19+ years of experience of Information Technology (IT) and business management with key emphasis infrastructure management, and project management.
Infrastructure Team Lead
at Ministry of Public Health
March 2013 - at Present
Muḩāfaz̧at al Qāhirah
leading a team of 13 storages, systems, network, security and telecommunications infrastructure specialists providing infrastructure services for 1300+ users. Adopting knowledge of evolving trends in IT strategy and management and applies those to continuously refine the IT Strategic Planning process. Make recommendations to IS director regarding key decisions such as prioritization, funding and staff allocation. Mange and supervise complete lifecycles of infrastructure projects for successful project delivery. Plan, Manage, Control and Monitor projects budgeting to deliver project within the approved budget. Monitor infrastructure team performance and defining individual resources KPIs. Revamping MOPH IT infrastructure including servers, storage systems, SAN switches, load balancers, backup appliances and software licenses.
2012 - at Present (8 years) Muḩāfaz̧at al Qāhirah
2010 - 2019 (9 years)
2010 - 2018 (8 years)
B.Sc. Electronics & Communications Engineering
1993 - 1998 (5 years) Muḩāfaz̧at al Qāhirah
Infrastructure Team Lead
leading a team of 13 storages, systems, network, security and telecommunications infrastructure specialists providing infrastructure services for 1300+ users.
Adopting knowledge of evolving trends in IT strategy and management and applies those to continuously refine the IT Strategic Planning process.
Make recommendations to IS director regarding key decisions such as prioritization, funding and staff allocation.
Mange and supervise complete lifecycles of infrastructure projects for successful project delivery.
Plan, Manage, Control and Monitor projects budgeting to deliver project within the approved budget.
Monitor infrastructure team performance and defining individual resources KPIs.
Revamping MOPH IT infrastructure including servers, storage systems, SAN switches, load balancers, backup appliances and software licenses.
Manage organization Azure services such as Azur AD connect, Azure Subscriptions, Azure AD, Azure Application Proxy, Single Sign-on (SSO), Multi-Factor Authentication (MFA), Mobile Device Management (MDM), Mobile Application Management (MAM), Self-Service Password Reset (SSPR) and Azure Information Protection (AIP)
Administrating PaloAlto 5220 firewall, configuring security, NAT and encryption policies, Monitoring and analyzing the firewall traffic and realized threats.
Configuring and managing BIG-IP Web Application Firewall WAF to protect web applications against attacks targeting web servers such as Buffer Overflow, Brute Force, Web scrapping SQL injection, Distributed Denial of Service (DDOS)…. etc.
Administrating Forescout Network Access control Solution (NAC) to deploy a unified devices visibility, isolation of noncompliant/infected devices from the network, manage guest access for wireless network and integrate with other security solutions to automate policy enforcement across disparate solutions and accelerate system-wide response to mitigate risks.
Administrating Trend Micro Deep Discovery Inspector (DDI) and Deep Discovery E-mail inspector (DDEI) to monitor network traffic and identifying network threats such as compromised hosts with command and control (C&C), accounts lateral movement and malicious URLs in phishing e-mails.
Perform application and security vulnerability assessments using Nessus vulnerability scanner for identifying the vulnerabilities and configuration issues.
Deploying and Configuring BIG-IP F5 LTM Load Balancers for load balancing and traffic management of business application such as MS exchange, SharePoint, Oracle ERP and OpenText.
Administrating Cisco C170 Email Security Appliance, Configuring Anti-spam, Graymail, URL filtering, AMP, forging detection for incoming and outgoing e-mail policies.
Administrating Cisco S380 Web Security Appliance, Configuring custom identities, URL custom categories, Access and decryption policies.
Implementing Cisco Open DNS solution for controlling DNS queries based on security and content categories.
Managing Cisco ACE 4710 Cisco Application Control Engine to perform Fault tolerance and high availability for Oracle DB servers.
Upgrading Microsoft Exchange server 2003 to Exchange server 2010 and Exchange 2010 to Exchange 2013 and configuring compliance, mail flow and RBAC.
Installation, configuration and deployment of VMware ESXI 6.0 hosts, VCenter Server, VSphere Update Manager, Vcenter converter and VSphere client.
Installing, configuring Cisco UCS Fiber interconnect and configuring UCS Pools, Policies, Templates and Service Profiles for UCS B200 M4 blade servers.
Administrating EMC VNX 5400 SAN storage using Unisphere client to manage LUNs, Hosts and storage groups.
Administrating Pillar Axiom 600 SAN storage and creating LUNS, host and storage groups.
Configuring EMC Networker groups, clients, schedules and run restore group regularly and per users’ request.
Administrating EMC Data Domain 2500 backup appliance.
Configuring Symantec Netbackup jobs and run restore jobs on demand and on regular basis using HP MSL 8096 tape library as target backup appliance.
Configuring brocade 6510 SAN switches and performing zoning and zoning configurations.
Migrating 110 outdated HP ProLiant servers to news Dell PowerEdge, Cisco UCS server platform.
Deploying MS Lync 2013 standard edition Frontend and Edge server, configuring Lync server roles.
Performing an integration between Lync Server and Cisco Unified Communication Manager, configuring the Dial Plan and the associated normalizations rules, voice policies and reverse proxy for mobile users.
Upgrading Lync 2013 to Skype for business 2015
Installing, configuring Microsoft Configuration Manager (SCCM) 2012 R2 for Operating Systems, Applications deployment, and desktops remote control across MOPH corporate network.
Upgrading MOPH Domain controllers, DNS, DHCP server from Windows 2003 R2 servers to windows 2012 R2 and upgrade the Domain and Forest function levels to Windows 2012 R2.
Administrating and Monitoring MOPH Enterprise infrastructure servers at the HQ and branch offices including Domain controllers, DNS, DHCP, WINS Servers.
Establishing forest trust relationship between MOPH forest and overseas medical offices forests at US, UK, Germany and Thailand to enable overseas offices users to access MOPH internal resources.
Assessing and securing the MOPH infrastructure and establish baseline security using AD Group Policies.
Monitoring the AD replication between the AD sites.
Preparing Hardware and software service level agreements to ensure that software licenses are renewed on time and Hardware is always covered by valid manufacturer support.
Administrating ManageEngine operation manager for monitoring MOPH corporate network and configuring thresholds and triggered alerts.
Administrating HP service manager for managing Incident Management Assignment Groups, Integration with SMS Gateway & IVR, Interaction resolution time and extracting helpdesk activities reports and present them to the management.
Establishing up-to-date documentations for the MOPH IT infrastructure.
Installing and configuring Symantec Endpoint Protection Manger and Symantec Mail Security to ensure that the latest definition files are installed and infection-free IT environment.
Configuring the Audit policies to monitor improper access to different network objects and maintaining retention policy for archiving the security logs.
Configuring SCOM server, managing the deployment of the different management packs and monitor triggered alerts.
Deploying WSUS server and manage the deployment of the Windows updates.
Installing and configuring file server and create users home folders & shared drives and map them to end-users using group policy login scripts.
Deploying print servers and administrating the network printers’ security using Equitrac printer management system.
Querying the domain accounts to delete the stale and disabled users’ & computers’ accounts and DNS stale record.
Administrating and integrating RightFax server with exchange server 2013.
Configuring Microsoft Local password administrator LAPS to generate a random unique local administrator password for each workstation across the network.
Knowledge and keywords