Cairo, Egypt
Experienced Network Security Engineer with a demonstrated history of working in the information technology and services industry. Skilled in Firewalls, Switching, Routing, DC-Design, cloud Solutions , Strong engineering professional with a Bachelor's degree focused on faculty of computer and information System from Mansoura University .
As a Cyber Security Engineering Manager, I lead the strategy, design, and implementation of comprehensive cybersecurity and network protection programs that safeguard critical infrastructure and sensitive business data. My focus is on aligning security engineering with organizational goals and international frameworks such as PCI DSS, ISO 27001, and SOC 2. I manage a skilled team of security engineers responsible for strengthening the organization’s network, cloud, and application security posture through: Network Security & Segmentation: Designing and deploying secure architectures using FortiGate firewalls, FortiSASE, SD-WAN, and network segmentation between production, corporate, and PCI zones. Cloud & Endpoint Security: Hardening Azure and AWS environments and implementing Microsoft Defender for Cloud, Defender for Identity, and Defender for Endpoint to ensure end-to-end protection. Application Security: Managing Web Application Firewalls (WAFs), conducting secure code reviews, and enforcing code security best practices to prevent OWASP Top 10 vulnerabilities. Penetration Testing & Vulnerability Management: Leading internal and external penetration tests for applications and endpoints, using OpenVAS and coordinating remediation across all systems. Threat Detection & Response: Enhancing detection and response through Microsoft Sentinel SIEM, XDR, and automated incident response workflows. Data Protection & Compliance: Deploying DLP and data classification policies to achieve full compliance with PCI DSS and internal security requirements. Secure Integrations: Ensuring data integrity and availability by securing third-party integrations and APIs via IPsec tunnels and zero-trust access controls.
Design, implement, troubleshoot, and support network infrastructures and various security solutions and technologies, including: -FortiGate Firewall -Palo Alto Firewall -Microsoft Azure (VNet, Security Groups, Routing Tables, Azure Firewall, Azure Load Balancer) -Amazon Web Services (AWS) (VPC, VPC Peering, Transit Gateway, Security Groups, Routing Tables, Control Tower, Load Balancer) -Privileged Identity Management (PIM) -VPN (IPsec & SSL) -SonarQube (Code Security) -Microsoft Data Loss Prevention (DLP) -FortiAnalyzer and FortiManager -FortiSD-WAN -Microsoft Endpoint Detection and Response (EDR) -F5 (LTM & ASM) -Terraform for Infrastructure as Code
-Administer security infrastructure across multiple vendors and technologies (L3/L4 Firewalls, Next-Generation Firewalls, EDR, NGIPS, IDS, MFA, Web Application Firewalls, NAC) to ensure secure connectivity for users, customers, and business partners to all internal and externally published applications. -Analyze, troubleshoot, and investigate security-related anomalies in information systems based on SIEM reports, security platform analytics, network traffic, log files, and host-based or automated security alerts. -Implement scalable solutions to remediate vulnerabilities in networks and systems, while maintaining core network change control. Ensure compliance with security processes and uphold the highest standards of security practices and documentation. -Install and configure Hub-and-Spoke topology on AWS. -Install and configure F5 with LTM and ASM modules on AWS. -Install and configure Fortinet Firewall in an HA Cluster on AWS. -Install and configure Palo Alto Data Center Firewall on AWS.
-install and Configure Fortinet SD-WAN Solution in 150 Branches . -Install and Configure Forti-Manger to manage 150 Firewalls. -install and configure Forti-Analyzer to receive logs from 65 Branches . -Design and Configure ADVPN . -Migrate DNS & DHCP from MS to Infoblox DDI. -Design and Migrate DC from onprem to Azure DC . -Install and Configure Forti NAC . -Install and Configure F5 (LTM and ASM) on Azure . -install and Configure HA FortiGate Firewall on Azure With Internal and External Load balancer . -Configure ALL Azure Network Resources "Vnet , Routing table , NSG , Peering and Load Balancer" using Terraform . -Install and Configure Palo alto Firewall on Azure DC . -install and Configure Aruba Wireless Controller . -Configure ADVPN IPsec Tunnel Between Azure DC and all Branches.
As a Network Security Engineer my responsibilities include Configuring ,Managing, Enhancing, Monitoring ,Troubleshooting , Securing and connectivity insurance for 100 branches this is done through : -Juniper SRX320 &300 Routers & Juniper EX 3300 &2300 SWs -Juniper QFX5100 Core SWs & Juniper EX3400 Internet SWs -Juniper SRX1500 IPS & Juniper SRX550m VPN Concentrator -Juniper Junos Space (Security & Management Directors) -FortiGate Firewall With Different Categories . - Aruba Airwave Controller & Aruba Indoor APs . - Monitoring all connections stability and BW via (ManageEngine) ,Junos Space FortiGate Aruba Airwave and Zabbix . -Migrate DC to another Location and enhanced on DC Design -Migrate all Applications to Manage by F5 instead of Forti Web .
As a Network Engineer my responsibilities include Configuring ,Managing, Enhancing, Monitoring ,Troubleshooting , Securing and connectivity insurance for 4 Sites is done through : -HP Switches With Different Categories -Firewall Cyberoam -CISCO Routers & Switches with different Categories -CCTV IP milestone Solution -Configuring & Managing Elastix PBX & Grand Stream IP Phones -Monitoring all connections stability and BW via Zabbix