Md. Aijaz Ahmed

ACHEIVEMENTS:

• Successful implementation of ISO27001 ISMS certification program.
• Developed DR/BCP strategy and formulated related documents.
• Enhanced cloud security (SaaS, PaaS and IaaS) by implementing international standards such as CIS benchmarks.
• Risk assessment and security for operational technology (OT) and internet of things (IoT) environment.
• Supervised implementation of new security technologies such as enterprise class MFA solution, Network access control (NAC), Privileged Access Management (PAM), Web Application Firewall (WAF), End-point detection and response (EDR) and Hardware encryption-based USB solution.
• Revamped data center network security by implementing best-in-class perimeter and core firewalls in line with DR and BCP requirements.

RESPONSIBILITIES:

• Provide relevant reports and statistics to company's board and ISGC on periodic basis.
• Implement and maintain compliance with local and international standards such as ISO27001 and NESA.
• Update, Develop and enhance information security policies and related procedures.
• Supervise SOC operations, vulnerability assessment and penetration testing (VAPT), internal and external audits, conduct risk assessments, security awareness and training, phishing campaigns, KPI reports,etc.
• Assist with overall business technology planning, providing current knowledge and future vision of technology and systems.
• Monthly management reports and RCA/action plans if security breech does occur.
• Ensure that technical controls like Anti-virus, IPS, Firewalls, etc. are providing expected level of protection by conducting periodic audits and reviews; Provide direction to Server and Network managers regarding software compliance and configuration.

ACHIEVEMENTS:

• Revised Information security policies/procedures to mitigate risks of emerging threats.
• Increased overall compliance with NESA and ISO27001.
• Conducted gap assessment and managed Information security transformation by proposing and implementing new technologies like NAC, PAM, Vulnerability management system and SIEM/Log-management.
• Revamped perimeter and internal network design to more secure network based on best practices.

RESPONSIBILITIES:.

• Analyze existing security systems, polices, procedures and processes; and provide recommendations to CISO for changes or improvements in accordance with regulatory and compliance requirements.
• Implement and maintain compliance with local and international ISMS standards such as ISO27001 and NESA.
• Update, Develop and enhance information security policies and related procedures.
• Assist with overall business technology planning, providing current knowledge and future vision of technology and systems.
• Provide relevant statistics and data for ISGC on periodic basis.
• Monthly management reports and RCA/action plans if security breech does occur.
• Ensure that technical controls like Anti-virus, IPS, Firewalls, etc. are providing expected level of protection by conducting periodic audit/reviews and by performing Vulnerability Assessment; Provide direction to Server and Network managers regarding software compliance and configuration.

• Implement, Lead and Manage Security Operations Center based on RSA Netwitness suite (which includes EDR and EUBA) for multiple customers (Managed security service provider).
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
• Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
• Revise and develop processes/SOP’s to strengthen current Security Operations Framework, review policies and highlight challenges in managing SLAs.
• Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center.
• Co-ordination with stakeholders, build and maintain positive working relationships with them.

ACHIEVEMENTS:.

• Played instrumental role in successful implementation of Security Operations Center based on LogRhythm SIEM solution and required business/technical use cases.
• Successfully Implemented Security Operation Center Standard Operating Procedures (SOC SOP).
• Formulated Information security policies and related procedures.
• Successfully Implemented Vulnerability management program and related technologies.

RESPONSIBILITIES:.

• Responsible for working in 24x7 Integrated SOC environment serving IT and OT.
• Contribute to development and implementation of Information security policies and procedures in-line with local/International laws and regulations like Dubai Information security regulation V2 and ISO27001.
• Assist various departments like Compliance, Audit and Quality assurance, etc.
• Provide analysis and trending of security log data from large number of heterogeneous security devices using LogRhythm SIEM and Network Forensics solution.
• Provide Information Security Incident Handling, Response and Reporting.
• Lead Vulnerability Management Program, provide threat and vulnerability analysis as well as security advisory services.
• Coordinate with Threat Intelligence analysts/agencies on activities impacting government entities.
• Provide relevant reports to management and Information security governance committee (ISGC) on periodic basis.

ACHIEVEMENTS:

• Successfully implemented perimeter security by deploying Barracuda Next-generation firewalls (NGFW), Barracuda Web application firewall (WAF), and Barracuda control center across 20 sites single handedly.
• Implementation of Application control, IDS/IPS, Web filtering, Malware protection at gateway level, Failover, Load balancing & QOS.
• Formulated IT security policies and procedures.
• Migrated all WAN connections between branch offices and data center to IPsec VPN from SSL VPN.
• Implementation of data center security using Trend Micro Deep Security to provide host-based IDS/IPS, integrity monitoring, log inspection and firewall.
• Implemented cloud based secure internet service called as Trend Micro InterScan Web Security.
• Implementation of data leakage prevention with Trend micro iDLP.
• Implementation of BYOD using cloud based MDM solution called Citrix XenMobile.
• Implementation of Linux based IT infrastructure monitoring and alerting system called NagiosXI.
• Enhanced the system to provide Business process intelligence (BPI) for business critical services.
• Implementation of Network traffic monitoring using Manage engine Netflow analyzer.
• Upgraded SCCM 2007 infrastructure to SCCM 2012 R2 - Light/Zero touches installation deployments, Application deployments, Patch management and Inventory

RESPONSIBILITIES:.

• Primary in charge of Information security at Amana group with more than 2000 users in around 20 remote locations.
• Providing technical leadership for planning, development, and implementation of IT Security architecture globally, covering all relevant security domains including application, database, operating system, network, identify and access management, intrusion detection, data leak protection and incident response.
• Plan, design, implement and manage company-wide security infrastructure such as firewalls, IDS/IPS, end-point security, VPN's, Proxy Servers, vulnerability scanners, patch management systems, email gateways, web application firewalls, etc.
• Define, develop and maintain Information Security policies and procedures consistent with corporate security policy, legal and regulatory requirements, and industry best practices like ISO 27001, PCI DSS, etc.

• Mainly deployed in training division of company in Hyderabad, India.
• My role included training students from corporates like Siemens, Hyderabad police, etc., on A+, N+ and provide regular IT support to corporate office in Hyderabad.