Profileimage by Nasir Hafeez Senior Network Engineer from Islamabad

Nasir Hafeez

available
Contact

Last update: 10.04.2022

Senior Network Engineer

Graduation: MSc, Computer Science
Hourly-/Daily rates: show
Languages: English (Native or Bilingual)

Attachments

Resume-Nasir-Hafeez.pdf

Skills

A specialist in network infrastructure, security, DevOps and cloud with 10 years of experience in configuring, automating, troubleshooting, and documenting diverse IT scenarios.

I have hands-on experience of the following technology stack:

Routing and Switching:
L3: Static and dynamic routing, policy-based routing, IS-IS, OSPF, BGP, multicast
L2: STP, RSTP, MSTP, ARP, VLANs, PPP, PPPoE, Ethernet rings
MPLS: L2/L3 VPNs, LDP, RSVP-TE
IPv6: OSPFv3, BGP4+, tunneling technologies, migration scenarios, transition mechanisms, addressing

Security:
Next Generation Firewalls (NGFW), Unified Threat Detection, IDS/IPS, URL filtering, SSL decryption, Antivirus, Geolocation based filtering, Anti-Spam and RBL, application and service awareness, Single Sign-On (SSO), Integration with Active Directory/LDAP/MySQL/RADIUS for user management, virtual firewalls, VPN tunnels, DC security with east-west/north-south filtering, NAT, Packet capture and analysis, Anomaly Detection, Anti-Malware, Anti-DDoS, Botnet Defense, Fortinet, Cisco ASA, Juniper SRX, pfSense, OPNSense

Automation:
Scripting, Python, PHP, Rest APIs, Ansible, Bash shell, Git, VBScript, Perl

Cloud:
AWS, GCP, Containers, Docker, VPC, EC2, Terraform

Web Development:
PHP, Laravel, HTML, CSS, Javascript, Bootstrap, Bulma, Livewire

Servers:
Web: Apache/Nginx/IIS, Database: MySQL/MariaDB/PostGreSQL, AAA: freeRADIUS, Caching: Squid, SSL certificates: Let's Encrypt, Routing: Quagga/FRR, VPN: OpenVPN/Wireguard/Strongswan, Monitoring: Elastic Stack

Services and Allied Technologies:
IP Services: DNS (Dynamic DNS, DoH), DHCP, ICMP, URPF, NTP
Network Monitoring: SNMP, Netflow, sFlow, mirroring/SPAN, logging and reporting
Multicast: IGMP, PIM
Redundancy: VRRP, link aggregation, LACP, stacking, BFD
QoS: Congestion management and avoidance, DiffServ, traffic policing/shaping
Web and P2P caching: WCCP, Transparent Proxy

SD-WAN:
Palo Alto Prisma, Silver Peak

Data Center networking:
TOR/access/aggregation/core switches, 100GE/40GE/10GE links, leaf-spine architecture

Access Mechanisms:
WLAN: controllers, security, captive portals, guest management, Huawei 6600 series, Aruba Instant On, TP Link Omada, Aerohive, Ubiquiti Unifi, Cisco WLC, OpenWRT routers

Project history

09/2013 - 03/2018
Datacom Team Lead
Huawei (>10.000 employees)
Internet and Information Technology
Worked as team lead to support large enterprises including ISPs, banks, and universities in their
network infrastructure and cybersecurity projects. Instrumental in the design and commissioning of
Lahore and Islamabad Safe City Projects - USD 225 Million smart city projects for security surveillance
and traffic monitoring. Led a team of 10-15 engineers.


Responsible for producing and reviewing HLDs and LLDs. Conducting pre-bidding project reviews and
audits. Demonstrating latest products and solutions to customers in Proof of Concept (POC) tests.

Nasir Hafeez - page 1




Working on greenfield deployments as well as expansions and migrations. Performing acceptance
tests for newly deployed equipment. Integrating Huawei products in multi-vendor environments and
ensuring inter-operability. Supporting Sales and Solution teams with technical expertise. Meeting and
supporting clients.

Spearheaded the design and deployment of campus networks, data centers and large-scale metro and
national networks. Engineered the installation and provisioning of network equipment including routers,
switches, firewalls, Anti-DDoS appliances, NAS/BRAS nodes, WLAN controllers and access points,
VPN gateways, MDM solutions, centralized NMS devices, policy orchestration solutions.

08/2011 - 09/2013
Senior Network Engineer
Nayatel (250-500 employees)
Internet and Information Technology
Responsible for maintaining ISP core infrastructure and routing protocol peering. Performed hardware/
software upgrades and service migrations. Provisioned new MPLS and internet links. Setup and
maintained a web and torrent caching engine that resulted in significant bandwidth savings.


Routine tasks consisted of provisioning of MPLS L2 and L3 VPN circuits. Managing IGP and BGP
infrastructure. Monitoring internet gateway links and ensuring optimized utilization. Troubleshooting
high priority technical issues and escalations. Performing web URL filtering according to local telecom
regulations. Also supported TDMoIP and SDH infrastructure. Resolved trouble tickets and updated their
record in CRM portal. Contributed to network documentation and created rack layouts and network
diagrams using Visio.


Supervised a team of 4-6 engineers. Championed customer happiness and satisfaction. Audited,
investigated, and documented the network.

Time and spatial flexibility

Available for travel

Contact form

Contact details