MOHAMMED KASHIF HASHMATH

Managed and configured F5 Local Traffic Manager (LTM), Web Application Firewall (WAF), and Global Traffic Manager (GTM) to ensure high availability and robust security for critical applications.

Deployed F5 Application Security Manager (ASM) security policies, including Fundamental, Rapid Deployment, and API, across Saudi Space Agency applications to enhance web application security.

Engineered and implemented F5 LTM configurations from scratch, including Virtual Servers, Nodes, Pools, profiles, Ciphers Rules, iRules, and SSL Certificates, ensuring secure traffic management.

Successfully upgraded F5 LTM load balancers to the latest versions, improving performance and incorporating new security features.

Troubleshooted Load Balancer and WAF issues daily using support IDs and Wireshark, resolving critical incidents and maintaining system uptime.

Implemented Identity and Access Management (IAM) solutions with vendors like SAP and Active Directory, streamlining user access and security protocols.

Onboarded new employee applications with GRC requirements in IAM, ensuring compliance and secure access provisioning.

Managed and configured Cisco Unified Communications Manager (CUCM) and Cisco IP telephony systems (7925-8841-8845-8865), maintaining voice communication infrastructure.

Configured and managed Fortinet Firewalls (FortiAnalyzer, FortiManager, Forti Authentication) and Palo Alto Firewalls (Panorama), enhancing network perimeter security.

Analyzed high-risk security vulnerabilities and proposed mitigation techniques and patch prioritization, reducing organizational risk.

Deployed F5 ASM Security policies (Fundamental, Rapid Deployment, API) across ZATCA applications, significantly enhancing web application protection.

Configured and troubleshooted F5 GTM, ensuring application high availability and disaster recovery capabilities.

Managed and configured policy rules for Palo Alto and Fortinet firewalls, including VPN, across multiple firewalls (Panorama, FortiManager) to secure network infrastructure.

Performed proactive maintenance and troubleshooting to ensure network stability and uptime for critical systems.

Implemented comprehensive security protections including DOS, BOT, Brute Force, Data Guard, CSRF, and SSRF to defend against advanced threats.

Generated detailed reports to analyze security threats and provided threat analysis to management, informing strategic security decisions.

Applied security policies in block or transparent mode based on application needs, enhancing security posture while minimizing operational impact.

Coordinated with application teams to explain ASM policies and validate services during maintenance windows, ensuring seamless integration and minimal disruption.

Configured F5 LTM from scratch, including Local Traffic Policies, Virtual Servers, Nodes, Pools, profiles, Ciphers Rules, iRules, and SSL Certificates, optimizing traffic management.

Implemented and managed F5 GTM for global load balancing and disaster recovery, ensuring continuous application availability.

Designed and configured F5 WAF application security policies and Policy Building Settings (Rapid Deployment, API) to protect web applications from common attacks.

Configured DDoS and Bot parameters, along with Data Guard in WAF and logging profiles, to enhance threat detection and mitigation.

Managed PCI compliance requirements and hardened devices according to CIS benchmarks, ensuring adherence to industry security standards.

Handled various trouble tickets for Fortinet, Palo Alto, F5, and NAC (Payment Gateway), resolving complex network and security issues.

Performed installation, deployment, analysis, and troubleshooting of firewall issues, ensuring robust network perimeter security.

Configured payment gateway devices (Intelli View and iNAC) and AlienVault USM Appliance (sensor, server, logger) from scratch, enhancing security monitoring capabilities.

Gained hands-on experience with SIEM tool ArcSight, effectively monitoring and analyzing security events and incidents.

Monitored and alerted on security events and incidents, escalating critical issues to the next level using ArcSight SIEM.

Created custom filters, dashboards, queries, and reports for all integrated devices, enhancing security visibility and reporting efficiency.

Prepared daily and monthly incident reports with comprehensive analysis for customer devices, providing actionable insights into security posture.

Conducted daily vulnerability analysis, identifying high-risk security vulnerabilities and suggesting workarounds or mitigation techniques.

Managed and analyzed logs related to Firewall, IPS-DMZ Server Farm-IPS, and proxy servers, maintaining robust security controls.

Performed on-call support, responding to incidents outside regular working hours to ensure continuous security operations.

Handled and configured AppDynamics tool, including installing and configuring dotnet agents, to monitor application performance and security.

Conducted site surveys for indoor and outdoor locations, generating heat maps with AirMagnet Software for comprehensive WLAN coverage documentation.

Configured devices for establishing WLAN coverage, Point-to-Point, Point-to-Multipoint links, and wireless mesh networks.

Configured HP Switches and managed provisioning for site deployment, ensuring network readiness and integration.

Planned and coordinated system utilization and capacity, involving configuration and testing with vendors to optimize network performance.

Designed and prepared customer solutions for wired and wireless networks, addressing specific client requirements.

Performed design, analysis, and troubleshooting of wireless LANs using AirMagnet Solutions (AirMagnet Survey, Planner, Wi-Fi Analyzer PRO).

Resolved escalated hardware and software issues related to LAN/WAN, ensuring minimal downtime and operational continuity.

Troubleshooted Access Points through Aruba Mobility Controller, maintaining optimal wireless network performance.

Configured and installed IDF and BDF switches and core switches, establishing foundational network infrastructure.

Configured OSPF with area-wise routing and troubleshooted issues with back-office support, ensuring efficient network routing.

Installed and configured Cisco 2960, 6500, and 6509 series switches, enhancing network capacity and performance.

Configured and troubleshooted routing protocols (EIGRP and OSPF), optimizing network traffic flow.

Configured VLANs in Layer 2 and Layer 3 switches, including Inter-VLAN routing and 802.1q Trunk/ISL Trunk, to segment and manage network traffic.

Implemented basic switch security, including port security, trunk access, and management VLANs, to secure network access points.

Prepared detailed network topology diagrams and documentation, facilitating efficient network management and troubleshooting.

Provided technical support and troubleshooting for day-to-day network problems, ensuring operational continuity.