Security Information
Resume:
Page*
Faisal Imtiaz
Cell: +974-******** (Qatar),+923********* (Pakistan)
Email: ac9754@r.postjobfree.com
Profile Summary
Expert of security technologies and SOC programs for smart city, ISPs, health care organization, telecom industry and financial services. Security programs include technology architecture review, security governance for technology and IT, employs training and SOC services. SOC services include SIEM operation, advance persistent threat detection and threat hunting with team management. Expertise in the SOC development program to minimizes security incident. Maturing the effectiveness of existing security controls to avoidance security breaches. Performing risk assessment drill with risk treatment plans for new emerging threats. Internal security audits and support for external audit for compliance and ISO certification. Documentation for security policy, processes and procedure align with organizational strategy and with cyber security framework. Compliance with security standards such as NIST, SAN and OWSAP. Skills
Application Security: Single Sign-On (SSO), Pentesting, Code logic review, Oath 2.0, Multifactor authentication. Secure coding SDLC technique with OWSAP standards.
Network and Infrastrcutre securitys:, Public cloud, private cloud and fog computing,NFV, SDN,Open Stack,VMware,IAAS,PAAS,SAAS,Next generation firewall (NGFW), DDOS, IDPS,Web Application Firewalls (WAF), Email Security Gateway, Endpoint Detection and Response(EDRS), Advanced Threat Protection (ATP), Stacking, DPI, OSFP, BGP, MPLS,IS-IS, MPLS-VPN, Modbus, BACnet, Deep Packet Inspect (DPI), OTT and IPTV, Content delivery service (CDN), Content filerting, Deep Packet Inspection, DNS as Services, SDN could Tier 4 DCs Security architecture: Computer System architecture, System Security architecture, Enterprise information security architecture, TOGAF, Service Oriented Architecture, Enterprise Architecture Cyber ecurity : Vulnerability Assessment, Security Information and Event Management (SIEM), Honey pots, Reverse- Proxy, SOC Operations, data loss protection (DLP), Anti-Malware, incident response, Computer Forensics, Binary Reverse engineering, Data protection, Vulnerability Assessment and Penetration Testing (VAPT) Security governance and regulatory compliance: Security policy and procedure, Secure architecture design and documentation,compliance assessments, Risk Assessment and treatment, IT security audit,ISO Compliance and regulatory audit, NIST & SANS practises, ISO 27001, Cyber Security Framework (CSF), IEC 62443.ISMS, HIPAA, ISMS, GLBA, PCI DSS, SOX.
Vendors Hands-on
Next Generation Firewall: Juniper SRX5800,SRX-3600,v-SRX Cisco ASA-5555x,5585 Huawei USG-5000, Fortinet Fortinet-60D,, 320D Palo alto Palo-PA-5000, DDOS Arbour, F5,,Deep Packet Inspection Sandvine, Procera, DNS Infoblox, SDN/NFVJuniper VMX,VSRX,VMware,Huawei SaaS, IaaS Sun Solaris, VMware, Routing Juniper MX960, E320, Cisco ASR 9010, Huawei ME60, ZTE, Nokia 7010,Switching & LBR Juniper EX4200,EX4300,QFX5100
,EX8208, Brocade ADX-4000,F5,ZTE,IBM .WIFI Ruckus Zone Director3000, Access point Zone Flex R600, IPAM Efficient IP, Infoblox, Intrusion Detection Prevention Snort, Juniper App-Secure, Cisco Firepower, Palo Alto Wildfire, Network Monitoring Nagios, Solar winds, Cacti, CA spectrum Security Policy Managment Tufin,FireMon Programming Languages/ Scripting (C++, Python, Machine Language, Assembly Language) IAM Juniper MAG2600, 4610, SA4500,SBR Cisco Any Connect, ISE, TACACS,Oath2.0,SAML,TPAM, AD with one identity bridiging,Vasco Web Application Firewall(WAF) Fortinet, Quays, F5 ASM, Email Protection Fire Eye EX, Barracuda Platform window server 2008, Kali Linux, Sun Solaris, RTOS, Linux Micro,Vulnerability Assessment IBM Q-Radar VA, Rapid 7, Qualys, Tenable, Nessus. Incident Management & SEIM Fire Eye, IBM Q-Radar, Juniper STRM-500, Alien Vault, Splunk, Artificial Intelligence Artificial Neural Network, Support Vector Machine, KNN and Google Deep Learning, Reverse Engineering Olly debugger, Yara
Data and information Security Veritas,Netapp, Riverbed, Symentic,FireEye FX Sandboxing FireEyeNX Wazuh’s File integrity monitoring (FIM),Enterpirze Recon,
Page2
Experience
Senior Security Architect for Smart City at Meeza Q.F.Doha Qatar Nov 2018 to August 2019 Researches, analyses, recommend and implement new technologies, standards, processes, tools and techniques for security systems. Reviews current infrastructure and security system designs with configuration to select appropriate technology and ensures efficient use of resources. Assure secure integration of multiple and heterogeneous systems and technologies. Provide security assessments for infrastructure networks, systems, applications, industrial control systems with standards like ISO 27K, IEC 62443, OWASP and NIST.
Analyze the business security requirement with architectural design, development, implementation and optimization of security frameworks for business and engineering functions. Define project scope, plans and deliverables including cost projections and proposed implementation dates based on an understanding of the business’ organizational strategic direction, technical context and business needs. Develop detailed business requirements, workflow procedures, data models, system, documentation, user manuals and training materials for security systems. Communicate business requirements to management and all stakeholders using standard and clear documentation, and provide leadership, assistance and clarification during technology deployment. Ensure security control by aligning architectural security with SOC functions. Review vendors security system design documentation and provide feedback and recommendations for improve. Develop business cases and cost-benefit analysis for technology enhancements or services related to security. Conduct functional evaluation and approval of new security systems or services during the tendering cycle Projects
MDD smart city security design review MDD security risk assessment MDD Gap analysis with ISO 27K ISMS MDD portal penetration testing MDD Security practice implementation with NIST and OWSAP standards Manager Security - IP Service PTCL-Etisalat Pakistan Nov.2016-Nov. 2018 Primarily responsible for security event monitoring, management, response and report to PTCL infrastructure through centralize SIEM. Core services like ISP DNS, PSTN, GPON IPTV, OTT, VOD centralize authentication system for 30 million customers, web hosting solutions, NMS and DPI solution and access services include MSAD, DSLAM. Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring in PTCL services. Revise and develop processes to strengthen the current Security Operations Framework. Audit of configuration to assure security standards of devices. Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring. Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.Co- ordination with stakeholders, build and maintain positive working relationships with cross functional departments include PIE, MMBB, NOC and international NOC. Study traffic trend and attack trends on hosted services with SEIM, find abnormalities based on a known and unknown pattern and identify new cases bases abnormal traffic trends Projects
●ISO 27001 and NIST 800-53 implementation in PTCL-IP [MMBB, PIE, IPTV/OTT, WLL]
●Change management implement with automatic configuration audit for compliance control
●Threat Mitigation program for protecting PTCL corporate datacenters Awards
●Award of Innovation for IOT -PTCL 2018
● Award of Innovation Idea for Telehealth PTCL 2018
● Presidential Award Nomination-Category Innovation for Project IPAM 2017 Senior Security Engineer at Askari Bank Pakistan October 2014- November 2016
(Award of Performance for DR design and Deployment -Presidential award 2016) Builds and maintains IT security solutions for core banking and internet banking systems. Handling any technical problems that arise in network security, system security and application security. Identify IT threats and software vulnerabilities, build and test robust security systems e.g. Next Generation firewalls configuration, intrusion detection and prevention system fine tuning, Antimalware configuration, Sandboxing for SAN storage, EDR for user, NEC for admin and proxy server. serve as the “security point person” on policies & procedures. Secure network architectures by architecture review of Network schema, logical isolation, proper configuration and secure communication. secure coding practices for new building system, vulnerability assessment and ethical hacking practise. Review system security of both physical and virtual systems of the window, Linux, Unix, database security. Develop automation scripts to handle and track incidents Investigate intrusion incidents, conduct forensic investigations and mount Page3
incident responses. Collaborate with colleagues on authentication, authorization and encryption solutions Evaluate new technologies and processes that enhance security capabilities. Supervise changes in software, hardware, facilities, telecommunications and user needs Define, implement and maintain corporate security policies. Projects
●Deployment CISCO-ASA-5555x integrated with Fire-Sight for an internet banking site
●Juniper APP-Secure feature deployment of Juniper Next-Generation Firewall
●Fire Eye NX, EX, FX, HX and CMS deployment for behaviour base traffic analysis.
●Designing and Operation of New DR Site of AKBL DC Assistant Security Engineer interactive Group Pakistan Sept.2011-Oct.2014 Responsible for network security solution deployment and L2 operational support. Deployment and operate Client’s core and edge network using secure design for implementations and designing having routing, switching and security devices with high availability. Do a survey and implement POC of a different scenario. Experience of deploying more than 70 Data Centre/Mini DCs Operational Experience of more than 20 corporate clients DCs. Coordination with different teams which include Systems, DBA for deployment/Operation, a wireless team of different projects. Projects
●SRTM SEIM Deployment for interactive group ●GB Police, AJK police, KPK Police, Punjab Police Datacenter/Sites Deployment ●FIA PAFIS (Fingerprint System) Datacenter/ and edge sites ●Hospital Management System Program (44 Data Centers) include the integration of hospital IOTs Awards
●Juniper Technical Master Award -Juniper Networks 2012 & 2013
● Juniper Network Aspiring Champion Awards-Juniper Network 2012
●Juniper Innovative Champion Award -Juniper Networks 2012 Education
Research Publications
Machine Learning Based Intelligent System for IP Traffic Classification(SURJ December 2013)
On the performance of the digital image processing technique for modelling human actions(NCMSEA-2018)
Hierarchical structure for Modelling Human actions and Multi-Classifier Approach(SURJ 2018) Certifications
●CCIE Security (Written) July 2019
●ISO 27001 Lead Implementer (RISE Pakistan, June 2019)
●IBM Qradar foundation and advance courses (Commtel Pakistan July-August,2018)
●Six Sigma Green Belt (Mind Cyprus Doha Qatar April 2019)
●Developing Managerial Excellence (Etisalat Aacadmy June,2018)
●GIAC Malware Analysis (Cyber Secure Pakistan March 2018)
●Certified Ethical Hacker CEH (EC Council Certificate Number 449927 May2018-May-2021)
●VMware Certified Associate – Cloud (License VMW-01310096L-00434390 Dec 2013-Dec 2017)
●VMware Certified Associate - Workforce Mobility (License VMW-01310096L-00434390 Dec2013-Dec 2017)
●VMware Certified Associate - Data enter Virtualization (LicenseVMW-01310096L-00434390 Dec13- Dec17)
●JNCIP Security, Professional (Juniper Networks License JNCIPSEC060514020021 May2014-May 2017) Qualification
●MS, Computer System Engineering (University of Engineering and Technology Peshawar 2013 – 2017)
●BE, Computer System Engineering (University of Engineering and Technology Peshawar 2006– 2010)
●HSSC, Pre-Engineering (Islamia College Peshawar 2004– 2006) Reference
Jawad Sarwar
GM Network & Information System
Etisalat/ PTCL Pakistan
Email: ac9754@r.postjobfree.com Mob:
Luai Bahadur,
Lead Architect at Meeza, Qatar Foundation
Email:ac9754@r.postjobfree.com
Mob: +974-********
Contact this candidate