Network & Security Engineer – L3 support

·        
Network Management Services

a)   
Reactive fault resolution.

b)   
Coordinating with Etisalat for WAN link outages until resolution using
Incident management process.

c)    
Coordinate with ADNET, ADDA, ADDA SOC for any ADNET links outages / troubleshoot
communication issues, raising any new RFC / and amendment to any existing
application / system’s requirement.

d)   
Coordinate with SGS team, Application team and Client application vendor
team for any new API / ESB integration requirements.

e)   
Coordinate with other entities for any G2G services troubleshooting and
support.

f)     
Configuration of VLANs via Change Control Request.

g)   
Maintain Client Documentation (LLDs, HLDs, RFP etc.) and network IP
schema used across the organization.

h)   
Monitor the availability of network switches, routers, firewalls and
other network components.

i)     
Configuring switches, routers, firewalls and other network components
based on CLIENT business requirements via the Change Control Process

j)     
Maintain the Clients network designs when required.

k)    
Periodically review and recommend changes to the IP schema.

l)     
Design / Plan for new office expansion projects via the Change Control
process

m)  
Patch Management of switches, routers, firewalls and other network
components and upgrading its operating system to the appropriate level as
needed.

n)   
Backup and restore the configuration settings of switches, routers,
firewalls and other network components as needed.

o)   
Assist Client to understand the actual redundancy for the network
infrastructure and its current readiness to provide business continuity in case
of any disaster.

p)   
Incident management: if an outage occurs, Network operations team will
perform trouble isolation, coordination, and resolution.

q)   
maintain the latest patches and updates in accordance with the Patch SLS

r)    
Liaise with any other 3^rd Party service providers for uptime
of provided network services.

s)    
Perform bandwidth Monitoring using Client Bandwidth Monitoring tools and
recommendation of any possible optimizations.

t)     
Prepare weekly, monthly and quarterly network performance reports.

u)   
maintain Clients network diagram of all network components related to
the domain.

v)    
support to all network assets mentioned.

w)   
Maintenance of records on installation, repair and replacement of any
part or equipment via the Change Control Note.

x)    
Assist Client to Identify CLIENT’s telecommunication needs.

y)    
Respond to the incoming security alerts from Client SOC team, take any
necessary action that is within the scope of the Onsite resource and coordinate
back with them till the closure of each case in a timely manner. Where
additional hardware, software or changes are required, Supplier will initiate
the required Change Control process

·        
Firewall & Security Devices Management

a)   
Build, design, test and deploy perimeter security systems (PaloAlto) via
Change Management Process.

b)   
Configure and troubleshoot security infrastructure devices.

c)    
Provides day to day support for firewall engineering and operations tasks
and access level 1 & 2 on-call technical support for the Firewall
Engineering and Operations team including assisting peers with issues and
escalation.

d)   
Supports the ongoing operations of network access control devices to
include firewalls, web proxies, and SSL VPN devices.

e)   
Assist Client Information Security Team to create security policies
based on the business requirement following a change management process and
assist Client to document the policies.

f)     
Configuring and maintaining the firewall for high availability and
perform a drill in quarterly basis to make sure that failover works without
business disruption where the infrastructure has been designed for high
availability.

g)   
Upgrade the firewall operating system based on the recommendation by the
vendor following the change management process.

h)   
Update the application, antivirus, URL filtering database based on the
recommendation from the principal vendor.

i)     
Configure remote access VPN for the talents or teleworkers in adherence
to the information security policy and standards.

j)     
Configure and maintain existing IPsec tunnels and troubleshot any IPsec
issues with relevant entity.

k)    
Planning, designing, and implementation of new IPsec VPN requirements
through Change Management process.

l)     
Assist Client Information Security Team perform periodic review of the
VPN access provided to the talents and remove the users based on the review.

m)  
Monitor and report against the level of availability, reliability and
performance for firewall and other security devices.

n)   
Directs compilation of records and reports from client tools concerning
perimeter operations and maintenance to analyse the performance of perimeter
security systems using client’s tools.

o)   
Maintain standard operating procedures and guides for new and/or
existing perimeter hardware and software. Update operating procedures on
completion of a Change Management process.

p)   
Suggest technical solutions and new security tools to help mitigate
security vulnerabilities and automate repeatable tasks.

q)   
Assist Client to perform periodic review of the security polices to
understand the unused security policies to disable them for a better security.

r)    
Perform trouble isolation, coordination, and resolution.

s)    
Identify and Highlight to Client end-of-life hardware and software.

t)     
Perform password administration aligned to Client Security Policies
using Client Password Reset tools.

u)   
Provide a monthly report of the security incidents reported by the
entity and other SOC team and the status of the security incidents along with
the corrective actions taken.

v)    
Perform proactive analysis based on the security incidents reported to
minimize the security risk.

w)   
Provide monthly report on the firewall availability.

x)    
Enable and configure posturing / client
profiling through Cisco ISE

y)    
Configure, maintain and troubleshoot Client NAC (802.1x, MAB , Web
authentication) issues via Change Management Process.

z)    
Create any new NAC authentication (802.1x, MAB , Web authentication) or authorization
policies based on client requirements or client SOC recommendation.

aa)  Configure, maintain and troubleshoot NAC
posturing policies via change management process and enhance any new posture
requirements as per client / client SOC requirement.

bb)  Troubleshoot any Radius issues for centralize
authentication and authorization of network / network security devices.

cc)  Coordinate with Vendors / Partners, create
any trouble tickets and day to day incidents.

dd)  Coordinate with partners / vendors for any
upcoming and ongoing projects for successful projects delivery. 

·        
Unified Collaboration Management

a)   
Maintenance of records on installation,
repair and replacement of any part or equipment.

b)   
Maintenance and troubleshooting of Cisco UCS
servers and coordination with partner / vendor for troubleshooting of hardware
/ software / configuration issues.

c)    
Identification of CLIENT’s telecommunication
needs.

d)   
Train users as requested by CLIENT.

e)   
Configure the IP phones with extension.

f)     
Configure Unity Voice Mail and integrate with
the mail services.

g)   
Configure wireless IP phones as needed.

h)   
Recommend any beneficial IP telephony
infrastructure upgrades in line with new technology.

i)     
Ensure the availability of the Call Manager
and the attached systems like voice mail.

j)     
Manage Cisco Call Manager / Unity and voice
gateway routers.

k)    
Manage PRI lines from CLIENT side and the
relationship with Etisalat.

l)     
Schedule call manager, unity and voice
gateway router backup.

m)  
Support end users using S4B / Cisco Jabber
client whether from inside or outside CLIENT’s network.

n)   
Support and manage audio/video conferences
across all CLIENT meeting rooms using Client meeting manager tools

·        
Wireless Management

a)   
Manage and maintain the wireless
infrastructure (controller and APs) across all Client locations.

b)   
Configure and maintain separate SSID’s to
isolate the corporate and guest wireless networks.

c)    
Configure and manage DHCP pools for all
access points and SSIDs.

d)   
Troubleshoot any Wireless 802.1x
authentications issues of wireless corporate users as per Network access
control policies.

e)   
Improve / configure new Network access
control policies as per client requirement and security best practices.

f)     
Configure and manage TLS based authentication
for corporate wireless networks.

g)   
Enable and configure posturing / client
profiling through Cisco ISE.

h)   
Configure and maintain Client provided
security polices, guest VR and PBR within the firewall and wireless controller
to control wireless networks traffic.

i)     
Upgrade the wireless controller firmware
based on best practices to enhance security and other management features.

j)     
Troubleshoot any controller communication
issues on both Foreign and Anchor controllers.

k)    
Maintain Guest Anchor DHCP / DNS server for
any DNS / DHCP issues for guest SSIDs

l)     
Coordinate with vendors for wireless
expansion projects throughout CLIENT branches as needed.

·        
Core Technologies:

–      
PaloAlto – Perimeter

–      
Fortinet – SD-WAN

–      
Cisco ISE – NAC