IMTEYAZ AHMAD

Plot 105, Sangam Nagar, Ring Road, Nagpur-440013

Cell /WhatSapp+91- 8600038911/7208835363
Email:imteyazahmad05@gmail.com Skype: imteyazbabu
Passport Validity: 2029; Driving License Validity: 2023

PROFILE SUMMARY:
Highly experienced and results-driven Chief Manager of Cyber Security with over 23 years of information
security expertise. Proven track record in penetration testing, red teaming, vulnerability assessment, and
team leadership. Seeking the opportunity to contribute my extensive knowledge and skills to ReBIT and
drive the organization's cyber security initiatives to the next level.
Seeking the Chief Manager of Cyber Security role to drive security initiatives and establish robust
cybersecurity policies and standards for the company and its affiliates, while ensuring compliance with
industry standards and regulations.
SUMMARY OF QUALIFICATIONS:
 23+ years of comprehensive experience in information security.
 Proficient in penetration testing, red teaming, vulnerability assessment, and exploitation.
 Strong leadership skills with a track record of managing teams of 50+ professionals.
 In-depth understanding of software security, infrastructure architecture, threat modeling, and risk
assessment methodologies.
 Strong knowledge of industry best practices including OWASP, SANS Institute, ISACA, GAO,
FISCAM, NSA, NIST, and IETF.
 Extensive expertise in cybersecurity architecture, risk management, and compliance.
 Proven ability to define and implement enterprise security architecture to support business
strategies.
 Strong knowledge of cybersecurity standards and frameworks (ISO27001, NIST, ISA/IEC 62443).
 Experienced in evaluating and selecting security solutions and managing vendor relationships.
 Excellent communication skills and the ability to collaborate with cross-functional teams.
 Information Security Certification (CISA/CISM/CEH/CHFI/ISO27001/ISA/IEC 62443).
 Project management expertise.
 Bachelor's degree in Computer Science & Information Systems.
AREAS OF EXPERTISE

 IT&OT Security Project  Cybersecurity Architecture  Policy/ Procedure Creation

Management (SABSA/TOGAF)  Executive Presentations
 Industrial Control Systems (ICS)  Risk Management  Business Analysis &Technical
 SCADA Systems  Security Standards (ISO27001, Administration
 Threat Intelligence Platforms NIST, ISA/IEC 62443)  Business Recovery

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Vulnerability Assessment Tools  Enterprise Architecture  Quality & HSE policies and
 ICS Monitoring Solutions  IT/Solution Architecture procedures.
 Cybersecurity Frameworks  Vendor Selection and  After Action Reports(AAR)-
(NIST, IEC 62443) Management Disaster Recovery
 Incident Response Planning  Cloud Security  Strong human relation skills to
 Anomaly Detection Systems  Compliance and Governance interface with management
 Risk Management &  Technical Evaluation and staff at all levels.
Compliance  Communication and  Catastrophic Response
 Internal and External Reviews Collaboration Strategies
 Off-Shore Team Management  Evaluation and final approval of  Compliance &Regulatory
Project Planning information security Requirements
 Information Security Incident procurement  SABSA-ZACHMAN, TOGAF
Response (ISIRT)  Enterprise Security Governance /OSA/SOA
 IT&OT Security Audit and  Development and Maintenance /SOMF/DODAF/E2AF/COBIT
Assessment of Business  Asset Management & IT
 Process Design and Contingency/Disaster Recovery Infrastructure Coordination
implementation Plans  Business Impact Analysis

ENTERPRISE SECURITY TOOLS& TECHNOLOGY:

 Nextnine, Industrial defender, Splunk, Arcsight,, NetWitness, Encase, FTK, Tenable Nessus, Tofino Xenon,
QualysGuard, Nessus, Cenzic Hailstorm, HP Fortify, IBM AppscaneEye, McAfee ePO, McAfee HIPS (Entercept), ,
McAfee IntruShield , McAfee Network Security Manager system ,SNORT, Cisco ASA, Cisco Security Manager, MS
TMG Forefront/ ISA Server, Checkpoint NG, Fortinet fortigate, Sonicwall, Juniper Netscreen,Backtrack, Ecora
Enterprise, Retina,, nMap, ISS Scanner, AppDetective, LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy,
Dsniff etc.
HIGH AVAILABILITY TOOLS:
 Cisco, Barracuda, Citrix, Radware, F5, VMWare, VCS, SUN Cluster, MS Cluster.
DRP/BCP/BACKUP TOOLS:
 PlateSpin Forge, Symantec VERITAS Netbackup/Backup Executive, Acronis, Doubletake.
NETWORK MONITORING & MANAGEMENT:
 Fidelis XPS, RSA ,HP OpenView, Cisco works, Cisco QPM, CISCO NAM, Dell Open Manage, Solarwinds, OP
Manager, GFI LAN Guard, NETPRO Change Auditor.
PROJECT MANAGEMENT:
 MS PROJECT 2007/2010, Oracle Primavera, MS Office 2010.

LEADERSHIP CAREER HISTORY:

2021 TO Aug 2023 –Chief Cybersecurity Architect, Technavious Pvt LTD
 Led internal and third-party ethical hacking, vulnerability assessment, penetration testing, and red team
assessments on business-critical assets and processes.
 Collaborated with external ethical hacking and penetration testing teams for RBI projects.
 Coordinated with the security intelligence framework to stay updated on the latest threats and vulnerabilities.
 Prepared and present security effectiveness reports for senior management.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Conducted compliance testing of applications/systems against clients Information Security practices.
 Ensured new applications are inducted into the data center after thorough pen testing and vulnerability
assessments.
 Prioritized security vulnerabilities based on business impact and collaborate with the Security Operations team
to mitigate them.
 Followed up on the closure of identified security gaps and escalate when necessary.
 Defined relevant metrics for measuring security effectiveness and develop algorithms for quantification.
 Defined and managed enterprise cybersecurity architecture for Corporate and its affiliates in multiple countries.
 Developed strategy, goals, and objectives for a comprehensive cybersecurity training, education, and awareness
program, adapting to emerging technologies and risks.
 Led the implementation of new security solutions and evaluate and shortlist vendors.
 Provided technical expertise, roadmaps, principles, and standards for the Cyber Security Architecture strategic
roadmap.
 Assessed controls related to emerging technologies and market trends in cybersecurity.
 Collaborated with other Companies departments (IT/OT) to ensure alignment with cybersecurity policies and
standards.
 Monitor, control, and enforce compliance with cybersecurity policies and standards.
 Conducted thorough risk assessments of operational technology environments to identify cybersecurity threats,
vulnerabilities, and potential consequences to critical infrastructure and industrial processes.
 Monitored and analyzed OT-specific cyber threats, vulnerabilities, and attack techniques through various threat
intelligence sources and industry-specific information sharing platforms.
 Evaluated the security posture of OT assets, such as ICS devices and SCADA systems, to identify weaknesses and
potential entry points for cyber attackers.
 Developed and recommended risk mitigation strategies and countermeasures to address identified
vulnerabilities and potential cyber threats in OT systems.
 Ensured compliance with relevant cybersecurity standards and regulations specific to operational technology
environments, incorporating standards such as NIST SP 800-82 and IEC 62443.
 Collaborated with incident response teams to develop and test incident response plans tailored to OT
environments, ensuring effective response to cybersecurity incidents.
 Provided specialized cybersecurity training and awareness programs for OT personnel to enhance their
understanding of cybersecurity risks and best practices.
 Evaluated the security design of OT systems and participated in the review of new OT projects to incorporate
security controls from the outset.
 Assessed the cybersecurity posture of OT vendors and third-party partners, ensuring alignment with the
organization's security requirements.
 Developed and presented regular cybersecurity risk reports to management and relevant stakeholders,
providing insights into the organization's OT security posture and risk exposure.
 Defined, implemented, and monitored enterprise information security and risk management program.
 Owned, developed, and delivered a risk-based plan and roadmap for threat and vulnerability management
services across corporate infrastructures, following a defense-in-depth strategy.
 Assessed cyber security controls for IT/OT environments, evolved architectures to enhance defensibility, and
improved resilience against attacks.
 Partnered with ITC stakeholders to identify and mitigate security threats aligned with business needs.
 Evaluated OT cybersecurity requirements, coordinated solution designs, and communicated recommendations.
 Developed and delivered comprehensive threat and vulnerability management reporting capabilities.
 Conducted in-depth analysis of current threat activity and trends.
 Communicated security control findings accurately and professionally to internal stakeholders and senior
management.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Presented information security services in a high-quality professional manner, ensuring cybersecurity
requirements and budgets were in place for operational security.
 Prepared and maintained Cyber Incident Response plans, playbooks, and documentation.
 Reviewed and analyzed the effectiveness of security control implementation.
 Documented policies, processes, and procedures related to the threat and vulnerability management program.
Key Achievements:

 Successfully established and implemented the Information Security strategy and program, ensuring compliance with
laws and regulations.
 Led the development of a comprehensive cybersecurity training, education, and awareness program, significantly
improving the organization's security maturity.
 Enhanced defensibility of IT/OT environments by evolving architectures and implementing effective security controls.
 Developed and delivered threat and vulnerability management reporting capabilities, enabling informed decision-
making and proactive risk mitigation.

2018 TO 2020– ENTERPRISE ARCHITECT- IT INFRASTRUCTURE/SECURITY / GRC, QATARGAS, QATAR

 Developed and implemented a comprehensive cyber security strategy that resulted in improved security posture
and reduced risk for QATARGAS.
 Successfully led the establishment and enhancement of the organization's cyber security capability as part of a 5
years program.
 Implemented effective security controls and vulnerability management measures, resulting in a significant
decrease in the number of successful cyber-attacks.
 Led incident response planning and preparation, ensuring the organization was well-equipped to handle and
mitigate cyber incidents effectively.
 Collaborated with cross-functional teams, including Application, Telecom/Network, and Infrastructure, to guide
and support their efforts in improving overall security.
 Built and maintained strong customer relationships with organizational stakeholders and third-party vendors,
resulting in enhanced compliance with security standards.
 Developed and delivered comprehensive cyber security training, education, and awareness programs that
increased employee awareness and adherence to security protocols.
 Successfully assessed IT/OT environments, identified vulnerabilities, and implemented controls that improved
the organization's ability to resist, detect, respond, and contain attacks.
 Prepared and presented high-quality reports and briefings on technical risks and issues to executive
management, enabling informed decision-making.
 Played a key role in ensuring compliance with Qatar laws and regulations related to information security,
contributing to a robust and legally compliant security program.
 Actively participated in industry certifications and maintained up-to-date knowledge of emerging technologies,
trends, and best practices in IT and OT security.
 Streamlined security processes and procedures, resulting in increased efficiency and effectiveness in threat and
vulnerability management.
 Received recognition for exceptional leadership and contribution to the organization's overall security posture.
 Successfully managed multiple inquiries and projects simultaneously, demonstrating strong multitasking and
prioritization skills.
 Received positive feedback from colleagues, stakeholders, and management for excellent communication,
collaboration, and problem-solving abilities.

2010 TO 2017- Sr. Consultant (ICS / PCD Cyber Security &BCP) INDIAN CONSULTANCY
SERVICES LTD. (MIDDLE EAST& AFRICA)

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Define global information risk solutions and security, create information security management
systems.
 Manage consultant teams and engineering security.
 Lead Security Architect for Compliance projects and Major IT Governance Risk.
 Organization of programs for ISO 27001.
 Consulting in the areas of out sourcing (Managed/Shared Services, Managed security and BCP/DRP).
 Leading the customer engagement for Data centre capacity planning, architecture, implementation,
optimization, virtualization, migration and Consolidation.
 Network, Storage and Server consolidation feasibility study, application suitability assessment,
planning and implementation.
 Infrastructure and application architecture assessment, design and implementation for high
availability, scalability, performance and security.

2008-2010 –SR. Solution Architect (Managed Security & IDC) BHARTI AIRTEL ENTERPRISE
SERVICES LTD
 Planning, designing and implementation of secure, reliable, scalable and efficient IT infrastructure.
 Infrastructure and application architecture assessment, design and implementation for high
availability, scalability, performance and security.
 Network, Storage and Server consolidation feasibility study, application suitability assessment,
planning and implementation.
 Building Partnership with Vendors & Industry Leaders to supply highest quality solutions.
 Providing the best-fit (built to suit) DC& DR solution that is aligned with the current and future needs of
the Company at affordable price.
 Data center capacity planning, architecture, implementation, Consolidation, optimization Virtualization
and migration.
 Data center setup and Operational Capabilities Assessment.
 Costing all phases of projects and Preparing BOM/BOQ
 Conducting training for Presales and Sales team on DRP and other critical challenges of enterprise
customers.

2006 TO 2008- Sr. IT Consultant (Network/Security/BCP) MOHSIN HAIDER DARWISH LLC,

SULTANATE OF OMAN.
 Managed network security operations team.
 Prepared information security evaluation for new projects.
 Project improvement documentation, delivered process documentation.
 Information Security Operations liaison for IT initiatives.

2000-2006 IT executive, SKJ GROUP, BRUNEI DARUSSALAM

 Business continuity Planning& deployment.
 Trained and mentored employees in many job descriptions regarding security and system basics, best
practices, etc.
 Managed and organized backup infrastructure.
 Designed and implement network monitoring system.
 Cisco network management (routers, switches, firewalls).

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Systems Architect for security project.

1996-2000 System & Network Engineer, Net-tech Solutions.

 Troubleshooting Hardware/Software& networking Issues.
 Installing, configuring, testing, upgrading and administering Servers.
 Build Servers and Workstations including complete machines from empty boxes
 Used experience in company to focus on securing information and systems.
 Documented exiting and in-development policies, procedures, and systems.

EDUCATION & TRAINING

 Master of Science – Information Technology.
 Bachelor of Science – Information Technology.
 Higher National Diploma in Computer Programming.
CERTIFICATION& TRAINING
 Advanced Training on Global Industrial Cyber Security Professional (GICSP)
 Control System Cyber Security Training Course
 Certified Information System Auditor (CISA)
 Certified Information System Security Manager (CISM)
 Certified Ethical Hacker (CEH)v8
 Certified Computer Hacking Forensic Investigator (CHFI)v8
 Microsoft Certified System Engineer (MCSE 2000)
 Cisco Certified Network Professional (CCNP)
 TOGAF 9.2 certified Enterprise Architect
 Information Technology Infrastructure Library (ITIL) v3.
 ISO9000:2000 Certified Internal Auditor.
 Advanced Training on Strategy & Performance Management (Balanced Scorecard)
 Advanced Training in Business Continuity& High Availability Management.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.