• Enforcing organization's network

• Enforcing organization's network security policies on all devices seeking network access. Allows only compliant and trusted endpoint devices onto the network.
• Restricting the access of noncompliant devices, and thereby limiting the potential damage from emerging security threats and risks.
• Maintain roles-based method of preventing unauthorized access and improving network resiliency.
• Reviewing the security design of public network accessible software or system.
• Coordinating with Network Management Team to remove unauthorized wireless device.
• Find security gaps by performing routine audits of hardware and software entities on the network and closing those gaps.
• Secure and Audit Network Device by Network Hardening with standard best practice and ISO27001, Perimeter protection, Intrusion Detection (wired, wireless and rouge AP)
• Tracks and regulates configuration and software changes throughout multivendor network infrastructure (including routers, switches, firewalls, load balancers, and wireless access points)
• Improve visibility into network changes and tracks compliance with variety of regulatory, IT, corporate governance, and technology best practices.
• Penetration review and recommendation to protect threat and vulnerability of IT's Servers.
• Protect the network from malicious entities such as hackers, viruses and spyware.
• Maintain an inventory of network devices and other access devices that are attached to the Network Environment.
• Monitoring and analyze network traffic log to prevent and forecast network traffic utilization.
• Redesign and monitoring corporate intrusion detection system (IDS) solution to protect malicious activities.
• Announced social networking security policies and guidelines to awareness user in organization.
• Design business continuous management solution using remote access service using TRUE TouchSIM device integrate with Juniper SSL-VPN (JunOS Pulse).
• Vulnerability assessment and penetration test on corporate servers (Windows server, Unix Server and Web Applications) to finding the vulnerable system that affected to business impact and write recommendation solutions
• Upgrade and Migrate Cisco ACS servers and hardening its configuration their servers used to authentication and authorization users access to all of TRUE network devices.
• Install and config Zabbix to monitoring health of important network devices such as core switch to improve performance and proactive responsibility.
• Install and config CiscoWorks to health monitoring and configuration management on all of network devices to improvement version controls and change management on devices.
• Develop security baseline for HP-UX, AIX, Solaris, MS Windows 2k server, Microsoft SQL server, Oracle and etc. to ensure security has been protected and ready to production.
• Develop compliance documents to improve processes and maintain ISO27001 standard, CMMI, ITIL and etc.
• Design and install Intrusion Prevention System (IPS) using HP TippingPoint to protect malicious activities and attacking from user zone to any applications and database zone.
• Implementing Network Admission Control System (NAC) using Cisco NAC to identify user account, authentication, authorization and host checking that comply with corporate policies before user's computer access computer network.
• Develop remote access from mobile devices such as iPhone, iPad, BlackBerry and any tablet device that connect to corporate network over secure tunnel using Cisco Anyconnect, JunOS Pulse. Moreover, enhance secure method by second authentication with soft token.