IMTEYAZ AHMAD

Contact Inform ation

Plot 105, Sangam Nagar, Ring Road, Nagpur440013

Cell: +91 8600038911 7208835363
Email: [email protected] Skype: imteyazbabu Passport Validity: 2022;
GCC Driving License Validity: 2017
SUMMARY

A seasoned Cybersecurity Manager with a Master's degree and over twenty five years of
hands-on experience in offensive security, penetration testing, and red team assessments.
Proficient in technical leadership, identifying vulnerabilities, exploiting security gaps, and
collaborating with cross-functional teams to enhance cybersecurity. Skilled in offensive
Tactics, Techniques, and Procedures (TTPs) and scripting in multiple languages. Having
expertise in designing & architecture of multilayered defense strategy known as
“DEFENCEINDEPTH” to protect enterprise systems against Remote attacks, Man-in-the-middle
attacks, Network control plane attacks, masquerading attacks, Snooping and scouting Malware
attacks. Extensive experience in dealing with OIL& GAS, Water& Electricity Utility, BFSI,
Government, Manufacturing industry to assure compliance with ISO/ISA/NIST/NERC/NIA
information security issues. Expertise in Implementing automated vulnerability scanners like
Tenable Nessus that includes all kinds of plugins to automatically detect weaknesses in the
network environment. Extensive background in all stages of security audits, including
planning; study, evaluation, and testing of controls; reporting; and follow-up. In-depth
knowledge of industry standards and industry frameworks (e. g. ISO27001&2, COBIT, COSO,
ISO 27001, PCI, ISA6244332WD ISA99, CIP (NERC), API 1164, ISO/IEC 17799, AGA12, NISCC,
NIST 80053, TR 27019, Sarbanes Oxley Act (SOX). InDepth Knowledge of Regulatory
compliance, Process reviews, ISO 270012 controls and developing cyber security policies and
procedures. InDepth Knowledge of Regulatory compliance, Process reviews, ISO 270012
controls and developing cyber security policies and procedures. Extensive experience in,
Risk/Vulnerability Assessment Tools and Methods, IT Security Framework Design and
Implementation, Security Risk/Vulnerability Management, Security Metrics and Measurement,
Identity Management, Firewalls, Security Policy Design, enforcement, Troubleshooting.
 Expertise in developing and implementing security awareness & training programs and
giving recommendations regarding prevention.
 Extensive experience in Hardening Windows operating systems to National Institute of
Standards and Technology (NIST) compliance.
 Acute understanding of networking, hardware, software, and data centers, as well as
emerging technologies, such as BMS, Security Surveillance (CCTV/IP Camera, Biometric,

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.
 IMTEYAZ AHMAD

Anti Crash, Barrier, MIDS, FIDS) and mobile devices.

AREAS OF EXPERTISE
 IT Security Project  IT Infrastructure  Policy/ Procedure Creation
Management Coordination  Technical Administration
 Cybersecurity Strategy  Web Application Security  Business Analysis &Technical
 Risk Management  IT Security Audit and Administration
 Compliance Assessment Process Design  Security Technologies
 Incident Response and implementation  Vendor Management
 Security Architecture  Offshore Team  Leadership & Team
 Security Awareness & Management &Project Management
Training Planning  Contingency
 Problem Solving  Communication planning/BCP/DRP
 Budget Management  IT Program Management  Crisis Management

ENTERPRISE SECURITY TOOLS& TECHNOLOGY:

 OKTA, Gluu, Azure AD, ArcSight, NetWitness, Encase, FTK, Tenable Nessus, Tofino Xenon,
QualysGuard, Nessus, Cenzic Hailstorm, HP Fortify, IBM AppscaneEye, McAfee ePO, McAfee
HIPS (Entercept), McAfee IntruShield , McAfee Network Security Manager system ,SNORT,
Cisco ASA, Cisco Security Manager, MS TMG Forefront/ ISA Server, Checkpoint NG, Fortinet
fortigate, Sonicwall, Juniper Netscreen,Backtrack, Ecora Enterprise, Retina,, nMap, ISS
Scanner, AppDetective, LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy, Dsniff etc.
HIGH AVAILABILITY TOOLS:
 Cisco, Barracuda, Citrix, Radware, F5, VMWare, VCS, SUN Cluster, MS Cluster.
DRP/BCP/BACKUP TOOLS:
 PlateSpin Forge, Symantec VERITAS Netbackup/Backup Executive, Acronis, Doubletake.
NETWORK MONITORING & MANAGEMENT:
HP OpenView, Cisco works, Cisco QPM, CISCO NAM, Dell Open Manage, Solarwinds, OP
Manager, GFI LAN Guard, NETPRO Change Auditor. ANTIVIRUS:
 Macafee, Sophos, Symantec Norton Anti Virus, Trend Micro , AVG, Avast, Panda Software etc.
ROUTERS & SWITCHES:
 CISCO ROUTER 1800, 2600, 2800, 7200, 7600, NEXUS 5000 ETC.
 CISCO CATALYST CE500, 2900, 3500, 3700, 4500, 6500 ETC
SERVERS & STORAGE SOLUTIONS:
 Dell ,EMC,Hitachi, HP, IBM, Super Micro, SUN, Netapps

PROJECT MANAGEMENT:
 MS PROJECT 2007/2010, Oracle Primavera, MS Office 2010.

LEADERSHIP CAREER HISTORY:

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.
 IMTEYAZ AHMAD

CISO, TECHNAVIOUS TECHNOLOGIES SERVICES, 2021-Aug 2023

RESPONSIBILITIES:
Cybersecurity Strategy & Leadership:
 Developed and executed comprehensive cybersecurity strategies to protect critical
assets and data.
 Established and chaired the Cybersecurity Governance Committee, aligning security
initiatives with business objectives.
 Led cross functional teams to implement security programs and initiatives.
Risk Management & Compliance:
 Managed risk assessments and vulnerability assessments to identify and mitigate
security risks.
 Ensured compliance with industry regulations (e.g., GDPR, HIPAA) and internal policies.
 Collaborated with auditors and legal teams to respond to compliance inquiries.
Incident Response & Crisis Management:
 Orchestrated incident response plans and led the team in managing cybersecurity
incidents.
 Improved incident response time by [X%] and minimized damage in critical incidents.
 Conducted tabletop exercises to enhance preparedness for security incidents.
Security Architecture & Technology:
 Oversaw the design and implementation of security architecture, including firewalls,
intrusion detection systems, and encryption.
 Evaluated and selected security technologies, tools, and solutions.
 Managed vendor relationships and negotiated contracts for security products and
services.
Security Awareness & Training:
 Developed and delivered cybersecurity awareness and training programs for employees.
 Fostered a culture of security awareness, resulting in a 45% reduction in security
incidents caused by human error.
Budget Management:
 Prepared and managed the annual cybersecurity budget, optimizing resource allocation.
 Achieved cost savings of 30% while enhancing security capabilities

MAR 2018 TO NOV 2020, ENTERPRISE INFRA ARCHITECT. QATARGAS

RESPONSIBILITIES:

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.
 IMTEYAZ AHMAD

 Adversary Emulation Operations: Led and executed adversary emulation operations to

identify security gaps, highlighting vulnerabilities affecting the organization's security
posture.
 Red Team Scenarios: Identified and exploited security vulnerabilities in various systems and
applications across a wide range of red team scenarios.
 Technical Leadership: Demonstrated the ability to work both independently and as a leader,
guiding red team members in executing complex operations effectively.
 TTP Development: Conducted research and developed offensive Tactics, Techniques, and
Procedures (TTPs) to mimic the capabilities of relevant threat actors, creating proof-of-
concept tools and playbooks.
 Results Analysis: Reviewed and performed in-depth analysis of red team testing results,
overseeing the reporting process to describe findings, exploitation procedures, risks, and
recommendations.
 Collaboration: Collaborated with the Infrastructure team, Cyber Security Incident Response
Team, and other stakeholders to identify improvement opportunities and enhance security
protocols.
 Cross-Team Collaboration: Worked with non-security engineering teams to educate and
collaborate on operational objectives, fostering a culture of security awareness.
 Effective Communication: Conveyed complex technical security concepts to both technical
and non-technical stakeholders, facilitating a common understanding of security issues and
solutions.

2010 - NOV2016, HEAD/PRINCIPAL CONSULTANT (CYBER SECURITY

&BCP) INDIAN CONSULTANCY SERVICES LTD. (MIDDLE EAST& AFRICA)

 Managing the team of security, network and test engineers to identify the IT security risks in
various applications, systems and networks and recommending the practical solutions for
fixing the security related issues.
 Architecting and designing security aspects of several new and emerging products in
networking, WAN, traffic acceleration and mobile services.
 Investigating security vulnerabilities and compliance of new and existing products and
collaborating to define solutions, resolve the vulnerabilities, conducting security reviews
and getting product security clearance from security review boards.
 Collaborating with several engineering teams to define the security aspects of emerging
products.
 Interacting with security architects and teams across the company to ensure proper
implementation of company security policies within the emerging products.
 Working with product management and customer facing teams to determine and prioritize
requirements.
 Providing technical leadership across engineering to ensure product development is
smooth, evolving design as needed.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.
 IMTEYAZ AHMAD

 Interacting with several groups of development, test, product management and customer
facing teams to define and design the security needs of projects, Conducting the
penetration test and vulnerability scan test using Nessus, Fortify, Rapid7 and Appscan tools.
 Reviewing Penn Test and vulnerability test and web application security testing results and
identified the key issues.
20082010 –DGMSR. SOLUTION ARCHITECT (MANAGED SECURITY &
IDC) BHARTI AIRTEL ENTERPRISE SERVICES LTD
 Define global information risk solutions and security, create information security
management systems.
 Manage consultant teams and engineering security.
 Lead Security Architect for Compliance projects and Major IT Governance Risk.
 Organization of programs for ISO 27001.
 Consulting in the areas of out sourcing (Managed/Shared Services, Managed security and
BCP/DRP).
 Leading the customer engagement for Data center capacity planning, architecture,
implementation, optimization, virtualization, migration and Consolidation.
 Network, Storage and Server consolidation feasibility study, application suitability
assessment, planning and implementation.
 Infrastructure and application architecture assessment, design and implementation for high
availability, scalability, performance and security.

2006 TO2008SR. IT CONSULTANT (NETWORK/SECURITY/BCP)

MOHSIN HAIDER DARWISH LLC, SULTANATE OF OMAN.
 Planning, designing and implementation of secure, reliable, scalable and efficient IT
infrastructure.
 Infrastructure and application architecture assessment, design and implementation for
high availability, scalability, performance and security.
 Network, Storage and Server consolidation feasibility study, application suitability
assessment, planning and implementation.
 Building Partnership with Vendors & Industry Leaders to supply highest quality solutions.
 Providing the best fit (built to suit) DC& DR solution that is aligned with the current and
future needs of the Company at affordable price.
 Data center capacity planning, architecture, implementation, Consolidation, optimization
Virtualization and migration.
 Data center setup and Operational Capabilities Assessment.
 Costing all phases of projects and Preparing BOM/BOQ
 Conducting training for Presales and Sales team on DRP and other critical challenges of
enterprise customers.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.
 IMTEYAZ AHMAD

2000-2006, IT EXECUTIVE (NETWORK& SECURITY ENGINEER) SKJ

GROUP, BRUNEI DARUSSALAM
 Business continuity Planning& deployment.
 Trained and mentored employees in many job descriptions regarding security and system
basics, best practices, etc.
 Managed and organized backup infrastructure.
 Designed and implement network monitoring system.
 Cisco network management (routers, switches, firewalls).
 Systems Architect for security project.

1996-2000, SR. FACULTY/LECTURER PATHAK INSTITUTE OF

ELECTRONICS & COMMUNICATION TECHNOLOGY

 Taught ITI, DCA&PGDCA courses.

 Taught information technology and computer concepts
 Taught basic programming languages
 Prepared notes and academic syllabus
 Administered tests and examinations

NOTABLE PROJECTS:
 FGMR Group ForcePoint/Triton Data Leakage Prevention infrastructure deployment:(Jan
2017Apr 2017) Planned the POC for DLP solutions and provisioned the demo infrastructure
for websence/trintron/forcepoint Data leakage prevention solutions.
 Syntellect Group IBM MaaS360 Mobile Device Management deployment Planned the POC
for MDM solutions and provisioned the demo infrastructure for IBM MaaS360 Mobile
Device Management solutions for all employees and developed BYOD policy & procedures.
 IBM India ltd Sr. Engineers advanced cyber security training:(July 2016): Developed course
materials and provision lab and conducted on site hands on training to Sr. Security
Consultants/Engineers @IBM India Chennai branch
 Kahramaa’s ICS/SCADA Security Risk& Vulnerability Assessment& BCP/BCM:Jan 2015May
2016
Customer Profile: Qatar General Electricity & Water Corporation is government authority to
supply and support Electricity and Water needs of the kingdom.
Project Objective: The scope of this project is to conduct Risk &Vulnerability Assessment
and Design and deploy BCP/BCM Policy, Standard and Procedure for Kahramaa’s ICS/
SCADA System.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.
 IMTEYAZ AHMAD

My Role: Conducting Risk& Vulnerability assessment on People, Process, Tools and

technology as per global best practices and ICT Qatar/NIA , NIST and NERC Standards&
security Guidelines and Leading the team of security Consultants in the development of
ICS /SCADA Security Blueprint for conducting the Risk Assessment /Vulnerability assessment
and BCP of Kahramaa’s ICS/SCADA system.
 KENANA SUGAR COMPANY LTD, REPUBLIC OF SUDAN: Apr 2014Dec 2014
Customer profile:
Wolrds Largest Sugar production company worth more than USD$500 Million; having a 4
Kilometer of PCN Fiber optic network distribution for SCADA/ICS system.
Project Objective: The scope of the project was to conduct risk assessment and develop and
deploy a smart secured network infrastructure& Quality Management System.
My Role: Conducted Risk Assessments for process, technology and people, and Planned,
designed, architected Secured Wireless WAN (Long distance Free Frequency PTP)
Infrastructure and factory Site PCD Network Infrastructure
 AramcoMarafiq Berry Gas Plant –: July 2013Mar 2014
Customer Profile: Aramco & Marafiq are the Government owned companies in Kingdom of
Saudi Arabia, Aramco is one of the world’s largest OIL& Gas Company and Marafiq is Saudi
Arabia largest water and electricity Supplier covers entire Eastern State & kingdom Capital
Riyadh.
Project Objective: The scope of this project was to conduct Risk Assessment and plan,
design, and deploy complete Wired& wireless Network Infrastructure for SCADA system,
Security surveillance system & Unified Communication.
My Role: Conducted Risk assessment on People, Process, Tools and technology as per global
best practices and Marafiq Standards security Guidelines and led the team to supply and
deliver long distance secured Wireless PTP WAN infrastructure from O&M Center to Gas
plant and various pumping stations.
 MAADEN ALUMINUM SMELTER, KINGDOM OF SAUDI ARABIA: March 2012July 2013
Customer profile:
Wolrds Largest Aluminum Smelter worth more than USD$20 Billion; having a 14 Kilometer
of PCD Fiber optic network distribution for for SCADA/ICS system.
Project Objective: The scope of the project was to conduct risk assessment and develop and
deploy a smart secured network infrastructure & Quality Management System.
My Role: Conducted Risk Assessment/Security Audit for Fiber & UTP network for ISO & BICSI
standards compliance and Quality Audit and certification for Network Distribution and
Unified communication / IP Telephony System and Planned, designed, architected
Implemented and tested Scalable Unified Communication system (Cisco IP Telephony
Solutions) Infrastructure for 1500 Employees. Led the successful distribution, termination

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.
 IMTEYAZ AHMAD

and of testing around 400, 000 meter Fiber & Copper Backbone core network infrastructure
for SCADA & voice & data network.
 GUJRAT GAS LTD. OCT 2008APR 2010
Customer Profile: This is the Government owned companies in Gujrat state of India
responsible for Production & Development of OIL & Natural GAS and other resources.
Project Objective: The scope of this project was to Audit & asses the Business requirement
for Data center Hosting & Network Infrastructure.
My Role: Assessed the business requirement and provisioned most cost effective and
efficient Data center Collocation services and hosted the network Infrastructure with
Managed Physical and logical security services.
 OMAN OIL MARKETING COMPANY LLC June2007AUG 2008
Customer Profile: This is the Government owned companies in Oman responsible for
marketing its OIL & Natural GAS worldwide.
Project Objective: The scope of this project was to conduct audit& risk assessment and
plan, design, and deploy complete Data centre Infrastructure Security.
My Role: Conducted audit & risk assessment , planned, designed and
deployed/implemented the security solution which also includes BCP/DRP using Trend
micro, Symantec Veritas, GFI, DELL|EMC storage and other third part solutions.
 OMAN REFINERY COMPANY LLC(ORPC). DEC 2006JUNE 2007
Customer Profile: This is the Government owned companies in Oman responsible for
Production & Development of OIL & Natural GAS and other resources.
Project Objective: The scope of this project was to Audit & asses the Business process and
supply, Installation, configuration, customization, testing and deployment of Service
Management System /Help Desk System.
My Role: Audited, implemented, and customized the Help Desk System which includes
Altiris Help Desk system, Windows 2003, Dell Servers and other third party solutions.

 SKJ GROUP OF COMPANIES, BRUNEI DARUSSALAM (CONTRACTOR AT BRUNEI SHELL

PETROLEUM):
Customer profile:
This is one of oldest & largest Group of companies in Brunei Darussalam involved in Oil &
Natural Gas, , Crude oil Vessels and Tanker, Shipping, Scaffolding, Construction; Furniture &
Interior, Information & Telecommunication Services.
Project Objective: The scope of the project was to conduct risk assessment and develop and
deploy a smart Business Automation infrastructure & Quality Management System.
MY Role: Auditing & Risk assessment of the current infrastructure and developing and
deployment of Quality Management System, Quality Operation Procedure, Quality System
Procedure as per ISO 9000:2000, ISO 17799(BS7799), ISO 20000(BS 15000), ISO 27001 and
ITIL framework.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.
 IMTEYAZ AHMAD

EDUCATION &TRAINING
 Master of Science Information Technology.
 Bachelor of Science Information Technology.
 HND Software Programming.
CERTIFICATION& TRAINING
 Certified Information System Security Manager(CISM)
 Certified Ethical Hacker(CEH)v8
 Certified Computer Hacking Forensic Investigator (CHFI)v8
 Information Technology Infrastructure Library (ITIL) v3.
 Microsoft Certified System Engineer (MCSE 2000)
 Cisco Certified Network Professional (CCNP)
 ISO9000:2000 Certified Internal Auditor.
 Advanced Training on Global Industrial Cyber Security Professional (GICSP
 Advanced Training on Strategy &Performance Management(Balanced Scorecard )
 Advanced Training in Business Continuity& High Availability Management.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China,
Nepal etc.