·        Management, configuration, maintenance of Fortinet Firewall features like security policies, VDOMs, traffic shaping, SD-WAN, HA, Firewall policies, IPS, Forti Sandbox, Forti Mail, Forti Authenticator.
·        Good knowledge and experience of using IP/MPLS Protocols such as BGP, OSPF,ISIS,VRRP,LDP,RSVP-TE. Design and implementation Knowledge on L2 & L3 services using – VPLS / HVPLS / MP-BGP
·        Experience in troubleshooting Large L2 and L3 based VPNs over IP/MPLS networks
·        Configuring Cisco Viptella devices and creating feature templates on vManage for SD-WAN.
·        Custom Sandboxing, web filtering with URL reputation, custom threat intelligence, behavioural analysis to provide a holistic view of security posture using Trend Micro Deep Discovery analyzer.
·        Configuring Trend Micro PolicyServer MMC native management console for Endpoint Encryption policy, user, and device administration, Trend Micro Server protect for linux, Trend Micro Apex One Endpoint Security for automated threat detection and response and SIEM integaration.
·        Configure and Install Cisco NGFW FMC and FTD firewalls primary and DR Sites.

Infoblox DNS IPAM for Microsoft DNS/DHCP setup and management. Worked closely with infoblox TAC to ensure a transparent migration from existing DHCP design into the Infoblox solution.

·        Configured pulse secure Network Access Control (NAC) solution to provide organization with continuous visibility, endpoint and IoT access control, and automated threat mitigation.
·        Configuration and setup of Carbon Black defence as next-gen antivirus (NGAV) as well as an endpoint detection and response (EDR) solution.
·        Firewall implementation and policy installations on platforms (Sophos, Check point, Palo Alto etc)
·        Deployed Kaspersky (EDR) optimum to provide comprehensive visibility across all endpoints on network, hunt complex threats, identifying IOCs, perform RCA, device control, full disk encryption.
·        Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
·        Using Symantec Secure Web Gateway (SWG) to act as a proxy between users and internet, identify malicious websites and payloads, control access to sensitive traffic, data loss protection.
·        Experience regarding F5 BIG IP LTM VIP, GTM Wide IP, APM, ASM, AAM, AFM, irules, CSW etc.
·        Configuring VIP pools, nodes and created custom iRules for the virtual servers like cookie persistency http redirection, ASM policies to mitigate cookie and parameter tampering.

Responsible in web application vulnerabilities (OWASP TOP 10, SANS, NIST) to review application source code to find its security vulnerabilities (CSRF, XSS, SQL Injection, Privilege Escalation, etc.) and recommend remediation.

·        Implemented FireEye XDR to avoid threats by threat detection, investigation and incident response.
·        Designed and developed a VDI environment using Citrix XenDesktop 6.5/7.6, Citrix XenApp,  Active Directory, Store Front, Citrix Studio, Director, Netscaler Server Load Balancer.
·        Design, install and manage VMware Horizon View Virtual Desktop Infrastructure.

Commission new internet connections for corporate clients, which include , assigning IP address range, Controlling Bandwidth
Implementing security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
Configuration & Management of VLANs ,802.1q trunks, VTP, Security policies
Implementation & troubleshooting of Vlans, Private Vlans, high availability solutions like  HSRP, VRRP, GLBP, Ether channels, Site to Site VPN, DMVPN, ACLs, NAT,PAT, routing solutions etc 
Advance configuration and optimization of OSPF, BGP, Ether channel, GRE Tunnels, L2TP Tunnels, MPLS Traffic Engineering Tunnels, MPLS VPN, MP-BGP, RD, RT and QOS configuration on Cisco 7200 and 7600 series routers.
Troubleshooting of complex LAN/WAN infrastructure, including routing protocols EIGRP, OSPF & BGP.
Configuring network access servers and routers for AAA Security.

·         Working Experience on GPON integration with Core Network. 
·         Expertise on Huawei iManager N2000/U2000 for GPON services.
·         Responsible for Managing and Maintaining and proactive monitoring of FTTH & FTTB (GPON) SmartAx MA5600T ,MA5680T & MA5603T OLTs.
·         Working Experience on Huawei ONT’s: HG850,HG850a,HG865 and HG8245/HG8245T
·         Working Experience on Huawei MDU’s: SmartAX MA 5612, MA5616, MA5620.
·         Administration & Monitoring of 15 FTTx POP OLTs in 13 cities of Pakistan.

Providing bandwidth services to enterprise customers with the Cisco 7200 series routers and ME-3400 series switches.
Managing operations of CMTS (cable modem termination system) which serves IOC/VOIP customers on HFC DOCSIS network.
Experience in (Network Support) maintenance of Linux, ESX based servers: DNS servers, Worldcall Email server (Kerio Connect), FTP servers using using Red Hat Enterprise Linux (RHEL) on CentOS 6.4 Operating system.

·         Configured Linux applications such as NTP, SSH, DNS, and SNMP, IPTables, Firewalls.

Installing Cacti Required Packages (Apache, MySQL, PHP, PHP-SNMP, NET-SNMP, RRD Tool) on RHEL / CentOS .

Monitoring of Optical Transmission Systems like OSN 3500, OSN 7500, UMG 8900,E1s and DPLCs and Huawei Softx3000.