InfoSec specialist with more than 10 years of progressive experience distinguished by commended performance and proven results in Architecture, Design and Implementation of secure solutions in Security, Applications, Networks and Systems; whose qualifications include a degree in engineering; CISSP, SABSA, CISA, CISM, CRISC, GCTI, GPEN, Project+, JNCIS-FW, JNCIA-SSL; and detailed knowledge of security tools, technologies; seeking a challenging position in a growth oriented organization to contribute in achieving the organizational goals and objectives
Role: Enterprise Security Architect
Organization: University of New England
Nature of last job: Security Architecture, Governance Risk and Compliance, Security Engineering
Work with strategy and execution teams to ensure traceability of business requirements to solution architecture.
Work with the project teams to ensure technology and infrastructure designs are secure while evaluating business, security and risk requirements.
Develop and maintain enterprise security architecture, patterns, standards and guidelines.
Perform Threat and Risk Assessments based on the information assets and their classification stored on existing or new applications and provide guidance for secure system design
Perform Third Party Security Assessments of potential solution providers and their compliance with the organisation’s security policies along with international standards
Responsible for the development of information security controls based on alignment with the Cyber Security Framework
Developed a three-year Security Uplift Program comprising of key security capabilities. The program was a result of a current state/gap analysis and the resulting target state based on NIST CSF
Developed an integration architecture for the implementation of Multifactor Authentication across a diverse authentication suite
Implementation of AUSCert Threat Intelligence platform and the integration of IoC feeds with the edge firewall and end-user agents
Architecture design and implementation of Tenable.io Vulnerability Management across the organisation.
Strategic and operational support for the Enterprise Security Awareness Program (Proofpoint)
Role: Sr. Specialist Information Security
Organization: Aabar Investments PJS
Nature of last job: Management of Organization’s Security Risk and Compliance
Responsible for implementing all Information Security Projects within the organization
Responsible for the implementation and compliance of Information security controls based on the Group Information Security Framework
Act as the SPOC for any IT/IS Audit and compliance related activities within the organization and ensuring the identified findings and risk are documented and the necessary controls implemented.
Managing the IS Awareness Program and ensuring all employees and contractors know, understand and follow the organization’s security policies
Implementation of Zscaler Managed Web Security solution providing all users, everywhere, identical protection
Implementation of Veeam Backup and Replication for advanced backup and recovery of virtual infrastructure and granular recovery of Microsoft based servers (AD, Exchange, SharePoint)
Implementation of Cisco IronPort Email Gateway for reducing the threat landscape utilizing advanced capabilities like Talos, AMP and CAPP along with DMARC
Implementation of Airwatch Mobile Management providing secure Device, Email and Application management on employees’ personal mobile devices
Implementation of Secunia Application Vulnerability Management software allowing IT operations to track prioritize and remediate vulnerable applications
Implementation the Security Awareness and Education program across the organization ensuring compliance along with reducing Human Risks to the organization
Role: Sr. Specialist Information Technology
Organization: Aabar Investments PJS
Nature of last job: Maintain System, Network and Security operations of the organization
Management of the Network and Security operations across the organization ensuring the agreed KPIs and SLAs are met
Management of the Microsoft Infrastructure and providing Tier II support to the operations team across the entire stack of IT services across the organization
Management of Virtual Infrastructure including capacity planning, hardware and software upgrades
Creating and managing SOP and documentation for the IT department and solutions in production
Network and Telephony migration project. The project involved redesign of the network architecture to move from Brocade/Avaya to end to end Cisco devices
Managed the migration of Physical servers to Virtual Infrastructure based on Vmware ensure the organization scalability and availability requirements are met
Managed the Datacenter migration Project to new corporate Headquarters from design to execution and delivery stages and ensured the project was delivered on time and within budget
Managed the implementation of Veritas Backup and Recovery solution and introduced offsite media storage aligned with the organizations Disaster recovery policy
Role: Network Engineer
Organization: Alpha Data Processing
Client: Aabar Petroleum Investments PJSC
Nature of last job: Management of Client’s System, Network and Security Infrastructure
Designed and maintained IPSec network between 5 regional offices from HQ and provided Tier II support to the local IT teams.
Managed the evaluation and implementation Service Desk and Ticketing system across 5 regional offices
Managed the local Microsoft product stack including AD, Exchange, and SharePoint
Management the local Network and security equipment including Juniper Firewalls, SSL VPN appliances and Brocade switching equipment
Bachelor of Electrical Engineering (Major: Telecoms) Honors from Air University, Islamabad, CGPA 3.68/4.0
CISSP – Certified Information Systems Security Professional
GCTI – GIAC Cyber Threat Intelligence
GPEN – GIAC Certified Penetration Tester
SABSA Certified Security Architect – Foundation
CISM – Certified Information Security Manager
CRISC – Certified in Risk and Information Systems Control
CISA – Certified Information Systems Auditor
Google - Associate Cloud Engineer
Project+ - CompTIA Project+ Certified
JNCIS FW – Juniper Networks Certified Internet Specialist - Firewall
JNCIA SSL – Juniper Networks Certified Internet Associate – SSL VPN
SANS FOR578: Cyber Threat Intelligence
SANS SEC560 – Network Penetration Testing and Ethical Hacking
SABSA Chartered Security Architect – Foundation
CEH – EC Council Certified Ethical Hacker
CGEIT – ISACA Certified in Governance of Enterprise IT Boot camp
MCSE – Microsoft Certified Systems Engineer
Certified Lead Auditor: BCM, ISM, ITSM