Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
REFERENCE
Timeline
Generic

Tilahun Yigzaw Wollela

NETWORK AND SECURITY ENGINEER
Addis Ababa

Summary

A Security Engineer with self-motivation, background in Electrical Engineering, and excellent technical skills. Supervised facility network operations and reduced downtime by adapting to accommodate evolving user requirements. Effective maintenance of high-level systems and the ability to work well with others resulted in the best possible outcomes. A Candidate who is reliable and efficient in handling various tasks while maintaining a positive mindset. Readiness to assume additional duties in order to achieve team objectives. Certified in various qualifications including Cisco Certified Specialist - Enterprise Core, Cisco Certified Specialist - Enterprise SD-WAN Implementation, CCNP Enterprise, Checkpoint CCSA and CCSE, AWS, ITIL, CISSP, Cisco ASA, Cisco NAC Appliance, Stongate Firewall System Architect, and Stongate Certified 5.0 Administrator.
I have over 20 years of experience as a Network Security Engineer focusing on designing, constructing, and overseeing security infrastructure. I possess extensive expertise in Cisco Identity and Access Management technologies, as well as in the installation and configuration of various firewall brands and the establishment of virtual private networks (VPN).
An individual with a strong work ethic and diligent nature, driven by a commitment to quality and self-motivation. Teaches coworkers about top strategies and security protocols for networking. Defends networked resources with a combination of proactive and reactive strategies.

Overview

24
24
years of professional experience
8
8
years of post-secondary education
8
8
Certifications
1
1
Language

Work History

IT Assistant-Network Support

UNOAU, United Nations Office for African UNION
3 2014 - Current
  • As a Cisco Network Security Engineer, my role is to design, implement, and maintain secure network infrastructure for organizations. This includes developing and implementing network security policies, procedures, and controls to protect against unauthorized access, data breaches, and other security threats. I am responsible for configuring and managing network security devices such as firewalls, intrusion detection systems, and virtual private networks.
  • I work closely with network administrators to ensure that security measures are properly implemented and maintained throughout the network infrastructure.
  • I collaborate with cybersecurity teams to share threat intelligence and coordinate incident response efforts. Overall, as a security team, my main goal is to ensure the confidentiality, integrity, and availability of network resources by implementing robust security measures
  • I am installing administering Checkpoint Firewall R88.1 Gateway firewall ,SMS and log server and certified in checkpoint certified system Administrator CCSA and checkpoint certified system expert CCSE in checkpoint
  • · I also have strong troubleshooting skills to quickly identify and resolve any security issues that may arise. Furthermore, I collaborate with cybersecurity teams to share threat intelligence and coordinate incident response efforts. Overall, as a security focal point in UNOAU, my main goal is to ensure the confidentiality, integrity, and availability of network resources by implementing robust security measures and staying vigilant against emerging threats with a working knowedge of cybersecurity.
  • · I am part of the team for implementing strong authentication mechanisms, encrypting sensitive data, regularly updating and patching systems, , access control, antivirus and anti-malware, application security, behavioral analysis, data loss prevention, email security, firewalls, intrusion prevention systems, mobile device security, network segmentation, secure remote access, security information and event management, virtual private networks, and web security that is comprehensive protection against cyber threats and ensure the integrity of networks and data.
  • · I am part of the team in designing, implementing, and maintaining complex network infrastructures. Experienced in managing both local area networks and wide area networks, ensuring optimal network performance and availability.
  • · I am Specializes in troubleshooting network issues and providing timely resolution to minimize downtime. Certified in CCNA and CCNP with a deep understanding of network protocols,
  • · Working in configuring and troubleshooting Cisco Meraki devices, such as switches, routers, and wireless access points.
  • · Working in Cisco Meraki cloud-based solutions, including dashboard management and centralized network monitoring. conducting network assessments and providing recommendations for optimizing performance and enhancing security measures. Demonstrated success in collaborating with cross-functional teams to design and deploy scalable and secure network architectures.Strong understanding of network protocols and technologies, including VLANs, routing protocols, VPNs, and wireless LANs.
  • · Experience in Cisco Meraki Cloud Controller to manage wireless networks and improve system-wide wireless connectivity and performance ,troubleshooting network issues and resolving them in a timely manner to minimize downtime and ensure uninterrupted business operations.
  • · Provide efficient IT infrastructure LAN ,WAN and security infrastructure and maintain the IT systems to meet the UNOAU's Operational requirements
  • · Execute installation, operation and maintenance of UNOAU network (LAN/WAN) Infrastructure Video conference (VTC) and telephone infrastructure to meet UNOAU operational and support requirements and UN standard procedures and policies
  • · Manage configure and monitor HQ and branch office located in AU and Resident LAN/WAN through microwave and satellite links
  • · Configure manage monitor and secure Office WIFI system through Cisco Wireless controller
  • · Configure and install cisco call manager and ip hones
  • · Ensure optimum support of UNOAU critical applications and enterprise applications
  • · Support Internet and Intranet application connectivity to the UNOAU Senior Management residential premises
  • · Prepare a plan to design, upgrade and enhance Network Infrastructure Systems where applicable
  • · Configure and install security ,Network and server centralized Monitoring and log systems
  • · Monitor the entire Network and system infrastructure with centralized logging and monitoring solution through Manage engine 360 ,MRTG
  • · Maintaining and updating UNOAU Data Security and continue Data back up within DRBC Plan
  • · Key Related Actions
  • · Ensure that all users are properly authenticated prior to access ICT resources Only designated CITS personnel has privileges to create network accounts
  • · Connecting Senior management resident with Ethiotelecom MPLS network for voice and data connectivity
  • · Implementing IWAN/ DMVPN connection to Valencia through satellite and Internet connection
  • · Managing and Installing safecom printer management software
  • · Configure and monitor Cisco WAAS and WAN QOS system to give high priority for voice for Valencia link
  • · Upgrading OS to Windows 10 and office 365 for clients
  • · Giving support through centralized helpdesk system through ineed self-service ticketing system
  • · Configure and implement ACL on ICT resources especially on networking equipment
  • · Configuration of data backup policies and jobs duplication
  • · Generate log and tracking of ACL accounting, backup and restore
  • · Updating Checkpoint Firewall policies and managing Incidents Key Related Actions .Managing checkpoint policy and updating it according to the UNGSC standard Configuring Analyzing and reporting server in coordination with UNGSC engineers Configuring IPS systems -Managing Smart event ,smart log and smart reporting configuration
  • · Responding incidents by updating the policy
  • · Participated in team projects, demonstrating an ability to work collaboratively and effectively.

NETWORK ENGINEER

UNAMID ( United Nations and African Union Hybrid Mission in Sudan
06.2008 - 02.2014
  • Nation African Mission in Darfur Sudan(UNAMID) As IT Assistant on LAN and WAN
  • Design, implement and maintain data and network security projects using firewalls, routers and switches to ensure that Mission network resources are secured from internal and external influences
  • Install cisco ASA firewalls as backend firewall in sectors HQ to achieve dual vendor firewall strategy with stongate firewall at the front (ASA 5500 Series with High Availability, IOS firewall, Control-plane security)
  • Configuration of VSS in HQ Cores switches that makes the Network highly redundant and no single point of failure
  • Giving support for SMU on the configuration of Nexus Switch for HP blade system (Nexus 2000, Nexus 5000 Datacenter switches (VPCs) cisco datacenter solutions
  • Configuration and Installation of Stongate Management center for Sector HQ ,West and Sector South including upgrading of Stongate Firewall Engines using Stobgate Firewall 5000 and 300 series
  • Establish mechanisms to filter the content to and from the internet in-line with the DPKO set guidelines and the internet policy and provide internet usage statistics when required
  • Configuration of Transparent proxy using Cisco Application and Content Networking system(ACNS) and caching in HQ and Major sectors Nyala ,Zalengie and Elgenina
  • Integration of New ISP( Intelsat and Sudatel) in HQ and Sector HQ with UNAMID Network and , configuring Load balancing on Stongate firewall for optimized use of Internet bandwidth
  • Ensure that the UN network standardization is implemented on the UNAMID Network following the guidelines given by UNLB
  • Assisted in the rollout the UNAMID Network Standardization to all Sectors and Team sites
  • Giving Briefing for New team members joining in this reporting period and Team members in Sector HQ and Addis Ababa
  • Working Routing and Switching, Optimization (Routing protocol configuration and fine tuning, route-maps, access-lists, redistribution, policy-maps, STP tuning, GLBP, NTP, SNMP v3, HP Blade switches i.e
  • WS-CBS3020-HPQ, Policy routing, VPNs, Load Balancing, Frame-relay, Voice gateways troubleshooting, Traffic monitoring, tunnels, SLA based Tracked Routes, Backup interfaces, Private-vlans etc)
  • Managing/working on C6509-E, C45XX, c3750X, c3560, c2960, 72XX, 25XX, 28XX, 38XX, 39XX(G2, borderless routers)
  • Working on Cisco Call Manager Express Configuration and deployment (CME)
  • Working on Virtual Switching System (VSS) implementation on Cisco 6509s(VS-S720-10G SUP) switches
  • Cisco VRFs Management on Internet Gateways
  • Designing, Implementation and Troubleshooting for Campus and WAN and configuration of Quality of service and cisco WAAS(Cisco Wide Area Application Services) on all WAN links
  • Core & Distribution layer devices Management (Installation, IOS Upgradation using eFSU etc),
  • Configuration of UNAMID Full Mesh VPN topology ,a fully redundant VPN links are configured between sectors ,HQ,UNESB and UNLB ( BGP Integration between VPN endpoints) using leased line form sudatel and back up VPN links using internet links on major sectors
  • Configuration of a VPN GRE Tunnel between UNOAU office in Addis Ababa to UNECA
  • Cisco Server Load Balancing (SLB) for UNAMID servers on CAT6500 swiches in all sector HQ so that we are able to optimize and load balance the Traffic
  • Configuration/Management of MULTICAST in the network so that PIO office can run radio inside the LAN and WAN in UNAMID Network
  • WISM Configuration, Wireless performance survey and design
  • Proactive Network Monitoring (IP SLA, NAM (WS-SVC-NAM-2) CactiEZ, NetFlow Analyzer, Intermapper, Whatsup Gold, Solarwinds NPM)
  • Troubleshot complex multi-vendor network service provider issues.
  • Assisted with implementation and support of network monitoring tools.
  • Recommended options for disaster recovery and remote access security.
  • Detected intrusion attempts and promptly responded to DDoS attacks.
  • Applied tier-isolation best practices to support multi-tier architectures.
  • Collaborated with vendors to identify best options for optimizing network performance.
  • Integrated data, voice and video networks for use in multi-site installations.
  • Organized frameworks to transfer secure data from internal to external and public networks.
  • Provided detailed network diagrams and procedural guidelines.
  • Configured and troubleshot VoIP and multi-media distributed systems and platforms.
  • Created VPN infrastructure and allowed for secure remote connections.
  • Established robust infrastructure and data capacity for new applications.
  • Integrated fixed wireless connectivity into facilities requiring high-speed networks.
  • Escalated emergency technical issues beyond knowledge to maintain optimum up-time.

Network Engineer -Secondement for Ethiopi Disaster

UNDP
08.2003 - 05.2008
  • UNDP Ethiopia under food security program As, for DPPA (Disaster prevention and Preparedness Agency) Information center: - A Project Funded by WFP, CIDA, USAID and other donors
  • Working for ICT Project for DPPA Information Center for National Early Warning System
  • Building a Managed Information System for Disaster prevention and preparedness Agency
  • Building a LAN and WAN using Ethiopian telecommunication Broadband service which connects Five regions and 6 Campuses of the DPPA
  • Installation and Configuration of Wireless WAN which connects three branches In Addis Ababa
  • Installation and Configuration of Cisco 2900,3550,4300 Switches and Cisco 3640 ,3660,1751,2610 Routers and PIX 515-E Firewall
  • Installation and maintenance of the Intranet servers such as Mail , Web ,GIS and database servers
  • Installation and Operation of Exchange Server for organizational mail exchange
  • Installation and Operation of Windows 2003 Servers ( Active Directory,DHCP,IIS,Print and ISA Server)
  • Designing LAN and WAN systems for regional woreda and zonal offices of the Commission(DPPA)
  • Designing and implementing Network Security for all networks connected to the backbone
  • Configuration and Policy editing of Cisco PIX firewall
  • Installation configuration of 6 windows 2003 server (Dell Power Edge servers Poweredge 4600, poweredge 2850, poweredge 1600)
  • Installation and Configuration of NAS Servers
  • Regular performing and scheduling back up system
  • Regular performing and policy editing on Firewall and proxy server
  • Preparing a Design and Bid document to Connect 28 remote offices to the Head Quarter and UN Agencies
  • Giving support for Network resource users
  • Giving support maintenance of computers,labtops,printers and other equipment
  • Creating user Account for mail and Network users According to the ICT policy

Deputy General Manager

Ethiopian Telecommunication Corporation
06.2000 - 08.2003
  • Regularly, following up the normal operation of the Addis Ababa internet Gateway for its normal operation
  • Troubleshooting, Maintaining & Building Configuring WAN and Local area Network connections of the Central and POP Networks
  • Administration and Maintenance of Cisco router series 2500, 2600,3600, 4000, 4500, 5300 ,7500 Routers
  • Troubleshot protocols: BGP, PPP, Frame Relay, ARP, RARP & OSPF
  • Managing WAN Cisco Devices (Leased Line, POPs, GATEWAY networks) Using Network management software’s ( whatsup,HP open view ,Solarwinds,MRTG, Cisco works )
  • Coordinating and follow up with Satellite Divisions for monitoring and maintaining International links
  • Coordinating and follow up with Multimedia and Switching Divisions for monitoring and maintaining Leased line and Dialup Customers
  • Preparing and Follow-up for the procurement of Network Devices and Accessories Specification for Spare part and Operation work
  • Supervise and follow-up of Server Administrators
  • Administering and follow up Web, Mail, Authentication and Access Servers
  • Regular Following up of system Security and Fire Wall Administration
  • Ensuring the smooth functioning of the server and publishing web pages for customers
  • Regularly following the Internet server for its normal operation and security
  • Regularly performing and scheduling Backup on the system
  • Designing and Implementation of Customer Services Database Using different Programming Languages
  • Part of the Team to Prepare Broadband Internet ,Broad Band Data ,Bid Documents Preparation
  • Employed best practices and management controls to provide superior service to internal and external customers.
  • Projected favorable image of company to promote objectives and enhance public recognition.
  • Participated in planning process to achieve corporate objectives.
  • Collaborated with department heads to establish goals and work plans.
  • Enacted contingency plans, escalated and directed system problems and issues and participated in post-mortem analysis to provide input for process improvements.

Education

Fasiledes Comprehensive High School
01.1991 - 04.1994

BSC Degree - Electrical Engineering

AAU Facility of technology
01.1995 - 04.1999

Skills

  • Firewall roll out implementation

  • Advanced knowledge in Cisco Network Devices-( Switches ,Routers ,Wireless controller and AP ,Cisco ISE, Cisco ASA firewall

  • Intrusion Detection

  • Identity and Access Management

  • Wireless Security

  • Security policy development

  • Endpoint Protection

  • Network Security Design

  • Security Information and Event Management

  • Security infrastructure architecture

  • Security issues troubleshooting

  • Security Needs Assessment

  • Network performance optimization and traffic acceleration

  • Tier-2/3 Local and remote support

  • Virtual private networks

  • Network architecture design

  • Proactive and team player

  • User Support

  • Strong Network and security troubleshooting skills

  • ITIL Framework Understanding

  • Voice over IP Solutions

  • Network Security Implementation

  • Effective Communication

  • Network Performance Analysis

  • Change Management

  • SNMP monitoring

Accomplishments

    -Part of the project team to Rollout of Stonegate Firewall in mission wide around 40 sites

    -Part of the project team to Rollout of cisco ASA in mission wide around 40 sites

    -A team lead to move from cisco ASA firewall to checkpoint firewall node ,security management and event log

    -A team lead to move the organizations Wireless system to Cisco Enhanced managed wireless mesh configuration with controllers and cisco Identity service ISE

    -conducting penetration tests, vulnerability assessments, and security audits,identifying and mitigating potential risks and improving overall network security.

    -Directed the implementation of a comprehensive network security strategy, resulting in reducing security incidents and breaches.

    -Achieving improvement in incident response times through the development of streamlined processes and protocols.

    -Developed and implemented a new firewall configuration, reducing unauthorized network access with cisco ISE

    -Provided training and awareness programs to staff, resulting in a decrease in security incidents caused by human error.

    -Performed detailed network security audits, identifying and rectifying security gaps that improved the organization security posture

    -Implemented a real-time network monitoring system, enhancing the detection of malicious activities and reducing response time

    - Assisted in the development of a disaster recovery plan, ensuring business continuity and reducing potential downtime in the event of a major incident.

    -Design and implementation of a new network infrastructure, resulting reduction in network downtime.

    -achieving a record-low network failure rate by implementing proactive maintenance procedures and adopting cutting-edge network management tools.

    - Developed and executed a comprehensive network security strategy that identified and mitigated significant security risks, safeguarding the organization against potential data breaches and cyber-attacks.

    -Playing key role in the design and execution of a major network upgrade project, which increased network capacity


    Additional courses taken in different times

  • ITILV3 Foundation Torque IT South Africa
  • AWS RSCE -UN training Facility Entebe
  • CISSP in Torque IT South Africa
  • Checkpoint System Administrator -UN Training Center Valencia
  • Checkpoint System Expert -UN training center Valencia
  • Designing Cisco Networks Torque IT South Africa
  • Securing Networks with ASA Foundation (SNAF) Torque IT South Africa
  • Securing Networks with ASA Advanced (SNAA) Torque IT South Africa
  • Implementing Cisco NAC Appliance (CANAC) Torque IT South Africa
  • Implementing cisco MARS Torque IT South Africa
  • Stongate Firewall management center UN Training Center Entebbe
  • Stongate Firewall /VPN Administration UN Training Center Entebbe
  • Stongate IPS/IDS UN Training Center Entebbe
  • Training by Transnational Computer Technology (TCT) December 2002 - February 2002
  • Interconnecting and Configuration of Cisco network devices
  • System Administration Using Solaris 8 and Windows NT
  • Web server Administration and configuration
  • CGI and PERL programming
  • Network Security using Firewall(Checkpoint 2000) and PIX Firewall
  • Shell Programming
  • Cisco works 2000
  • Infosys: March 2003-May2003
  • Building Scalable Cisco Internetworks
  • Building Cisco Multilayer Switched Networks
  • Building Cisco Remote Access Networks
  • Cisco internet network Designing
  • Cisco Internetwork Troubleshooting Support
  • PIX firewall configuration


Certification

SD-WAN -Cisco Certified Specialist - Enterprise SD-WAN Implementation certificate

REFERENCE

1. Killmore Madzivadondo MBA, MENGIN, BENG, MIET, MBCS

Chief Field Technology Services (FTS)

United Nations Office to the African Union (UNOAU)

Addis Ababa, Ethiopia | UNECA compound | Zambezi Building | 5th Floor

madzivadondo@un.org | +251911511716 | Intermission 1934048


2. Francis Mumbey-Wafula

Administrative Officer

United Nations Office to the African Union (UNOAU) and Office of

the Special Envoy for the Horn of Africa (OSE-Horn of Africa).

Menelik Avenue, UNECA Compound, NOF Floor 5; Addis Ababa, Ethiopia

Ext:  193-4020

Mobile : +251 (0) 911509132

Direct  : +251 (0) 115442220

Fax:     : +251(0)  115511652

Email     : mumbey-wafula@un.org


3. Ildephonse Ikitegetse,

Supervisor for IT Unit

United Nations Office to the African Union (UNOAU)

Addis Ababa, Ethiopia | UNECA compound | Zambezi Building | 5th Floor

ikitegetse@un.org| Intermission 193-4129, Mobile:+251911511725

Timeline

NETWORK ENGINEER

UNAMID ( United Nations and African Union Hybrid Mission in Sudan
06.2008 - 02.2014

Network Engineer -Secondement for Ethiopi Disaster

UNDP
08.2003 - 05.2008

Deputy General Manager

Ethiopian Telecommunication Corporation
06.2000 - 08.2003

BSC Degree - Electrical Engineering

AAU Facility of technology
01.1995 - 04.1999

Fasiledes Comprehensive High School
01.1991 - 04.1994

IT Assistant-Network Support

UNOAU, United Nations Office for African UNION
3 2014 - Current

Similar Profiles

  • Durodoluwa Koya

    Durodoluwa KoyaDurodoluwa Koya

    Sector Support Coordinator at United Nations African Union Mission In Darfur (UNAMID)- UN VolunteerSector Support Coordinator at United Nations African Union Mission In Darfur (UNAMID)- UN Volunteer

  • Elsir Adam

    Elsir AdamElsir Adam

    Field Language Assistant at African Union - United Nations Hybrid OperationField Language Assistant at African Union - United Nations Hybrid Operation

  • Durodoluwa Koya

    Durodoluwa KoyaDurodoluwa Koya

    Sector Support Coordinator at United Nations African Union MissionSector Support Coordinator at United Nations African Union Mission

  • Naomi Bekele

    Naomi BekeleNaomi Bekele

  • MULUKEN TILAHUN DESBALO

    MULUKEN TILAHUN DESBALOMULUKEN TILAHUN DESBALO

    Lecturer of construction technology and management at Addis Ababa UniversityLecturer of construction technology and management at Addis Ababa University

CREATE PROFILE
Tilahun Yigzaw WollelaNETWORK AND SECURITY ENGINEER