Summary
Overview
Work History
Education
Skills
Certification
Personal Information
Timeline
Generic

Umair Ahmad

Network Security Architect
Abu Dhabi

Summary

Dynamic and results-oriented Network Security Engineer with extensive expertise in designing, implementing, and troubleshooting cutting-edge solutions in Security, Network, and SDN domains. Proven ability to migrate Data Center network security devices seamlessly while ensuring optimal performance and adherence to industry standards. Adept in handling diverse security technologies and protocols, with a focus on enhancing organizational security posture.

Overview

13
13
years of professional experience
4
4
Certifications

Work History

Senior Network Security Engineer Tier-3

Royal Technology Solutions (Government Client)
07.2021 - Current
  • Review design document & create (HLD, LLD) documents for new projects
  • Install and maintain Network & Security solution which include, Firewalls, Web proxy, Email security, all type of VPNs, Software defines networking, Advance Malware protection, Endpoint Security, SIEM solution, Identity Management, 2 Factor Authentication etc
  • Troubleshoot Network Security and Endpoint Security related incidents
  • Work consistently to apply best security practices to enhance security posture
  • Deploy and manage network devices (Router, Switches, WLC)
  • Optimize networking protocols MPLS, OSPF for better performance
  • Design & deploy core network, software define solutions for data centers
  • Work with teams to develop company-wide information assurance, security standards and procedures
  • Perform risk analyses to identify appropriate security countermeasures
  • Learn new skills and apply to daily tasks to improve efficiency and productivity
  • Demonstrate respect, friendliness and willingness to help wherever needed.

Senior SOC Security Analyst

Beacon Red
10.2016 - 06.2021
  • Designing and developing technical security solutions
  • Configuration & deployment of network security devices including Firewalls, IPS, Proxy and Security tools
  • Patch and upgrade security devices and deploy harding policy
  • Troubleshoot & Mitigate Operational Network Security and Endpoint Security related issues
  • Tuning policy, IPS signatures & creating custom signatures
  • Integrating devices with SIEM & other monitoring tools
  • Onboard devices into SIEM (Splunk, ArcSight)
  • Apply Center for Internet Security (CIS) benchmarks for ongoing security posture enhancement
  • All type of VPN deployments and troubleshooting across multiple vendors
  • Deployment of endpoint security tools (EDR, XDR)
  • Resolve tickets for Operational Network Security tasks
  • Creating dashboards on SEIM for better security events visibility
  • Firewall/IPS and other security device migrations.

Cybersecurity Security Professional

Computer Science Corporation India Pvt. Ltd
10.2014 - 08.2016
  • Monitoring and managing Intrusion Prevention System (IPS)
  • (IPS/IDS) deployment with very minimum downtime environment in critical environment
  • Perform vulnerability assessment activity by multiple tools and correlating validating reports with infrastructure
  • Firewall rule validation and tuning un used Rules
  • Deployment of endpoint security tools (McAfee)
  • IPS Signatures Fine Tuning based on infrastructure
  • Creation of custom IPS signatures for new vulnerability or threat
  • Monitoring of IPS signatures or threat events and reducing false-positive
  • Upgrade & Patch and update IPS, endpoint security tools
  • Event Analysis based on correlated SIEM logs
  • Debugging IPS related issues
  • Working within tight deadlines and fast-paced atmosphere
  • Worked flexible hours across night, weekend and holiday shifts.

Senior Security Engineer

HCL COMNET LTD
05.2011 - 10.2014
  • Worked MSS base clients (including all major Indian Banks) to monitor and manage security services
  • Monitor security events from SIEM and perform analysis to isolate false-positive alerts
  • Develop SIEM correlation rules to detect potential security threats
  • IPS signatures monitoring and tuning false positive signatures on periodic basis
  • Prepare Monthly Analysis Report base on entire month traffic, alert & vulnerability
  • Validating vulnerability assessment report
  • Providing suggestion based on vulnerability reports and security events to improve security postures
  • Onboarding network devices onto SNMP servers
  • Worked all major vendors Firewall (e.g., Cisco, Fortigate, Checkpoint and Cyberoam) for Tier1 & Tier2 engineer support.

Education

Bachelor of Computer Application (BCA) -

Manav Bharti University
India

Bachelor of Tourism Studies IGNOU India (BTS) - undefined

IGNOU

Skills

Security Skills:

  • Firewalls: All major vendors (Cisco ASAFTD, Paloalto, Juniper-SRX, Fortinet, Checkpoint, Watchgurd)
  • Virtual Private Networks (VPNs): Expertise in all type of VPNS, IPSEC, Remote VPN, DMVPN, GETVPN
  • Intrusion Detection/Prevention Systems (IDS/IPS): (Cisco, PaloAlto)
  • Identity Services Network Access Control (NAC): Cisco ISE, DOT1X,MAB, TrustSEC
  • Email & Web Security: Cisco ESA, WSA, SMA, Forcepoint
  • Data Loss Prevention: McAfee, Forcepoint
  • Identity and Access Management (IAM): RSA
  • Security Information and Event Management (SIEM): Splunk, ArcSight, Qradar
  • Endpoint Security: EDR, XDR, Mcafee ENS, Host DLP Application Control, Symantec endpoint protection
  • Security Assessment Tools: Nmap, Nessus, OpenVAS, Metasploit
  • Security Standards and Frameworks: ISO 27001, NIST Cybersecurity Framework, CIS Controls
  • Develop/review security architectures: High and low-level designs, processes, procedures, and local work instructions that align with industry security standards and controls

    • Network Skills:

  • Expertise in planning, design, implementation and troubleshooting: OSPF, ISIS, BGP, MPLS (LDP), GRE, MACsec, Quality of Service (QoS)
  • MPLS based Layer 2 & Layer 3 VPNs, EVPN, VXLAN, MP-BGP
  • Advanced Routing and Traffic Engineering: Advanced routing policies and traffic engineering solutions using MPLS, OSPF, and BGP
  • Network Convergence and Resilience: PLS, OSPF, and BGP environments to minimize downtime and ensure high availability
  • Wireless Networking: Cisco WLC, AP
  • Network Monitoring and Management: SNMP, NetFlow, Syslog
  • Load-Balancer- F5 & Citrix ADC greenfield deployment, migration
  • Design complex WAN/LAN scalable network solutions with focus on high-availability, redundancy, and resiliency meeting internal and external/client requirements
  • Prepare, review RFI/RFP/RFQ documents

    • SDN (Software Define Networking) Skills:

  • Expertise on SDN products Cisco SDWAN, SD-Access, ACI, VMware NSX-T, DNA
  • Cisco SD WAN and Access deployment, management and troubleshooting
  • VMware IPS/IDS deployment with NSX-T cluster
  • NSX-T integration with PaloAlto virtual Firewall

    • Migration Projects:

  • Migrated Datacenter from old traditional network to next generation devices (Juniper to PaloAlto, Cisco Switches)
  • Migrated traditional network to Software define networking (Cisco to NSX-T)
  • ASA to PaloAlto migration with minimum downtime

    • Certification

    CCIE Security V5 # (61658)

    Personal Information

    • Date of Birth: 10/02/1985
    • Nationality: Indian
    • Marital Status: Married

    Timeline

    Senior Network Security Engineer Tier-3

    Royal Technology Solutions (Government Client)
    07.2021 - Current

    Senior SOC Security Analyst

    Beacon Red
    10.2016 - 06.2021

    Cybersecurity Security Professional

    Computer Science Corporation India Pvt. Ltd
    10.2014 - 08.2016

    Senior Security Engineer

    HCL COMNET LTD
    05.2011 - 10.2014

    Bachelor of Computer Application (BCA) -

    Manav Bharti University

    Bachelor of Tourism Studies IGNOU India (BTS) - undefined

    IGNOU
    Umair AhmadNetwork Security Architect