Ahmed Elesawi

Network Security Engineer

Instructor

Download CV Email Me
About Me

Hello! I’m Ahmed Elesawi.
Senior Network Security Engineer with extensive experience protecting critical infrastructure in the ISP (Telecom Egypt) and Banking (Banque Misr) sectors. Expert in managing multi-vendor firewall environments including Palo Alto, Fortinet, and Cisco FTD/ASA. Proven track record in large-scale migrations, including the transition of ASA configurations to PaloAlto and FortiGate. Active Instructor at the National Telecommunication Institute (NTI), specializing in Ethical Hacking (CEH) and Network Security operations.

  • Address: Cairo, Egypt
  • Phone: 002 01158373746
  • Email: ahmed@elesawi.com
  • Freelance: Available
  • Part Time: Available
Resume
Education
2013 - 2018
Bachelor of Engineering – BE in Electrical, Electronics, and Communications Engineering
Marg High Institute For Engineering and Technology (M.I.E)

  • Overall Grade: Very Good (GPA: 2.92)
  • Graduation Project: Designed and implemented a Robotic Arm with Computer Vision. (Grade: Excellent)

Certifications
Certifications:
Certificates and Verification

Certified Ethical Hacker (CEH) | Verification: https://elesawi.com/url/CEH
Fortinet FortiManager 7.0 Administrator | Verification: https://elesawi.com/url/FMG
Fortinet Enterprise Firewall 7.0 Administrator | Verification: https://elesawi.com/url/EFA

Professional Experience
03/2025 - Current
Senior Network Security Engineer
Telecom Egypt

  • Managed and secured enterprise and backbone environments using FortiGate, Palo Alto, Forcepoint, and Cisco FTD firewalls
  • Executed full migration of legacy email security to Microsoft Exchange Online Protection (EOP)
  • Administered Pulse Secure (Ivanti) VPN solutions to maintain secure remote access.
  • Implemented advanced NGFW features including IPS, URL filtering, and SSL inspection to align with ISO 27001 and NTRA compliance standards.
  • Maintained site-to-site VPN tunnels connecting external partners ensuring encrypted, stable, and highly available communication channels.
  • Collaborated with SOC teams on vulnerability management and incident response.

07/2024 - 02/2025
Network Security Engineer
Banque Misr

  • Managed critical banking infrastructure using Palo Alto and FortiGate firewalls, ensuring strict adherence to Central Bank of Egypt (CBE) regulations and InfoSec policies.
  • Monitored and optimized NGFW security profiles, integrating features such as IPS, URL filtering, application control, and SSL decryption to enforce comprehensive security policies.
  • Maintained SSL-VPN configurations to provide secure connectivity for internal systems and remote users
  • Maintained site-to-site VPNs for secure communication between internal systems and extranet partners, ensuring uninterrupted data flow
  • Conducted regular policy reviews and fine-tune firewall configurations to enhance performance
  • Automated operational tasks, including firewall rule audits and configuration consistency checks, using Python scripting to improve efficiency and reduce manual errors

07/2023 - 06/2024
Network Security Engineer
Raya Information Technology

  • Resident at Banque Misr, actively contributing to the security infrastructure.
  • Deployed and configured FortiGate and Palo Alto NGFWs to replace legacy systems, enhancing the organization's overall security posture.
  • Migrated firewall policies from legacy systems to FortiGate and Palo Alto platforms, ensuring seamless transitions and compliance with organizational standards.
  • Implemented advanced NGFW features, including sandboxing, malware detection, and application control, as part of deployment processes.
  • Performed post-deployment troubleshooting and performance tuning to ensure operational stability of the new environment.

05/2023 - 06/2023
Network Security Engineer Trainee
BARQ Systems

  • Shadowed experienced engineers to gain hands-on exposure to advanced network security technologies and operations.
  • Assisted in the installation and initial configuration of FortiGate firewalls, FortiManager, and F5 LTM/ASM systems.
  • Participated in troubleshooting sessions to resolve network issues and ensure the operational reliability of deployed solutions.
  • Acquired foundational skills in deploying and managing security solutions, including endpoint protection and load balancing systems.

02/2021 - 01/2023
IT Help Desk Specialist
ECS - Cairo Business Park Project

  • Managed all technical support requests received via email and direct walk-ins, serving as the sole IT point of contact for site engineers, architects, and administrative staff.
  • Deployed and configured temporary site network infrastructure, including 4G/LTE routers, wireless access points, and structured cabling to ensure connectivity in the site.
  • Deployed and maintained a local File Share Server, configuring folder permissions (SMB) and mapping network drives on workstations to ensure secure access to project blueprints and documents.
  • Troubleshot and resolved software issues for AutoCAD, Microsoft Office, and PDF editors, acting as the immediate point of resolution to maintain site productivity.
  • Executed manual system maintenance, including Windows Updates, driver installations, and antivirus scans on all site computers.
  • Managed the physical inventory of IT assets, logging the distribution of laptops and networking equipment to site personnel.

05/2020 - 01/2021
Electrical Site Engineer
ECS - Cairo Business Park Project

  • Supervised electrical installations, ensuring adherence to project specifications and timelines.
  • Coordinated with cross-functional teams to align project phases and meet deadlines.
  • Managed workforce and resources effectively to maintain project schedules and ensure quality control across electrical works.
  • Managed workforce and resources effectively to maintain project schedules and ensure quality control.
  • Provided technical support to resolve on-site issues and ensure compliance with safety regulations.

Courses & Training
02/2023 - 05/2023
Modern Defensive Security Solutions
NTI, Digital Egypt Youth Initiative

  • Gained hands-on experience with security appliances, including ASA, FortiGate, FortiManager, FortiAnalyzer, FortiSIEM, FortiWeb, Palo Alto Firewall, and Sophos Firewall.
  • Conducted real-world scenarios and lab exercises to configure, deploy, and troubleshoot various security solutions.
  • Strengthened communication and teamwork skills through collaborative troubleshooting and group projects.

10/2020
Network Attacks and Mitigations
NTI

  • Gained hands-on experience in network intrusion analysis, endpoint threat detection, and forensic investigation techniques.
  • Explored SOC operations, threat intelligence integration, and security data visualization for enhanced decision-making.
  • Learned to detect, analyze, and mitigate network threats using real-world scenarios and SOC workflows.
  • Developed skills in continuous monitoring, compliance, and incident response for effective security operations.

09/2020
Ethical Hacking and Network Monitoring
NTI

  • Gained hands-on experience in ethical hacking techniques, including reconnaissance, vulnerability analysis, and system exploitation.
  • Used network monitoring tools to detect and prevent attacks against protocols, services, and endpoints.
  • Applied penetration testing methodologies to evaluate and secure networks against threats.
  • Strengthened skills in identifying vulnerabilities, mitigating attacks, and analyzing network security alerts.

08/2020
CCNA
NTI

  • Gained practical knowledge in configuring and managing Cisco routers, switches, and VLANs.
  • Learned to implement and troubleshoot OSPF, Layer 2 protocols, and IP services for network optimization.
  • Developed skills in securing network devices using techniques like Port Security.
  • Applied expertise to real-world scenarios, ensuring efficient communication and resolving network issues through systematic troubleshooting.

05/2020
Certified Ethical Hacker (CEH)
CLS

  • Completed an intensive CEH-aligned practical course covering footprinting, scanning, vulnerability analysis, exploitation fundamentals, web application testing, wireless attacks, traffic analysis, and incident response.
  • Performed hands-on labs using Kali Linux, Nmap, Masscan, Metasploit, Burp Suite, OWASP ZAP, SQLmap, Aircrack-ng, and EVE-NG. Analyzed network captures with Wireshark and produced pcap evidence.
  • Executed real-world tasks: OSINT collection, SYN/NULL/XMAS scans, banner grabbing, SQLi and XSS exploitation, password cracking, and wireless handshake capture. Documented all findings and screenshots.
  • Produced a final individual penetration-test report containing scope, methodology, exploit evidence (pcap/screenshots), impact assessment, and prioritized remediation recommendations.
  • Demonstrated competencies in vulnerability triage, secure configuration suggestions, basic incident response steps, and technical report writing.

My Skills
Technical Skills

  • Network Security and Firewalls:

    • • Expert in managing and optimizing enterprise firewalls, including Palo Alto, FortiGate, and Cisco ASA, to secure critical banking infrastructure.
    • • Proficient in configuring and managing security profiles for NGFWs, integrating multiple advanced features such as intrusion prevention systems (IPS), URL filtering, application control, malware protection, and SSL decryption into cohesive policies.
    • • Configured application-aware security profiles to monitor and control traffic based on application types, enhancing resource utilization and overall network security.
    • • Configured security profiles with FortiSandbox and Palo Alto WildFire integration for sandboxing and malware analysis, enabling detection of zero-day threats.
    • • Applied security profiles to enforce URL filtering policies, blocking access to malicious or non-compliant web categories.
    • • Enforced URL filtering policies to block access to malicious or non-compliant web categories using integrated NGFW features.
    • • Integrated SSL/TLS traffic decryption with Gigamon for secure traffic inspection, ensuring seamless analysis without disrupting critical services.
    • • Migrated legacy IP-based policies to user-based policies through Active Directory integration using Fortinet’s FSSO and Palo Alto User-ID, improving dynamic access control.
    • • Configured Host Information Profiles (HIP) in Palo Alto to enforce VPN access restrictions based on trusted user devices.
    • • Managed Palo Alto Prisma Access to enable secure VPN connectivity for user, ensuring compliance with organizational security policies.

  • Threat Detection and Incident Response:

    • • Centralized firewall log collection and monitoring by directing logs to syslog servers, FortiAnalyzer, Panorama, and SIEM platforms for enhanced visibility and proactive threat detection.
    • • Maintained dynamic blocklists of malicious IPs and domains within NGFWs, ensuring continuous updates from vendor threat intelligence feeds.

  • Automation and Optimization:

    • • Automated repetitive tasks, including firewall rule audits, configuration validations, and backups, using Python scripting to enhance operational efficiency.
    • • Developed custom scripts to streamline bulk configuration updates across firewalls, ensuring consistent application of security policies.

  • Networking Foundations for Security:

    • • Strong knowledge of VLANs, OSPF, and Layer 2/3 protocols, tailored to secure banking network environments.
    • • Configured advanced QoS policies to prioritize critical security traffic, such as IPS updates and log transmissions.
    • • Experienced in integrating secure networking practices with firewall deployments to ensure robust protection for sensitive data.

  • Tools and Platforms:

    • • Advanced proficiency with Palo Alto Panorama, FortiManager, and FortiAnalyzer for centralized policy management, monitoring, and incident reporting.
    • • Skilled in using Python to automate firewall-related tasks and improve consistency in network security operations.
Soft Skills
  • Critical Thinking:
    Strong analytical abilities to evaluate security challenges, identify vulnerabilities, and implement effective solutions.
  • Decision-Making Under Pressure:
    Skilled at making sound decisions during high-pressure security incidents to mitigate risks and restore operations.
  • Problem-Solving:
    Proficient in diagnosing and resolving complex network and security issues, ensuring operational integrity.
  • Strategic Planning:
    Capable of designing and executing long-term security strategies aligned with organizational objectives and compliance requirements.
  • Attention to Detail:
    Meticulous in reviewing security configurations, logs, and processes to identify and address potential vulnerabilities.
  • Collaboration:
    Experienced in coordinating with cross-functional teams, ensuring seamless communication between IT, InfoSec, and management.
  • Change Management:
    Effective at leading teams through transitions, such as adopting new security technologies or workflows, while maintaining productivity.
  • Negotiation and Persuasion:
    Skilled at advocating for security best practices and gaining support from stakeholders, including upper management.
  • Technical Writing and Documentation:
    Proficient in creating clear and detailed security policies, procedures, and incident reports.
  • Cultural Awareness:
    Comfortable working in diverse teams and adapting communication styles to foster global collaboration.
  • Continuous Learning:
    Committed to staying updated on cybersecurity trends, emerging threats, and new technologies to remain effective in dynamic environments.
  • Time Management:
    Proven ability to handle multiple high-priority projects and meet tight deadlines in fast-paced settings.
  • Effective Communication:
    Adept at explaining complex technical concepts to both technical teams and non-technical stakeholders, ensuring alignment and understanding.
  • Leadership and Mentorship:
    Experienced in guiding teams and junior engineers, fostering collaboration and professional growth.
  • Empathy in Teaching:
    Patient and supportive when helping students or junior engineers navigate complex concepts, ensuring they build confidence and skills.
Programming Languages
  • Python
  • C/C++
  • Bash
Languages
  • Arabic
    100%
  • English
    85%
Latest Posts
Get in Touch
  • Address: Cairo, Egypt
  • Email: ahmed@elesawi.com
  • Phone: 002 01101201743
  • Freelance: Available
Contact Form
Send Message
Contact Me
Telegram
Whatsapp
Messenger