YASIR IQBAL
Visa Status: NZ Citizen
Summary
Senior IT Security professional with extensive experience in delivering, designing, and implementing security solutions. In depth practical knowledge of security controls. A proven track record while functioning as a self‐motivated individual and technical expert. Seeking a challenging career in Cyber security where the knowledge can be applied to its fullest and the skills further developed while contributing to the organization’s development and progress.
Overview
21
21
years of professional experience
1
1
Certification
Work History
Senior Network and Security Engineer (Squad Lead)
N4L (Ministry Of Education Company )
09.2021 - Current
Job Responsibilities:
- Manage squad of Network and Security Delivery Engineers (Very Large schools)
- Design, Build, and Implement secure infrastructure and wireless solutions for school across the New Zealand (over 3000 schools)
- Identify risk and issues associated with installation and support of complex solutions
- Create Statements of Work (SoW) and diagrams to assist with Provisioning process
- Configure FortiGate firewalls thorough FortiManager
- Automate Vlan and secure WiFi through cloud path
- Manage WiFi through Ruckus Smartzone (Cloud) and Cloudpath.
- Configure switching and routing.
- Act as a tier escalation point for any provisioning issues
- Fault Management Tier 3 escalation for BAU teams
- Occasionally after‐hours support for pre handover BAU issues
- Develop relationships with Schools, ICT providers, and selected vendors
- Work collaboratively with wider Customer and Product teams to escalate issues and risks and their mitigation where required
- Support, create and maintain culture within team that is positive and focused on delivering benefits to end user
- Engage with others in organization to help build open, supportive and positive working environment across entire organization.
Network and Security Engineer (Remote)
OnStack, Inc
07.2017 - 09.2021
- Investigate security incidents
- Conduct network scans to find vulnerabilities and mitigate
- Research, Analyze, and Recommend new security solutions according to client requirements
- Deploy and review Security technical and administrative controls
- Firewalls designs (perimeter/Core/Segmentation) (Fortinet, Polo Alto, Juniper, and Cisco)
- Vulnerability scanning
- Risk assessment
- Network devices hardening
- Work closely with IT auditors and Pen testers to mitigate high risks
- Maintain and update Threat and Risk register of IT assets
- Worked within applicable standards, policies and regulatory guidelines to promote safe working environment
- Identified issues, analyzed information and provided solutions to problems
Senior Network\Security Engineer
Saudi Aramco
01.2008 - 04.2017
- Designed, implemented and maintained network infrastructure
- Selected and installed appropriate data communication components to meet organization’s needs
- Administered Cisco Routers 7200 and 3800 series connecting to the Internet & different locations
- Managed different layers of Cisco Firewalls ASA 5500 series & PIX 535
- Configured Juniper Netscreen ISG‐2000 firewalls in active passive clusters
- Hardened network by implementing ACL on routers, implementing Firewalls and IDS and following security guidelines
- Managed Intrusion and Prevention Cisco IPS 4246
- Managed Cisco and HPE switches
- Monitored, Analyzed and tested network performance through HP IMC and NNM
- Performed disaster recovery/ link redundancy tests
- Resolved problems related to LAN/WAN connectivity
- Opened cases with cisco/hp and other vendors when needed
- Scheduled upgrades and updates
- Maintain network devices warranty/support/licensing/Cisco SMARTnet
- Communicated to end users and different stake holders when needed
- Created Change management requests and incident reports with HPE BTO
- Maintained complete technical documentation
- Provided support and technical expertise to other IT groups
- Developed Security guidelines, procedures, baselines and policies for network group
- Ran MacAfee vulnerability scanner MVM3200 and worked to mitigate risks
- Worked with Auditors and worked towards findings
- Respond to security incidents .
- Work with ISO 27002 Lead Implementer.
- Risk assessment
Network administrator/assistant Manager IT
JS Investments Limited
12.2005 - 01.2008
Lab Supervisor Regional
Cisco Academy Hamdard University
01.2005 - 11.2005
Network Engineer
Sofech Microsystems
01.2003 - 01.2005
Education
B.S - Computer Science
University of Karachi
Karachi2002
Bachelor’s - commerce
University of Karachi
Karachi1998
Master of Professional Studies - Digital Security
University of Auckland
Auckland, AUK2021
Skills
- Cyber Security fundamentals and practices
- Cloud Security
- Ruckus Wireless
- FortiManager
- FortiAnalyzer
- Routing and Switching
- VMware NSX
- ISO 27001
- NIST
- ITIL
- Project Delivery
- Risk Management
- Research
- Palo Alto
- HPE IMC
- HPE Switches
Accomplishments
- Cyber Security
- Good knowledge of Cyber Security fundamentals and practices
- Experience working in various CISSP domains
- Ability to design, plan, and manage a secure IT infrastructure
- Hands on experience on administrating Next Generations Firewalls (Unified Threat Management)
- Hands on experience in implementing DLP and URL filtering
- Hands on experience configuring and administrating Intrusion Preventions Systems
- Hands on experience in Network Security including encryption, VPN, and various securityprotocols at different levels
- Hands on experience in Wireless Security
- Hands on experience in securing servers and system
- Good knowledge and experience in various Access Management functions
- Good knowledge of Security testing
- Good knowledge and experience of Asset Security including data classification, ownership, andprotection control implementation
- Experience in working with IT auditors and addressing the audit observations
- Experience in working in various Operation Security functions like,
- Good knowledge of various security frameworks like ISO 27000 series, NIST, and PCI DSS
- Knowledge of security incident response process
- Ability collect\capture and analyze network data using NetFlow/sFlow/jFlow analyzing tools
- Can collect\capture and analyze network data collection using pcap files (Wireshark)
- Can run vulnerability scanner and effectively can address the concerns
- Understand ITIL process like Incident, Change, and Problem Management
- Hands on experience in hardening and securing IT devices by implementing recommended guidelines likeselection of encryption Algorithms, and other measures recommended by vendors like Cisco, HPE
- Can Identify, assess, and analyze Risks
- Can communicate effectively with stockholders regarding security concerns and theirmitigation
- Can perform research on latest issues related to cybersecurity trends, tools, and best practices
- Deep understanding of various cyber‐attacks
- Can develop Security policies and Guidelines
- Cisco Systems
- Experience with configuration and management of Cisco 800,2500, 2600, 2811, 1702, 3600,3800 and 7200 routers
- Experience with configuration and management of ASA 5500 and PIX 500 firewalls
- Can configure and administer IPS 4260
- Can configure VPN and different Routing Protocols like RIP, IGRP, EIGRP, OSPF, BGP
- Fortinet
- Experience with configuration and administration of FortiGate 500‐D, 3810‐D Firewalls
- Palo Alto
- Experience with Palo Alto Firewalls configuration and Administration
- Juniper Networks
- Experience with configuration and administration of ISG‐2000/1000 Firewalls
- Experience with NS5GT, NS‐50, SSG 5 and SSG‐520 Firewalls
- Hands on experience on IDP 100
- Hands on experience on RA 500 and SA 700
- Experience with configuration of J2300 and J4300 routers
- Can configure VPN and different Routing Protocols like RIP, OSPF, BGP on Juniper platform
- Can Configure WAN acceleration Device WXC
- Personal Attribute
- Friendly and a team player
- Flexible and adaptable with a ‘can do’ attitude
- A quick learner, and able to pass that knowledge on to others
- Problem solver
- A good pressure handler
- Have a good communication skill
Certification
- Ruckus Accredited Cloudpath Administrator
- Ruckus Accredited SmartZone Administrator
- Preprinting for CISSP
- Foundation Certificate in IT Service Management from EXIN
- Cisco Certified Security Professional
- Cisco Certified Network Professional - Security
- Cisco Certified Network Associate
- Cisco Certified Network Associate – Security
- Cisco Express Foundation Field Specialist
- NSE4 Certified - Fortinet
- Juniper Networks Certified Associate-Firewall
- Juniper Networks Certified Associate-Enterprise Routing
- Juniper Networks Certified Specialist-Firewall
- Juniper Networks Certified Specialist-Enterprise Routing
- Juniper Networks Certified Professional
Timeline
Senior Network and Security Engineer (Squad Lead)
N4L (Ministry Of Education Company )
09.2021 - Current
Network and Security Engineer (Remote)
OnStack, Inc
07.2017 - 09.2021
Senior Network\Security Engineer
Saudi Aramco
01.2008 - 04.2017
Network administrator/assistant Manager IT
JS Investments Limited
12.2005 - 01.2008
Lab Supervisor Regional
Cisco Academy Hamdard University
01.2005 - 11.2005
Network Engineer
Sofech Microsystems
01.2003 - 01.2005
B.S - Computer Science
University of Karachi
Bachelor’s - commerce
University of Karachi
Master of Professional Studies - Digital Security
University of Auckland
Similar Profiles
Isakova CharosIsakova Charos
Head of Management at Ministry of Public Education and the Ministry of Preschool Education of the Republic of UzbekistanHead of Management at Ministry of Public Education and the Ministry of Preschool Education of the Republic of Uzbekistan
MD ZAHIDUL HUDAMD ZAHIDUL HUDA
Lecturer in Economics at B.C.S. (General Education), Ministry of EducationLecturer in Economics at B.C.S. (General Education), Ministry of Education
Reem KhalidReem Khalid
English Teacher at Ministry Of Education and Higher EducationEnglish Teacher at Ministry Of Education and Higher Education