Security Engineer
Resume:
Information Security Manager
References:
Name: Farhad Aminy
City : Ottawa, ON (K2C 4G2)
Phone: 437-***-****
Email : ******.*****@*****.***
Career Objective:
A dedicated information security consultant seeking a network/information security position with skills developed in network Security, vulnerability assessment and virtualization.
Highlights of qualifications:
I have more than 12 years work experience as a system engineer in network hardening,vulnerability assessment and penetration test, designing infrastructure services, implementing firewall, Public key platform (PKI), Smart cards and Tokens.
Other field that I have huge experience is auditing and gap analysis according ISO 27001.
Achievements:
-Signed some important contracts in network security field
-Made a customer support network to improve satisfactory after finishing projects
-Trained, managed and lead technical team
-Upgraded education
Related Abilities:
-Communication and team work
-Project’s budgeting
-Managing Project’s milestone, writing report
-Initiative in technical and marketing fields
-Problem solving in team
-Flexibility
-Presentation skills, making by power point and others to report in sessions
-Technical skills like designing firewalls/IDP/Anti spam/AV, penetration Test and vulnerability
-assessment and cloud security
-Technical Skills
-Designed and implemented cloud security specially vmware virtualization security
-Designed and implemented Firewalls and fine tuning Intrusion Detection Prevention
(Juniper SSG/ISG and SRX, Fortigate, Cyberoam UTM, ISA Server 2004/2006 and
MS-TMG)
-Auditing and gap analysis according ISO 27001
-Auditing according PCI-DSS v3.0
-Extensive experience in designing Microsoft infrastructure services and it’s
security
-Designed security services and monitoring
-Designed and implemented Honey net
-Designed network security (PKI Infrastructure) and CA, Smart Card and Token
-Lunch Penetration test and vulnerability assessment projects
-Configured NAS and SAN Storage ( HP MSA1000, MSA P2000, EVA and Promise )
Management Skills
-Marketing, develop and improve business
-Writing business plan
-Writing technical proposal for information/network security projects
-Negotiating about contract
-Signing contract
-Assigning technical team
-Time management of project (made Gantt chart)
-information gathering and Role assignment to Tiger team
-making relation between team and employer
-building relationships with colleagues at all level
-Budgeting in project
-Checking technical team's reports
-preparing final report for presenting to employer
Professional Experience :
1. NIS ICT Co. (http://nis-ict.com)
( Information security Manager) ( Sep 2012 to March 2015 )
-Designed and fine tuned Firewalls (juniper SRX and Fortigate)
-Designed VPN (Site to Site)
-Designed Cloud Security :
-Vmware and SAN Storage hardening
-OS and Database Hardening
-Designed vSwitch, vLan
-Designed and implemented Firefly suite(Perimeter, Host) and Forti-VMX
-Designed vCloud Suite : vShield and Antivirus as an Endpoint security
-Designed security procedures in virtualization platform according ISO 27001
-Run Penetration Test and vulnerability assessment
Kali Linux,Nmap, Nessus, Metasploit Framework, Sniffing Tools, MBSA, Acunetix, Netsparker, Yersina, AirCrack Package(Wifi Penetration Test) .
-Auditing according ISO 27001
-Gap Analysis and Risk assessment
-Auditing according PCI DSS v3.0
-Lunch vulnerability Assessment and penetration test on qazvin government's network
-Designing Melat bank’s cloud security (virtualization hardening)
-Designing Tejarat bank’s cloud security (virtualization hardening)
-Designing Municipality’s Firewalls : Designed Firewalls in three layers,
-Designed and fine-tuned Intrusion Detection Prevention/Antivirus/Anti-spam, Designed VLANs in virtualization environments, Designed and implemented site-to-site VPN over IPSec, Wireless Hardening, Service publishing
2. Arjang Higher Education Institute ( http://arjang.ac.ir )
(Instructor of some courses) (Oct 2012 to March 2015) –Part time
Taught some courses :
-Comptia Security+
-CEH
-ECSA
-OSCP
-OSWP
-VCP and vmware hardening
3. Zigorat Security Consultant (www.zigoratsc.com)
(Sr. System Security Engineer) (Sep 2008 to May 2012)
-Designed and Configured Security based on Windows Server 2003/2008, Group Policy,Operating System and Services hardening
-Designed and Configured Firewall : Juniper SSG and SRX series, ISA Server2004/2006, Forefront TMG, Cyberoam UTM (Servers zone, DMZ and internet protection,service publishing solution on the internet)
-Designed NPS and NAP Service, VPN, IPSec, 802.1x, DHCP
-Designed DFS, WDS, Terminal Service
-BCP and DRP
-Designed PKI (Public Key Infrastructure)
-Designed Backup Plans and Backup Solutions ( offline and online backup )
-Virtualization (Vmware ) : Designed vCenter, vMotion,High Availability, Fault Tolerance, Resource Management, Vir tual Switches and other features,Consolidating, Converting P2V, Veeam Backup system, Symantec Backup Exec
-Upgraded vSphere ESX 3.5 to ESX 4.1 SP1, ESXi 5.0,5.1 and 5.5
-Configured HP SAN Storage (MSA1000, MSA P2000, EVA 4400) and Promise SAN Storage
-Virtualization (Hyper-v) : installing, Configuring, Tuning,vNetwork,Converting P2V
-Configured Antivirus (Symantec ESP,KasperSky, McAfee)
-Monitoring System (OP Manager, Solarwinds)
-Penetration Test in Network field :Run internal penetration test ( Servers,
Networks, OS) and vulnerability assessment on Web application .
-Worked on Linux operating systems
4. Ashna Secure Co. ( www.ashnasecure.com )
(System Security Engineer) ( July 2007 to Sep 2008)
-Designed certificates Authority server, IPSec, SSL/TLS, RSA Secure ID and Smart Card
-Designed and Configured ISA Server 2006 to make DMZ and VPN Server
-Designed secure login from internet with Juniper firewall, PKI, smart card
-Configured OS patch management Service (SUS /WSUS) and Antivirus console
-Designed Active Directory structure for more than 20,000 clients ( Extended
Schema)
-Designed (3000 concurrent sessions) Secure login with smart card through VPN
to firewalls
-Penetration test on network, OS, Services . vulnerability assessment
-Audit Cisco Switches and Routers security checklist according ISO and Cisco Safe
-Taught some MCSE 2003 and CEH courses
-Designed IP addressing and subnets
5. MPC Company ( www.mpcdubai.com )
(System Engineer) ( July 2005 to July 2007)
-Designed and implemented ISA server 2004 (Secure internet sharing, DMZ)
-Implemented Public key infrastructure and certificate Authority in windows server 2003
-Designed SSL, EFS and implemented Smart Card
-Designed IPSec, VPN by Microsoft Route and Remote Access server(RRAS)
-Designed RRAS and IAS server(Internet Authentication Service)
-Deployed software by Group policy and implemented software restriction
-Configured Antivirus, Intrusion Detection System (IDS), spyware
-Designed RSA for authentication
-Planned and managed backup and restore operations
6. Shouka ( ISP) (April 2003 to May 2005) (System Administrator)
7. Pardazeshgar Qazvin (Feb 2000 to March 2004 – part time) (System
Administrator)
Educational Qualification:
BS of Electronics from Guilan university Rasht, IRAN (1998 to 2004) (www.guilan.ac.ir)
Major Projects:
-Lunch vulnerability Assessment and penetration test on Qazvin Telecommunication's network
-Melat Bank’s cloud Security ( www.bankmellat.ir )
-Tejarat Bank’s cloud Security
-Lunch Vulnerability Assessment on IRAN’s National Railways network ( 85 Servers, 4200 clients) (www.rai.ir )
-Melat Bank ( more than 90 servers, 20,000 clients) ( w ww.bankmellat.ir )
(Designed Active Directory Structure) (12/2007 to 05/2008)
-penetration test to gain access on DADEVARZI SADAD's network ( www.sadadco.com )
(Penetration test and vulnerability assessment) (05/2008 to 06/2008)
-Federal Government (60 Servers, 550 Clients ) ( www.ostan-qz.ir )
(Network hardening according ISO 27001) (11/2008 to 05/2009)
-Qazvin Telecommunication Office ( w ww.tc-qazvin.ir )
(Penetration test and vulnerability assessment ) ( 01/2012 to 02/2012)
-Qazvin Telecommunication Office ( www.tc-qazvin.ir )
(Virtualization, Hardening and Designing Firewalls)
-Federal Government (Server Virtualization Project ) (07/2007 to 08/2008)
-Khoozestan Telecommunication Office
(Server Vi rtualization Project ) (10/2011 to 12/2011)
Courses attended:
MCSA / MCSE 2003:security, MCITP: Enterprise Administrator, MCP(ISA server),
Security+,CEH, ECSA, OCSP, VCP, LPIC1, CCNSP, CCNA, FCNSA/FCNSP,
JNCIA/JNCIS:SEC/JNCIP:SEC, ISO 27001:2005 Lead Auditor, COBIT v5.0,
PCI DSS v3.0
Contact this candidate