups, Local Exchange Carrier groups,
vendor/partners, and Advanced Technical Support, and customer teams to gather information about current and future security requirements.
Analyze and recommend different sorts of architectural networking system, assessment of hardware and software related problem and resolve issues.
Design
Design new environments to meet PCI, HIPAA, and SOX compliance
Development of the high-level architectural design as well as low-level detailed design of network devices,
configurations, and interconnections
Project planning, including detailing of responsibilities, timelines, and dependencies
Design, configure, implement and maintain all security platforms and their associated software, such as routers, switches, firewalls, intrusion detection/intrusion prevention, anti-virus, cryptography systems, SIEM, Anti-SPAM, and MDM.
Design and implemnet a full BYOD model including:
User Role Firewall
Intergarted User Role Firewall
Juniper Access Control (UAC 4.3+ VM/Physical Device)
Design and review an ongoing assessment of firewall, intrusion detection/intrusion prevention, SIEM, VPN, SSL, application control, Antivirus, and other network component Muhammad Ausaf Ali Yousaf curriculum vitae – Page 3 of 9 policies.
Ensure network security best practices are implemented through auditing: router, switch, firewall configurations, change control, and monitoring
Formulate systems and methodologies as well as respond to security related events and assist in remediation efforts
Coordinate, and monitor log analysis for our managed services offerings, to ensure customer policy and security requirements are met
Follow project management methodology and demonstrate best-practices in network documentation as required
Design a full Microsoft Windows Server 2008 Active Directory Environment for Kerberos Authentication of major security domains (VPN, Client, Windows Environment, Guest Access etc.
Evaluate security process on processing units and facilitate growth oriented program.
Design security strategy in sphere of new networking fields.
Prepare designs for improvement of network detection tools.
Determine engineering needs and recommend appropriate changes for proposals.
Participate in configuration and management program to install updated security tools.
Puppet (Beginner Level)
Chef (Beginner Level)
Build
Deploy
Cisco
Routers
Branch-Cisco 800 Series Routers
819
881
Branch-Cisco 4000 ISR Series Routers
4221
4321
WAN Aggregation-Cisco ASR 1000 Series
ASR 1004
ASR-1001-HX
Cisco IOSvL3
Muhammad Ausaf Ali Yousaf curriculum vitae – Page 4 of 9
Switches
Cisco Catalyst 3750 Series
WS-C3750-24FS-S
WS-C3750V2-48TS-S
Cisco catalyst 3650 Series
3650-48FQM
Cisco Catalyst 3850 Series
3850-24U
3850-48U
Cisco Catalyst 2960 X/XR Series
WS-C2960X-48FPD-L
WS-C2960X-48LPD-L
Cisco Catalyst 2960-L with 8 or 16 ports
Cisco IOSvL2
Arista
7010T
7010T-48
Juniper
Enterprise Switches
EX4200
Data Center Switches
QFX10000
vQFX
Firewalls
Juniper SRX 110
Juniper SRX 210 HE2
Juniper SRX 240 HE2
Juniper SRX 1500
Juniper SRX 5800
Firefly Perimeter
vSRX
Configure
Routers
Branch-Cisco 800 Series Routers
812
819
881
Branch-Cisco 4000 ISR Series Routers
4221
4321
WAN Aggregation-Cisco ASR 1000 Series
Muhammad Ausaf Ali Yousaf curriculum vitae – Page 5 of 9
ASR 1004
ASR-1001-HX
Cisco IOSvL3
Switches
Cisco Catalyst 3750 Series
WS-C3750-24FS-S
WS-C3750V2-48TS-S
Cisco catalyst 3650 Series
3650-48FQM
Cisco Catalyst 3850 Series
3850-24U
3850-48U
Cisco Catalyst 2960 X/XR Series
WS-C2960X-48FPD-L
WS-C2960X-48LPD-L
Cisco Catalyst 2960-L with 8 or 16 ports
Cisco IOSvL2
Arista
7010T
7010T-48
vEOS
Juniper
Enterprise Switches
EX4200
Data Center Switches
QFX10000
vQFX
Firewalls
Juniper SRX 110
Juniper SRX 210 HE2
Juniper SRX 240 HE2
Juniper SRX 1500
Juniper SRX 5800
Firefly Perimeter
vSRX
Upgrade
Juniper
Junos OS 12.x to Junos OS 15.x (In service)
Cisco IOS
Muhammad Ausaf Ali Yousaf curriculum vitae – Page 6 of 9
IOS 12.x to IOS 15.x (ISSU)
ASA Pre-8.3 to ASA 9.x (ISSU HA Upgrade include)
Operate
Troubleshoot
Provide technical support to enhance proper device controlling systems.
Provide technical support to log aggregation set-up and assist in all response measures.
Provide operational backup round the clock.
Manage and resolve networking issues at time of problem detection.
Monitor
Cacti
Splunk
PRTG
Juniper Secure Analytics (JSA)
vistumbler
Alcatel-Lucent Pakistan Role: Internee
Departement: NMS CMPak
Time Frame: June 1, 2009-July 17, 2009
Responsibilities:
Associate with an engineering team responsible for on-site/off-site management of different Mobile company networks e.g Ufone, Mobilink, Zong, Telenor etc.
Data Center day-to-day ioperations such as:
Test Framework Operation
Test Automation
Test Manintenance
On-site RF Antenna installation with special focus on:
Different Antenna Types
Purposes of Anntena Types
Report about SDH/PDH Networks and Mobile Networks Architecture. Schlumberger Seaco.
Inc.
Role: Internee
Department: Wireline
Time Frame: Jun 17, 2008-July 29, 2008
Responsibilities:
Gain first-hand knowledge about:
Wire-line Equipment
Pulleys and associated equipment for inserting sonde's into oil rigs for survey purposes
Details of sonde types and methods on how to operate different Muhammad Ausaf Ali Yousaf curriculum vitae – Page 7 of 9 kinds of sondes.
Associate Schlumberger IT team for the purpose of seeing and learning how data from the site is fed into Schlumberger Branch offices and head offices for SME's advice and further advice(if needed) from different consultants around the world.
Report and presentation on Wire-line Equipment and procedures for common Wire-line tasks to Wire-line Operations Manager.
+ EDUCATION
6 March 2017-6 March
2020
Juniper Networks
Juniper Network Certified Design Specialist, Security (JNCDS-SEC) https://www.youracclaim.com/badges/a8272d34-8665-4571-b695-0be11d927682 23 March 2016-23 March
2019
Juniper Networks
Juniper Networks Certified Internetwork Expert, Security JNCIE-Sec # 256
https://www.youracclaim.com/badges/448e47fa-4951-4c3f-9003-10d897d3e2d2 21 March 2015-21 March
2019
Cisco Systems Inc.
Cisco Certified Internetwork Expert – Routing and Switching v5.1 CCIE R&S # 47638
https://www.youracclaim.com/badges/53484629-cc71-4b84-b5a1-7042619b1a5e 7 April 2014 - Present
Microsoft Corporation
Microsoft Certified Soltuion Expert: Server Infrastructure 2004 - 2006
EDWARDES COLLEGE
Advanced GNVQ/A-Level-Highest Distinction
Pre-Engineering (Mathmetics, Physics, Chemistry)
+ LANGUAGES
Mother tongue Urdu, English
+ IT PROFESSIONAL SKILLS
Operating systems UNIX, Linux, Windows 95 –10, Android System development C, C++, Visual C, Java, UNIX
Cisco Technologies MAC, L2 MTU, errdisable, CDP,LLDP,UDLD, access, trunk, VLAN (native, extended,voice),VTP(v1,v2.v3,Pruning),LACP,PagP,PVST+/RPVST+/MST, port fast, BPDUguard, BPDUfilter, loopguard, rootguard,SPAN, RSPAN, ERSPAN, IGMPv1, IGMPv2, IGMPv3, HDLC, PPP[PAP, CHAP], PPPoE, MLPPP, wireshark trace analyzer, VLSM, ARP, Ipv6 (EUI-64, ND, RS/RA, Autoconfig/SLAAC, PIM dense mode, sparse mode, sparse- dense mode, Static RP, auto-RP, BSR, BiDir, Intra-domain MSDP
[anycast RP], VRF lite, RIP v2, EIGRP [for IPv4 and Ipv6], OSPF [v2 and v3], BGP, MPLS (L3VPN, CE, PE, P), GRE, dGRE, DMVPN [single hub], IPsec with preshared key/CA, IOS AAA, VACL, PACL, DHCP snooping, P source-guard, Dynamic ARP inspection, Port-security, Private VLAN, uRPF,telnet, HTTP, HTTPS, SSH, SCP, [T]FTP, SNMP(v2c, v3), logging,QoS, NBAR, WRED,HSRP, GLBP, VRRP, Static NAT, dynamic NAT, policy-based NAT, PAT, NAT ALG, IP SLA (ICMP, UDP, jitter, VoIP), Netflow v5, v9, EEM
Juniper Technologies IMPLS, inet6, Packet/Flow-based, HA Clustering (A/A, A/P), Security Polices, ALGs,Authorization, Schdulers,Logging, UTM (Anti-virus/Web filtering/Anti-Spam/Content Filtering), IPSec VPNs (mplementation of IPSec VPNs, Multipoint tunnels, Policy-based VPNs, Route-based VPNs, Traffic selectors,Proxy ID, Traceoptions, Dual and backup tunnels, On- demand tunnels, DRP over a tunnel, Dynamic VPNs, Certificate-based VPNs, PKI, Interoperability with 3rd party devices), NAT Muhammad Ausaf Ali Yousaf curriculum vitae – Page 8 of 9
(Implementation of NAT, Source NAT, Destination NAT, Static NAT, NAT64, Implementation of NAT with IPSec, Overlapping IPs between sites), Advanced Security Services (AppSecure, AppTrack, AppFW, AppQoS, AppDoS, Application Identification, User Firewall, SSL Forward Proxy, Integration with IPS, IDP, Logs, Custom polices, Automatic updates, L3/L4/L7 DoS, Stateless filters, Screens, Flow options, App Ddos,Active Directory Integration), IGPs(OSPF,RIP), BGP, Filter-based forwarding, APBR, Transparent Mode, Security Director Logging and Reporting, SkyATP, Software Defined Secure Networks
(SDSN), User Role Firewall, Intergardted User Firewall, Secure Wire, MACSec, Mixed Mode
Design Inkscape, GIMP, Micosoft Visio Profesional, MS Office Suite 2016/2013 Virtulization VMWare ESXi,Workstation, vSphere, KVM
+ PROFESSIONAL HIGHLIGHTS + OTHER SKILLS
I integrate easily new teams.
I like to take initiatives for new interesting ways of development and techniques.
I have a passion for teaching network security.
I get actively involved in opensource projects for code and bugs solving: FileZilla, Clementine, LibreOffice. Desiging Books & Courses
CCIE R&S Certification Guide (TBP)
CCIE Sec Certification Guide (TBP)
Attended Cisco APIC-EM training.
Muhammad Ausaf Ali Yousaf curriculum vitae – Page 9 of 9
Contact this candidate