Network Security Engineer
Resume:
adx362@r.postjobfree.com
Azhar Hussain
Career Objective
An experienced IT Security Expert with over 15 plus years of experience in several Networking Security Technologies including IT consulting, Security Standards, Implementation of Security Operation Center, Telco Security assessment, design & Security Audit. Exposure to complete project lifecycle including infrastructure design, requirement analysis, implementation, migration, support, and project management. Possess excellent team player qualities, problem solving skills, proven written, oral and presentation skills, Self Motivated, able to work independently and as a team member and to meet operational deadlines.
Career Summery
As a Network Security Specialist functionally and Technically equipped CCIE Security (written), CCIE R&S, Cisco Certified Security Professional (CCSP), Cisco Certified Network Associate (CCNA), Microsoft Certified System Engineer (MCSE), Watch Guard Certified System Professional (WCSP), Palo Alto Certified Network Security Engineer (CNSE), ISO27001 Certified from British Standard Institute (BSI)
Professional Experience
Network & Security Architect CyberSoft Technologies Aug 2019 – Till Date
CyberSoft Technologies is providing integrated business solutions and integration services. We are committed to provide innovative, reliable and affordable solutions as per industry best practices and standards.
As a Network & Security Architect my responsibility to design, Implement and provide best bread of Network and Security solutions to our clients.
Sr. Network & Security Administrator Habib Bank AG Zurich Aug 2016 – Mar 2018
Habib Bank AG Zurich (HBZ) was established on August 25, 1967 in Switzerland. Based on a solid foundation of banking tradition that spans several generations, HBZ, a technology pioneer and leader in the banking sector offers a wide range of financial products and services complemented by innovative delivery channels.
"THE BANKER" Magazine (July 2014 issue) ranked HBZ as the "5th Most Sound Bank" in Switzerland and as the "126th Soundest Bank" in the world, moving up from 152nd in 2012.
As a Sr. Network and Network Security Administrator my responsibilities as below: -
Migrate 2 running Data Centers (Primary & Secondary) in New Data Centers in Zurich (Switzerland)
Design New Network Architecture and Improve the Security Layer
Prepared complete BOQ and Product selection (Includes: - Core ISR Routers, Palo Alto FWs, Cisco ASA Firewalls with Firepower, ISE, F5 ASM, Core Switching through Cisco Nexus)
Migrate all business-critical Services in Secure Zones and Segregate traffic
Deploy Cisco Manage Switches in 46 branches over the glob
Implement MAC security through Cisco Manage switches in 46 branches over the glob
Achieve maximum possible network & telecom availability
Performance monitoring and capacity planning
Assess and recommend controls on networks and security infrastructure
Extend and coordinate IT Network & Security infrastructure services to other countries
Deliver assigned projects on agreed timelines
Review and update main disaster recovery procedure for network and telecom
Perform root cause analysis of network related incidents
Plan changes to resolve incidents, Problems and support project requirement
Plan to optimize network infrastructure for better performance (DOZ, SZR, Deira Branches)
Interface with vendors for procurement of all IT network infrastructures
Network Security Specialist C4i Technologies July 2014 – July 2016
C4i Technologies is an integrator of network and network security and outsource trained human resources.
C4i Technologies has Partnerships with many famous network and network security product vendors
As a Network Security Specialist my responsibilities as below: -
Worked as technical team lead from designing to implementation
Deploying Security solutions includes Cisco NGFW, Fortinet NGFW, Palo Alto NGFW, Juniper SSG 5550, ACS, Monitoring tools, Network Scanning tools, Router, Switches, Cisco ISE, Cisco WSA, Cisco WLC, Cisco IPS etc
Design high secure Network and critical business application behind high security zone
Follow the best practices to enable the advance feature of devices to achieve optimal performance
Troubleshooting Day to day Connectivity Issues all over the UAE
Handle all Migration activities of clients from different vendors
Provide the Migration plan with minimum down time
Create SOP of all major activities
Provide LLD and connectivity level design for new deployment or existing network
Design best breed of Network and Security solutions for clients as per their budget and requirements
Working with Vendors for POC and Introducing new products
Coordinate with Clients for products test Cases etc
Responsible for the technical deliverables, schedules etc
Network Security Expert AsiaCell Telecom April 2013- April 2014
Asiacell is a leading provider of quality mobile telecommunications services in Iraq, with over10 million subscribers. Asiacell was the first mobile telecommunications provider in Iraq to achieve nationwide coverage, offering its services across all of Iraq’s 18 governorates including the national capital Baghdad and all other major Iraqi cities. Asiacell’s network covers 97% of the Iraqi population, making Asiacell’s national coverage the most extensive of any Iraqi mobile telecommunications operator.
Being a Network Security Expert my duties as below :-
Migrate all business critical applications behind high secure zone.
Deploy Firewalls stat full failover link from normal interface to 10G interfaces.
Review Changes before implementation as per network design and minimize the risk of network outage.
Create MOP/Script of Changes with complete Roll Back plan.
Shift all business critical application behind high security zone.
Troubleshooting Day to day Connectivity Issues.
Configure Auto backup of all devices by using cat tool
Provide weekly report of network health and utilization to management.
Responsible for taking ownership of onboard new device according to standard
Audit IT and GSM Network Infrastructure as per ISO27001/ISO27002 standard.
Handles multiple teams dealing with contractors in deploying network and security projects.
Additionally Working with IT Governance team and responsible to build SOP's.
Responsible to manage, Install and maintain network security devices such as Firewalls, IPS, VPN's, Load Balancer, Application level security devices.
Engagement with IT Governance team to build Security Operation Center (SOC)
Align with IT Governance team and Conduct the security awareness demonstrations
Participate with IT Governance team to Implement ISO27001 standard in the Organization
Network Security Engineer du telecom Jan 2010 - Jan2012
du is 2nd telecom company in UAE, providing Fixed, Mobile telephony, Broadband connectivity and IPTV Services to Individuals, Homes and Businesses, and career Services for Businesses.
As a Security Operation Center Analyst my Responsibilities are bellow,
Complete the Project Green in which Audit more than 150 devices includes the Security Audit, Gap Analysis, Vulnerability test, Penetration testing and provide the complete Report with implementation plans.
Review Changes before implementation as per network design and minimize the risk of network outage.
Coordinate with change management team and Provide the CR Approval as per connectivity constraints and MOP/Script of Changes with complete Roll Back plan.
Taking Care of Security devices more than 150, includes Cisco ASA 5585, ASA 5580, ASA 5540, Pix 535, Pix 515, FWSM, Juniper SSG 5550, FortiGate A3800, and FortiGate 1000A, Tipping Points from advance level configuration to hardware level includes (VPN, Context, Failover, MPF, Authentication, Authorization etc.)
Shift all business critical application behind high security zone.
Shift all critical Firewalls stat full failover link from normal interface to 10G interfaces.
Troubleshooting Day to day Connectivity Issues between the MPLS clouds all over the UAE.
Troubleshooting Data Center issues (Hardware level, IOS level)
Participate Migration activities of devices with related teams.
Provide the Migration plan Hardware level of devices with minimum down time.
Provide the SOP of all major activities.
Provide LLD and connectivity level design for new deployment or existing network.
Remove the IP any any from live network by using Firewall analyzer tools.
Configure Auto backup of all devices by using cat tool
Provide weekly report of network health and utilization to management.
Responsible for taking ownership of onboard new device according to standard
System and Network Security Analyst BENZ International Distribution August 2008-Nov 2009
BENZ International Distribution is a Cisco SMB Partners and IT Services Provider my key responsibilities with BENZ are,
Provide the complete solution of Network and Network Security for Building the IT Infrastructure
Devising the complete infrastructure including network, system & Security
Develop cutting edge, innovative solution for IT infrastructure
Network designing and its implementation according to IT standards
Diagnose and Troubleshoot the Network issues
Responsible for managing, installation, configuration and maintaining part of the network devices such as Routers, Switches, Firewall, IDS, IPS, VPN, Load Balancer, Cisco works, etc.)
Troubleshooting of Devices, hardware and software related issues
Providing the Proof of Concept (POC) to the customer on network, system and monitoring & management products
Maintain the Local Area Network of office and troubleshoot the daily network issues
Facilitate to employees to access the office network from anywhere through remote VPN solution
Segregate the network and provide the access according to rules
Conduct the security awareness demonstrations in the organization or customer sites
Developing technical proposals and following it up with the customers in the capacity of pre-sales engineer
Network Security Engineer/ ISMS Consultant
IT Butler e-Services (www.itbutler.com.au)
March 2006 – July 2008
Oversaw multiple gamut of functions involved in the I.T Company, which provides A to Z Solution in I.T, Annual Maintenance contract, network solution from designing to implementation, Facility Management, provides state of art hardware and software solution as per customer needs. My Key responsibilities are,
Responsible to Provide Network and Network Security Solution with POC by using Cisco, Juniper, Watchgaurd, Sonicwall, Fortigate products
Responsible to manage the Local Area Network and WAN
Responsible to restrict the access and maintain the Network Security
Responsible to Manage the VPN connectivity between branch offices and with clients
Responsible to provide the access to offshore employees through remote VPN in Local Area Network environment by maintaining the security standard
Responsible for Network growth, Planning and implementation
Responsible to share the security awareness, threats and attacks in weekly report
Responsible to arrange the Security awareness session time to time or clients side
Responsible to Provide Full support to clients according to AMC (Annual Maintenance Contract)
Responsible for Installing, Configuring, Deploying and Maintaining Network Devices
Responsible for ensuring planning and design of the entire network infrastructure at customer side, besides effectively maintaining & fine-tuning the networking systems
Responsible to Provide the SOP (Standard Operating Procedure)
Responsible for providing Gap Analysis till Implementation under ISO27001 Standard in which responsible to provide the Standards, Procedures, Plan and Guidelines
Projects Handled
Client
Iran Telecom & Research Centre (ITRC)
Client
Dubai Airports UAE
Duration
4 Months
Duration
6 Months
Description and Tools
Top-Layer Load Balancer, Cisco Pix 515E Firewall, Cisco IDS 4235, 4250, Cisco Works 2.3
Description and Tools
ISO27001 Implementation in Data Centre 2
My Responsibility was to Configure Cisco Firewall, IDS’s with Top-Layer Load Balancer and Manage with Cisco Works2.3
My Responsibilities was to conduct Gap Analysis of Network Devices and find Vulnerabilities and Weaknesses in Configuration of Perimeter Devices
Client
Post Bank Of Iran
Client
Emirates Post UAE (Deira Branch)
Duration
2 Months
Duration
6 Months
Network Security Auditor E-Post
Description and Tools
Cisco 3015 VPN Concentrator (HA), Pix 535, IDS 4250, Juniper IDP (Bridge Mod) Cisco Works 2.3
Description and Tools
ISO27001 Standards, Procedures, Policies, Plans and Guidelines. Cisco ASA, Pix 515E, Cisco Router 1800, 2600, 3800, 3600 Series, Blue Coat, Cisco 2900, 3500, 6500 Series Switches
My Responsibility was to Configure Cisco VPN Concentrator 3015 in HA, Pix Firewall 535 with Perimeter Security Configuration and Cisco IDS 4250
My Responsibility was to Audit their Network and Provide exact picture of Black hole Data Centre with complete Diagrams and find the weaknesses in Configurations of Perimeter Devices and Provide them Complete Change Management System
Client
Petroleum Development Oman (PDO) Survey
Petroleum Development Oman is a Government
Project and they already have huge Network in all cities by using their own wireless and Fiber Network I have surveyed of PDO in Security Prospective.
Client Ministry Of Education UAE
Duration 5 Days
Tools Cisco CS11501 web Load Balancer
My Responsibility was deployment of Cisco CS11501 web content Load Balancer with Round Robin feature for real application web Cluster Servers
Client Dodsal Networks UAE
Duration 5 Days
Tools Cisco Pix Firewall 515E, Cisco 2600,
2800 Series Routers, Cisco 3500
Series Switches, Nesses
My Responsibility was to configure Cisco Pix Firewall with restricted roles and find the weaknesses in Configurations of Network Devices.
Education
Master in Computer Sciences (MCS)
Technical Skills
Cisco WSA
Cisco ISE
Cisco WLC
Cisco Routers
Cisco NGFW
Watch Guard
Forti Gate
Sonic Wall
Juniper
IDS/IPS
Cisco VPN Concentrator
Cisco Switches
Load Balancer
Management
Operating Systems
Wireless Access Point
Data Base
Hardware
Backup Solution
Cisco S170
ISE 3415
5500 Series
Cisco 7500, 12000, 3800, 2800 with FXO, FXS, VOIP Configuration
Cisco ASA 5585, 5580, 5540, Pix 535E, Pix 525, Pix 515, NGFW
X750e, X550e, X20e, X10e
3810A, 1000A, 200A, 100A, 50A
TZO190, 170, 150, Sonic Wall Pro 1260
SSG550, SSG20 wireless
Cisco IDS 4235, 4250, HP Tipping Point with all configurable features
Cisco VPN Concentrator 3015
Cisco 6509, 3700, 3500, 2900 Series
Top Layer Load Balancer, Cisco CS11501
Cisco Works 2.3
Windows 2003 Server, Windows 2000 Server, Windows7, Windows 2000 Professional, Windows XP Professional, Windows 95/98/ME, MS-DOS,
Linksys Office Connect Access Point
SQL Server 2000
Compaq Servers, IBM Desktops and Non Brandes Systems
Acronis, Live State, CAT Tool
Trainings Attended
Focused 5 days Training on ISO27001 by BSI (British Standard Institute)
Focused training on Watch Guard Fire-Box, Edge, Peak and Core Device Conducted by Training Manager of Watch Guard (USA)
Attended Top-Layer IPS/Load Balancer Training by Michael Ronald Technical Manager of Top-Layer(USA)
Participated in the Ecop Solutions Training
Certifications
Cisco Certified Internetwork Expert (CCIE Security(w)
Cisco Certified Internetwork Expert (CCIE R&S (w)
Cisco Certified Security Professional (CCSP)
Cisco Certified Network Associate (CCNA)
Cisco Certified Sale Expert (CSE)
Microsoft Certified System Engineer (MCSE)
Microsoft Certified Database Administrator (MCDBA)
Watch Guard Certified System Professional (WCSP)
ISO27001 Certified from British Standard Institute
Palo Alto Certified Network Security Engineer (CNSE)
Personal Details
Date Of Birth
10 Oct, 1978
Languages Known
English,Urdu
Nationality
Pakistan
NOTE:- Legally eligible to work in US with Valid EAD (Marriage Base)
Reference
Will be furnished upon Request.
Contact this candidate