Battles

During my time at Digital Auxilius, I led the rollout of a full Fortinet security stack for a multi-site enterprise. I designed and configured FortiGate firewalls, FortiManager, and FortiAnalyzer to build a unified, secure infrastructure. I set up SD-WAN across six dedicated ISPs with traffic shaping, SLA tracking, and automatic failover - keeping uptime above 99%. It was my first large-scale project where I handled design, deployment, documentation, and vendor coordination end-to-end.

I managed three Microsoft 365 tenants and hybrid Azure servers, tightening access controls, GPOs, and conditional policies. I also integrated Azure AD with on-prem systems to simplify user management. The result was a more compliant, manageable environment aligned with ISO 27001 controls.

Seeing too many tickets slip through the cracks, I built a complete monitoring and support system from scratch using Zabbix, osTicket, and Snipe-IT. It gave real-time visibility into system health and asset tracking while cutting response time for incidents by over half. This project taught me that a bit of automation beats heroics every time.

I re-architected the enterprise LAN/WLAN setup with Cisco Catalyst switching and Aruba access points. The goal was simple: fast, secure Wi-Fi that actually worked everywhere. I built VLAN segmentation, ACLs, and 802.1X RADIUS authentication so every device connected safely and stayed in its lane. It was equal parts design, troubleshooting, and caffeine.

I coordinated with compliance teams to get our infrastructure fully audit-ready. I handled technical controls, risk assessments, and evidence documentation. It wasn’t glamorous, but it built a discipline in documenting everything and made sure our shiny tech met the standards it claimed to.

At Avanza Innovations, I engineered FortiGate site-to-site and SSL VPNs linking banking and government data centers. Security and uptime were critical - the networks had to stay up 24/7 for financial transactions. I integrated Cisco Duo MFA for VPN and Microsoft 365 to tighten identity protection without annoying the end users (too much).

I managed MikroTik routing and UniFi access points, and deployed Kaspersky EDR for endpoint defense. Combined with VLAN segmentation, it created an isolated, resilient environment. It was the first time I got to see how network design directly affects security posture.

At Sahara Homecare, I led a team supporting over 500 users. I redesigned ticket workflows, rewrote SOPs, and trimmed resolution time by 40%. The fun part was convincing everyone that “documenting things” actually saves time.

I oversaw multiple internal application rollouts and handled the messy post-launch stabilization phase - patching, debugging, and smoothing integration with existing systems. That’s where I learned that technology isn’t the problem - user habits are.

This was a passion project outside work: designing low-latency, multi-ISP gaming networks for O2 Esports, Arcadium Gaming, and Penguin Esports. I used Cisco and MikroTik routers, VLANs, UniFi APs, and caching servers to deliver sub-20 ms latency and zero downtime during tournaments. It blended my love for esports and network engineering in a single project.

Still at Avanza, I rolled out Kaspersky EDR across hundreds of endpoints. Policies, agents, dashboards - the whole thing. It cut down lateral-movement risks and gave our SOC team real visibility instead of blind alerts.

For multiple Pakistani banks, I built and hardened Red Hat virtual machines used in Avanza’s eKYC deployments. Each VM handled sensitive identity verification traffic, so stability and isolation were non-negotiable. It’s one of those projects where you sleep better knowing nothing crashed overnight.