Mohammed Khalafalla

IT Architect & Cybersecurity Engineer

MOHAMMED KHALAFALLA

Results-driven IT Manager with 6+ years of hands-on expertise spanning system administration, infrastructure architecture, and cybersecurity — primarily within hospitality. Building high-performance, zero-trust environments from the ground up.

⚡ Initiate Contact // View Projects

MuKhalafalla Mu

IT Manager @ Swiss International Al Taif

Years XP

60%

Cost Cut

10+

Certifications

Companies

FortiGate VMware ESXi OPERA Cloud Active Directory Veeam Python

SCROLL

Telecom Cost Reduction

Years of Experience

Certifications Earned

0✕

Chess Champion 🏆

Work History

Battle-Tested
Experience

2024

Aug 2024 → Present

● Currently Active

Swiss International Al Taif Hotel · Taif, KSA

IT Manager

Designed and deployed the hotel's Full Domain Controller System — eliminated external vendor costs, enforced zero-trust access management & Group Policy hardening.
Architected cost-effective high-speed Guest Wi-Fi infrastructure; migrated critical hotel systems to wired backbone — improving stability and data throughput significantly.
Led integration of Sun System & Material Control for automated financial operations and procurement management across all hotel departments.
Deployed FortiGate Firewall with structured ACLs, advanced file-sharing policies, and IDS/IPS rules — achieving 99.9% cybersecurity compliance.
Optimized telecom infrastructure: reduced telephone lines from 15 → 6, delivering a 60% cost reduction with zero degradation in service quality.
Managed OPERA Cloud PMS, Micros POS, and all hospitality IT systems ensuring seamless 24/7 operations for staff and guests.

2023

Nov 2023 → Jun 2024

Backbone Group · Part-Time

Cybersecurity Engineer

Designed, implemented, and managed enterprise cybersecurity toolsets including next-generation firewalls, IDS/IPS, and antivirus solutions for commercial clients.
Delivered comprehensive Trend Micro product support (Apex One, Apex Central, Deep Security, DDx) across the Middle East region — ensuring robust threat protection at scale.

2023

Aug 2023 → May 2024

ElManara Flour Company

System Administrator

Installed, configured, and hardened VMware ESXi servers with Sophos Firewall solutions — building a resilient virtualized infrastructure.
Managed user access controls, maintained file servers, and configured virtual storage environments for system stability and data integrity.
Proactively monitored network activity to identify and mitigate security threats before impact.

2021

Apr 2021 → Jun 2023

Blue Reef Resort

Assistant IT Manager

Migrated physical servers to VMware ESXi 6 virtualized environment — significantly improving performance, redundancy, and disaster recovery capabilities.
Upgraded firewall infrastructure from pfSense → Sophos XG, enhancing network security posture.
Implemented Veeam Backup & Recovery solution and led a full Wi-Fi system overhaul using Ubiquiti mesh technology.
Enhanced hotel CCTV infrastructure for advanced security monitoring coverage.

2020

Sep 2020 → Mar 2021

Telecom Egypt (WE)

IT Support Specialist

Delivered end-user support via phone, email, and in-person for hardware and software resolution across diverse enterprise environments.
Assisted in system installations, upgrades, and routine maintenance ensuring continuous operational performance.

Core Competencies

Technical Arsenal

Networking & Security

FortiGate / Fortinet Suite95%

Sophos Firewall / XG90%

TCP/IP · DNS · DHCP · VPN92%

IDS / IPS · Zero Trust85%

Trend Micro (Apex One / Deep Security)88%

Virtualization & Infrastructure

VMware ESXi / vSphere / vCenter90%

Windows Server / Active Directory93%

Linux Administration80%

Veeam Backup & Disaster Recovery87%

Hospitality IT Systems

OPERA Cloud PMS92%

Micros POS88%

Sun System / Material Control85%

Automation & Scripting

PowerShell85%

Python (Automation / Scripting)78%

Bash Scripting80%

Tools & Platforms

Ubiquiti

pfSense

CCNA

MCSA

CompTIA A+

Group Policy

SIEM

FortiAP

VLAN

VoIP

CCTV Systems

QoS

Key Initiatives

Signature Projects

🖥️

Hotel Domain Controller & Zero-Trust Deployment

Designed and deployed the entire Active Directory & GPO infrastructure at Swiss International Al Taif Hotel — eliminating third-party vendor dependency and saving significant outsourcing costs. Centralized authentication, enforced zero-trust policies, and streamlined all user access management.

Windows ServerActive DirectoryZero TrustCost Optimization

🌐

Enterprise Guest Wi-Fi Architecture

Engineered a high-performance guest Wi-Fi network with VLAN segmentation, captive portal authentication, and QoS prioritization. Migrated all critical hotel systems to wired backbone — improving stability, data transfer speed, and network security posture while reducing operational expenses.

UbiquitiFortiAPVLANQoS

📡

Telecom Optimization — 60% Cost Reduction

Audited and restructured the hotel's entire telecommunication infrastructure. Reduced telephone lines from 15 → 6, implemented intelligent call routing and VoIP optimization — delivering 60% annual cost savings with zero degradation to internal or guest-facing communication quality.

VoIPCost EngineeringInfrastructure

🔥

FortiGate Security Hardening & Compliance

Implemented full FortiGate firewall deployment with advanced access control lists, structured security policies, IDS/IPS rules, and file-sharing governance. Achieved 99.9% cybersecurity compliance and significantly reduced attack surface across all hotel network segments.

FortiGateIDS/IPSComplianceSecurity Policy

☁️

Physical-to-Virtual ESXi Migration

Led a full P2V migration from legacy physical servers to VMware ESXi 6 virtualized environment at Blue Reef Resort — dramatically improving system performance, reliability, and disaster recovery readiness. Complemented with Veeam Backup implementation for business continuity.

VMware ESXiVeeamP2V MigrationDR

⚙️

Sun System & Material Control Integration

Played a central role in configuring and integrating Sun System financial software and Material Control procurement platform — enabling automated financial operations, real-time inventory management, and seamless cross-departmental data flow throughout the hotel.

Sun SystemMaterial ControlERP IntegrationAutomation

🔗

Multi-Branch VPN & SD-WAN Fabric

Architected a secure SD-WAN overlay connecting 4 hotel branches with site-to-site VPN tunnels and dynamic routing (BGP/OSPF). Implemented QoS policies prioritizing VoIP and critical ERP traffic, reducing inter-branch latency by 40% and ensuring 99.99% uptime for voice and data.

SD-WANSite-to-Site VPNVoIP QoSBGP/OSPF

📞

Unified VoIP & Telephony Migration

Designed and deployed a centralized VoIP PBX (3CX/Asterisk) across all branches, integrating legacy POTS lines with SIP trunks. Enabled unified extension dialing, call recording, and softphone roaming — reduced long-distance costs by 65% and improved internal voice collaboration.

VoIP PBXSIP Trunking3CXUnified Comms

🗄️

Centralized Server & Storage Replication

Consolidated 12 physical servers into 3 clustered hypervisors (VMware vSAN) across two data centers. Implemented synchronous replication for mission-critical VMs and Veeam Backup & Replication for offsite DR. Achieved RPO of 15 minutes and RTO under 2 hours for all branch servers.

vSANHyper-V ReplicaVeeam B&RDR Orchestration

Qualifications

Certifications & Education

🛡️

Fortinet Certified Associate (FCA)

Fortinet · Cybersecurity

May 2025

🔐

Fortinet Certified Fundamentals (FCF)

Fortinet · Cybersecurity

May 2025

🌐

Cisco Certified Network Associate (CCNA)

Cisco Systems · Networking

Active

🪟

Microsoft Certified Solutions Associate (MCSA)

Microsoft · Systems Admin

Active

💻

VMware Essentials (vSphere & ESXi)

VMware · Virtualization

Active

☁️

Veeam Backup & Recovery

Veeam · Disaster Recovery

Active

🔒

Google Cybersecurity Certificate

Google · Apr 2024

Apr 2024

🔥

Sophos Firewall — Threat Protection

Sophos · Network Security

Active

🖥️

CompTIA A+ — IT Hardware & Networking

CompTIA

Active

🧬

Trend Micro Suite (Apex One, Deep Security)

Trend Micro · Security

Active

🎓

B.Sc. Information Technology & Computer Science

Sinai University · 2016–2020

2020

♟️

3× University Chess Champion

Sinai University

2018 · 2019 · 2020

Get In Touch

Let's Build Something Extraordinary

Currently based in Taif, Saudi Arabia with a transferable IT Engineer visa. Open to senior IT management roles, cybersecurity contracts, and infrastructure architecture projects across the region.

📱

Phone / WhatsApp +966 54 770 6541

✉️

Email Eng.muhammedkh@gmail.com

🌐

Portfolio Website www.mukhalafalla.com

💼

LinkedIn /in/MuKhalafalla

// candidate.profile.json

{

"name": "Mohammed Khalafalla",

"role": "IT Manager & Cybersecurity Engineer",