Risk Management Information Security
Resume:
Masood Ahmad
Info Sec Executive
ad4ag7@r.postjobfree.com
LinkedIN.com/in/Masood-IS
SUMMARY
Information Security professional with hands on experience in Cybersecurity, Vulnerability Assessment, and risk management with Strong communication and problem-Solving skills.
A strong history of implementing Network Security Protocols to protect organizations and the people they serve.
Adept at identifying and Mitigating Potential Security Threats.
Knowledgeable about NIST Cyber Security Framework (CSF) and Risk Management Framework (RMF) to implement security controls to ensure compliance with international regulations related to data protection.
Experience with Identifying Threats, Risks and Vulnerabilities
Security Hardening, Threat Modeling and incident response and escalation.
CIA Triage Proficient in ensuring Confidentiality, Integrity, and Availability of data and systems.
Proven track record in Reducing Security Incidents caused by human error by 50%, improving overall Security Posture, and minimizing the impact of security incidents on business operations.
Completed the Google Cybersecurity Certification, a rigorous, skills-based program that covers key cybersecurity knowledge and skills.
Proficient in Database Administration, Design with Testing (Modular & Integrated), Data Modeling (logical design), Data Structures and Perform Tuning.
Good experience in setting up Backup and DR Policies to achieve High Availability. TECHNICAL SKILLS
Python: - Programmed in python using different Libraries to automate cybersecurity tasks and reading logs from TXT, CSV, and JSON files. Used different IDE like Notebook and PyCharm.
SIEM Tools – Used Splunk and Chronicle to monitor different security and access logs.
Packet Sniffer: Hands on experience using TCPDUMP and Wireshark to monitor and trouble shoot network traffic.
IDS/IPS: Used Suricata to monitor different event types using JSON log files.
Linux (CLI): Hands on experience in various Linux Operating System on CLI including shell scripting, corn tables, system logs monitoring, disk usage, VI Editor, shell and environment variables, regular expressions, and grep commands. 2
SQL – PL/SQL: - Programmed complex as well as embedded SQL Statements for DML, DDL, DTC, Data Retrieval, System Control and Session Control. Access Control to the database and its objects guaranteeing database consistency and integrity.
DB SME: Expert in Database Technologies especially Oracle and SQL Server, Certified OCP for 11g, OCP 12c and OCP E-Business Suite (EBS) R12 Apps Administration.
SQL*Loader: Write SQL*Loader control files for data loading. Analyzing and verifying data after bulk load. Data migrations using flat file system and CSV formats.
Backup & Recovery: Establish and maintain sound backup and recovery policies and procedures with respect to RTO and RPO.
Data Guard 10g & 11g: Implemented physical standby for both inactive (10g) and active
(11g) data guard to ensure high availability, data protection, and disaster recovery for enterprise data.
PROFESSIONAL EXPERIENCE
Crescent Group, Texas - USA InfoSec Executive - Director I.T Crescentregionalhospital.com September 2015 – To Date Industry Area:
Crescent Group is a healthcare group that manages two community hospitals within the DFW Metroplex, along with numerous urgent care clinics and specialty care pharmacies across the United States.
Responsibilities/Projects:
Leadership and Strategy:
Direct IT operations and oversee a team of 16 in-house IT staff members and an offshore IT team in India.
Design and implement organization-wide security strategies integrated with IT infrastructure.
Expand IT operations during new hospital acquisitions and the establishment of 50+ Urgent Care clinics nationwide.
Information Security:
Created and executed a holistic employee security awareness program, leading to a 50% reduction in human error-induced security incidents within six months.
Proactively monitored and analyzed security logs, successfully identifying and mitigating potential threats, preventing any subsequent damage.
Deploy and manage security software, including firewalls and encryption tools.
Remediate vulnerabilities, establish best practices, and conduct threat research.
Perform periodic risk assessments and penetration tests.
Identify and mitigate security risks, monitor network traffic for incidents, and ensure HIPAA compliance.
IT Management:
Analyze business requirements to improve user satisfaction in IT systems.
Evaluate IT operations, fostering effective communication and alignment with established goals.
3
Manage the help desk efficiently using the Fresh Works ticketing system.
Cultivate relationships with external vendors and oversee the hiring and on-boarding of IT staff on a national and international level.
Prepare progress and budget reports for Senior Leadership. ASP Cares (ASP), Database Analyst
Corporate Office, Texas - USA June 2015– Sep 2015
www.aspcares.com
Industry Area:
In 2015, American Specialty Pharmacy possessed forty-three (43) pharmacies distributed across the United States and subsequently acquired Crescent Group. Responsibilities/Projects:
Aided in new hospital acquisition and orchestrated their security-focused IT infrastructure.
Proficient in data manipulation, cleansing, and processing using Excel, Access, and SQL.
Managed the loading, extraction, and validation of received prescriptions.
Acted as a liaison between end users and vendors, addressing ERP-related queries.
Analyzed raw data, drew conclusions, and provided recommendations, including writing T- SQL scripts for data manipulation.
Conducted daily system checks and data audits, creating reports to ensure data integrity and accuracy.
Monitored automated loading processes and provided advice on methodologies and potential improvements.
Air University System Analyst/DBA
www.au.edu.pk June 2006 – Jan 2015
Industry Area:
Air University aspires to be among the leading national universities, excelling in teaching, learning, research, innovation and public service.
Responsibilities/Projects:
Database Administrator 2011-2015
Managed end-to-end Oracle Software and Database operations, including installations, migrations, and high availability solutions.
Oversaw production database administration, data migration, and infrastructure planning.
Maintained database objects, users, tablespaces, and backup configurations. 4
Systems/Database Analyst 2006-2011
Led system analysis, data modeling, and database design.
Prepared technical documentation (Flow charts, DFD, ERD, SRS) for projects.
Ensured smooth SDLC execution using the RAD model.
Proactively optimized database performance and security.
Provided Oracle-related support and troubleshooting.
Designed reports based on business requirements.
Utilized SQL for data operations in a multi-database environment.
Developed PL/SQL packages, procedures, functions, and triggers. COMSATS Software Center Research Associate (Software Engineer) www.ciit.edu.pk Sep 2003 – Sep 2005
Industry Area:
COMSATS Software Center is a public research university. It is a multi-campus institute with its headquarters located in the urban area of Islamabad. Responsibilities/Projects:
Designed and developed a student information and course registration system with Microsoft SQL Server 2000.
Provided essential database support and integration with the COMSIS application.
Gathered requirements and designed use-cases and sequence diagrams.
Executed SQL statements for data management.
Created ERDs and DFDs using ERwin and Visio.
EDUCATIONAL BACKGROUND
Executive MBA Washington, DC (EMBA), 2021
Master of Software Engineering (MSE), 2003
PROFESSIONAL CERTIFICATIONS
CompTIA Security+ SY0-701
Google Cybersecurity Certification
OCE - Upgrade to Oracle Cloud Database 12c
OCP - DBA Certification for Oracle 11g
OCP - Oracle E Business Suite R12 – (Apps DBA)
Contact this candidate