Amir Khan
*** ******* ********* **, ****** Island NY, 10310
Email: ad13o3@r.postjobfree.com
Phone:202-***-****
CAREER PROFILE
26+ years of working experience in Cyber Security / Network Security / Information Security & Information Technology in 6 Countries Worldwide.
PROFESSIONAL TRAININGS / COURSES
Cyber Security Risk Management Deutsche Bank NYC, USA
FISMA Compliance Deutsche Bank NYC, USA
Cyber Security Incident Management Deutsche Bank NYC, USA
CISO Compliance and Audit Deutsche Bank NYC, USA
Cyber security Awareness instructions Deutsche Bank NYC, USA
CISO Principles and responsibilities Deutsche Bank NYC, USA
Firewall / IT Governance Deutsche Bank NYC, USA
Endpoint Security Engineering Deutsche Bank NYC, USA
Cisco ISE Management TD Bank MI, USA
PCI/DSS Standards and practices TD Bank MI, USA
NIST TD Bank MI,USA
Network Security Management Bank of Montreal, CANADA
Vulnerability Management Bank of Montreal, CANADA
Project /Program Management CPMI NJ, USA
PROFESSIONAL CERTIFICATIONS
CISM Certified Information Security Manager ISACA USA
CRISC Certified Risk & information systems Controls ISACA USA
CISA Certified Information Systems Auditor ISACA USA
CCNP Cisco Certified Network Professional Security Cisco Networks
CCNA Cisco Certified Network Associate R/S Cisco Networks
ACE Associate configuration Engineer Palo Alto Networks
MCSE Microsoft Certified System Engineer Microsoft Corp
WORKING EXPERIENCE
CISCO, SANJOSE CALIFORNIA, USA Feb 2022 – Nov 2023
Manager I Cyber Security Engineering, Risk Management, Change Management, Program Management
Responsible for Intellectual Assets Protection Management (Cyber Security) 65 Security and IT Infrastructure and Builds
Supervise Security architects in build Existing security infrastructure, Remediation, and hardening process
Lead Risk Assessment process and operations of 65 Security infrastructure and Build Environments
Manage Teams of Cyber security / Build Security for Upgrading and design new security infrastructure
Lead Application Security process and operations
Involved in New Cyber Security infrastructure design and deployment phases
Manage cyber–Security Risk Assessment, Compliance, Audit and Program Management
Establish and maintain the program management guidelines
Routine Trainings to team lead include new security infrastructures and Security awareness Trainings
AL RAJHI BANK HO, KSA Nov 2019 – Dec 2021
Senior Consultant / CISO
Information Security
Manage CISO:
Strategy, Planning and Governance
Policy, Compliance and Audit
Risk Management and Incident Response
Information Security Controls.
Leadership and People Management.
Program Management
Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
Work directly with the business units to facilitate risk assessment and risk management processes
Develop and enhance an information security management framework
Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards
across all technology projects, systems and services
Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
Implements security controls, risk assessment framework, and program that align to regulatory requirements, ensuring documented and sustainable compliance that aligns and advances College business objectives
Evaluates risks and develops security standards, procedures, and controls to manage risks. Improves PCC’s security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
Implements processes, such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts.
Information Security Awareness / Business continuity Management
Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, protecting Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
Facilitate IT auditors and Perform internal ISD audit.
DEUTSCHE BANK, 60 WALL NEWYORK, USA June2017to Nov2019
Senior Consultant
Cyber Security, Chief Security Office
Lead Global Team of CSO Governance, Risk, Compliance and Security controls
Responsible for Firewall Governance, information Security Controls, IS Policies, Procedures, Risk, Compliance
Firewall Connectivity Approvals, Audit and Security Awareness programs
Supervise Application owners for application security requirements and approvals
Design and Instructions Security awareness trainings to employees
Involve in implementing and design of CISO policies
Coordination with Network / infrastructure Consultants regarding security policies Implementation
Monthly Analytics for CISO Global Operations.
TD AUTO FINANCE MI, USA (Division of TD BANK) Feb 2017 – April 2017
Senior Security Engineer
Cyber Security / Network Security
Lead Network Security Operations include:
Firewalls, End point, ISE Vulnerability/ Scanning (Qualys) Bluecoat web proxy Security infrastructure change management
Lead Cyber Security Operations include:
Monitor network and application performance to identify and irregular activity
Perform regular audits to ensure security practices are compliant.
SWCC RIYADH, KSA / UAE / OMAN Jan 2009– Dec2016
Director IT/ INFORMATION SECURITY
IT Engineering Management GCC
Oversee all technology operations (Network Security, Network, IT systems, Telecommunications)
Devise and establish IT policies and systems to support the implementation of strategies set by upper management
Analyze the business requirements of all departments to determine their technology needs
Coordinate IT managers and supervise computer scientists, technicians and other professionals to provide guidance
Assist in building relationships with vendors and creating cost-efficient contracts
Project Management
FSB IT CONSULTING / CYBORG IT CONSULTING, CANADA Jun 2007 – Dec 2008
Consulting Engineer (Remote)
Infrastructure / Network Security
Daily monitoring, triage, remediation, and/or escalation of enterprise security issues including those associated with antivirus, spam and intrusion detection
Implement security policies, procedures, and best practices.
Network – LAN/WAN/Wireless/Telephony
Cisco ASA firewall Design/ configuration / trouble shooting
Lead Meeting with clients for new projects designs and deployment procedures
CYBORG IT CONSULTING, CANADA Dec 2000 – Nov 2006
Engineer Infrastructure / Network Security
Provide security guidance on a constant stream of new backend/core infrastructure and technologies
Analyze, assess, and respond to various internet threats
Interact directly with the security community regarding infrastructure security vulnerabilities and threats
Routine Operations of Firewalls and Proxy Servers
ALCATEL PAKISTAN LIMITED Oct 1995 – Nov 2000
Systems / Security Engineer
Deliver ultra-high availability of Alcatel Telecommunications switching system security and access management
Participate in requirements/control definition, implementation design, build and staging,
Verification and transition to maintenance and support.
Design, configure, and support security deployments including:
Firewalls, Proxy servers and Windows servers
Produce transparent written and verbal communications.
Routine meeting with Clients related to Network and system Security related issues.
EDUCATION
Master of Science in Computers, University of AJK Pakistan 2006-2008
Bachelor of science in Computers Hons, International university Pakistan 1995-1997
Bachelor in Business Administration, University of AIOU Pakistan 1990-1993