IMTEYAZ AHMAD

Plot 105, Sangam Nagar, Ring Road, Nagpur-440013

Cell +91 8766912366 WhatSapp+91- 8600038911/7208835363
Email:[email protected] Skype: imteyazbabu
Passport Validity: 2029; Driving License Validity: 2023

PROFILE SUMMARY:
Results-driven and highly skilled DLP (Data Loss Prevention) Tech Lead with 23 years of experience in
designing, implementing, and managing DLP solutions. Adept at leading cross-functional teams,
developing security strategies, and ensuring data protection and compliance. Seeking a challenging role as
a DLP Tech Lead to leverage my expertise in safeguarding sensitive information and mitigating security
risks. Having In-depth knowledge of Azure Cloud Security Architecture, Well-versed in network security,
threat analysis, and incident handling, experienced in implementing and maintaining robust security
infrastructures to safeguard organizational assets. Possesses a deep understanding of networking
protocols, intrusion analysis models, and information security industry standards. Adept at proactively
identifying and mitigating security risks while staying updated on the latest security developments and
best practices. Seeking a challenging role in a dynamic organization to contribute to the protection of
critical assets and enhance overall security posture.
 Proficient in DLP & network access control systems such as Forcepoint/ Digital Guardian/MacAfee,
Clearswift/ Cososys/ GTB/ Fidelis/ Cisco ISE/ ForeScout/ and ClearPass.
 Proficient in IT & Security governance, risk, and compliance frameworks (COBIT, NIST-CSF, ISO).
 Strong knowledge of IT & Security risk and security controls, including cyber security, network,
infrastructure, applications, and projects.
 Experienced in internal control implementation and evaluation of design and operating effectiveness.
 Familiar with IT & Security audit, risk, and compliance procedures.
 Proficient in GRC (Governance, Risk Management, and Compliance) systems.
 Proficient in Security Operations, Incident Response, SIEM Administration, Threat Intelligence,
Network Security, Intrusion Analysis, Log Analysis, Threat Hunting, Cloud Security, Risk Assessments,
Compliance Standards (PCI DSS, SOX, NIST, ISO, COBIT), Penetration Testing
 Solid understanding of network security principles, protocols, and best practices.
 Extensive experience in, Risk/Vulnerability Assessment Tools and Methods, IT Security Framework
Design and Implementation, Security Risk/Vulnerability Management , Security Metrics and
Measurement, Identity Management, Firewalls ,Security Policy Design, enforcement and
Troubleshooting.
 Extensive experience in managing the team of security, network and test engineers to identify the IT
security risks in various applications, systems and networks and recommending the practical solutions
for fixing the security related issues.
 In-depth knowledge of industry standards and industry frameworks ( e. g. TOGAF, SABSA, COBIT,
COSO, ISO 27001&2, PCI, ISA-62443-3-2-WD - ISA99, CIP (NERC), API 1164, ISO/IEC 17799, AGA-12,
NISCC, NIST 800-82/53, TR 27019, Sarbanes–Oxley.
Seeking to leverage my skills and certifications to contribute to the Company's cybersecurity objectives .

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
LEADERSHIP CAREER HISTORY:
2021 TO Aug 2023 – DLP Tech Lead, Technavious Consultancy Services.

 Lead a team of 12 DLP specialists in designing and implementing data loss prevention solutions for Technavious
Clients.
 Collaborate with stakeholders to define DLP policies and ensure compliance with industry regulations (e.g., GDPR,
HIPAA).
 Conduct risk assessments, threat modeling, and vulnerability assessments to identify data security gaps.
 Successfully reduced data leakage incidents by 40% through proactive monitoring and incident response.
 Provide technical expertise in troubleshooting and resolving complex DLP incidents.
 Train and mentor team members on DLP best practices, tools, and emerging threats.
 Managed security control implementation and audits, ensuring adherence to ISO 27001 standards.
 Prepared control owners for audits, interpreted control requirements, and reviewed control evidence for
appropriateness.
 Conducted tests to evaluate control effectiveness and presented control evidence to external auditors.
 Collaborated with internal teams to develop risk reduction plans for identified gaps.
 Identified security risks and recommended administrative and technical controls to mitigate them.
 Tracked, reported, and ensured the status of security exceptions by line of business.
 Performed risk assessments, documented findings, and tracked them through resolution.
 Worked on-site at client premises, contributing to the 24/7 operation of the Security Operations Center (SOC) as part
of a shift team.
 Provided expertise in handling escalated security incidents, acting as the Incident Handler and serving as the technical
escalation point for the SOC.
 Administered and configured the SIEM system, ensuring efficient monitoring and analysis of security events.
 Utilized threat intelligence capabilities for proactive threat hunting, contributing to the enhancement of security
measures.
 Adhered to security best practices and SOC processes, assisting in the development of incident response procedures
and playbooks.
 Stayed updated on security developments, sharing knowledge with the team and conducting training sessions.
 Managed critical business assets inventory and maintained the cyber security risk register.
 Collaborated with Security Engineers, Security Architects, and the SecOps team to support risk assessments for IT
services.
 Conducted internal penetration testing, managed external pen tests and vulnerability scanning, and performed code
analysis.
 Developed and maintained relationships with third-party security vendors, conducting supplier risk assessments and
managing associated risks.
 Led incident investigations and participated in the creation of phishing campaigns.
 Demonstrated proficiency in security threats, attack scenarios, intrusion detection, and incident management.
 Ensured compliance with ISO 27001, Cyber Essentials/Essentials Plus, GDPR, and other relevant information security
standards and regulations.
 Utilized various tools for penetration testing, log investigation, log carving, and vulnerability testing.
 Collaborated with cross-functional teams to design and implement firewall rules and access controls aligned with
business needs.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Provided technical guidance and support to junior team members, fostering their professional growth.
 Resolved complex firewall-related issues and incidents, minimizing downtime and ensuring continuous network
availability.
2018 TO 2020– ENTERPRISE ARCHITECT- IT/OT SECURITY & GRC, QATARGAS, QATAR

 Develop and maintain the enterprise security architecture, ensuring alignment with business goals and industry
standards.
 Conduct comprehensive security assessments and risk analyses to identify vulnerabilities and recommend
appropriate security controls.
 Collaborate with cross-functional teams to design and implement security solutions that address business
requirements while mitigating risks.
 Provide guidance and oversight for the implementation of security controls, technologies, and processes across
the organization.
 Define and enforce security policies, standards, and procedures to ensure consistency and compliance.
 Conduct security reviews of system and application designs, identifying potential security gaps and
recommending improvements.
 Stay abreast of emerging security threats and technologies, evaluating their applicability to the organization's
security posture.
 Lead incident response efforts, including coordinating with internal teams and external stakeholders to
investigate and mitigate security incidents.
 Conduct security awareness training and provide guidance to employees on best practices for information
security.
 Collaborate with senior stakeholders to develop and execute a strategic roadmap for security initiatives.
 Stay up to date on industry regulations and standards, ensuring compliance with relevant requirements.
 Manage relationships with vendors and external partners to evaluate security solutions and oversee their
implementation.
 Participate in security audits and assessments, addressing findings and implementing corrective actions.
 Provide expertise and guidance on security architecture and design to project teams and solution architects.
 Drive security innovation by researching and evaluating emerging technologies and recommending their
adoption.
2010 TO 2017- DLP Specialist, ICS LTD. (MIDDLE EAST& AFRICA)
 Implemented and managed firewall solutions including FortiGate, Checkpoint, and Palo Alto, enhancing network
security and preventing unauthorized access.
 Configured and optimized firewall policies, ensuring compliance with industry standards and regulatory
requirements.
 Conducted regular security audits and vulnerability assessments to identify and address potential security risks.
 Collaborated with cross-functional teams to develop and implement firewall rules and access controls aligned
with business needs.
 Provided technical guidance and support to junior team members, fostering their professional development.
 Resolved complex firewall-related issues and incidents, minimizing downtime and ensuring continuous network
availability.
2008-2010 –DGM-SR. DLP SOLUTION ARCHITECT, BHARTI AIRTEL ENTERPRISE SERVICES LTD
 Played a key role in the implementation and maintenance of DLP solutions for Airtel clients.
 Collaborated with IT and compliance teams to establish and enforce DLP policies and procedures.
 Conducted regular DLP risk assessments and presented findings to senior management.
 Developed and maintained DLP documentation, including policies, procedures, and incident response plans.
 Assisted in incident investigations, root cause analysis, and recommended remediation actions.
 Contributed to the development of security awareness training programs for employees.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Deployed and maintained load balancer solutions using Netscalers, ensuring high availability and efficient
distribution of network traffic.
 Collaborated with system administrators and application teams to optimize load balancing configurations for
various applications.
 Monitored and analyzed network traffic patterns to identify performance bottlenecks and recommend
appropriate load balancing strategies.
 Conducted regular load testing and capacity planning to ensure scalability and performance optimization.
 Assisted in the design and implementation of secure proxy solutions, including Zscaler, to protect network traffic
and enforce security policies.
 Implemented network access control solutions using Cisco ISE, ensuring secure and authenticated access to the
network.

2006 TO2008-SR. CONSULTANT (DLP /NETWORK/SECURITY/BCP) MOHSIN HAIDER DARWISH LLC, SULTANATE OF
OMAN.
 Monitored and analyzed DLP alerts and incidents, escalating and remediating as necessary.
 Assisted in the configuration and tuning of DLP tools to optimize accuracy and reduce false positives.
 Worked closely with the IT team to implement data protection policies and encryption solutions.
 Collaborated with legal and compliance teams to respond to e-discovery requests.
 Participated in regular security audits and assessments to ensure DLP effectiveness.
 Stayed updated on emerging threats and DLP technologies through continuous learning.
 Assisted in the evaluation, selection, and implementation of firewall technologies to strengthen network
security posture.
 Monitored network traffic and firewall logs to detect and respond to potential security breaches and anomalies.
 Supported load balancer deployments, optimizing traffic distribution and minimizing downtime.
 Conducted penetration testing and vulnerability assessments, recommending and implementing security
enhancements.
 Collaborated with stakeholders to define security policies and standards, ensuring compliance with industry
regulations.
2000-2006 INTERNAL IT SECURITY AUDITORS SKJ GROUP, BRUNEI DARUSSALAM
 Conducted penetration testing and vulnerability assessments, recommending and implementing security
enhancements.
 Collaborated with stakeholders to define security policies and standards, ensuring compliance with industry
regulations.
1996-2000 SYSTEM & NETWORK ENGINEER INDIAN CONSULTANCY SERVICES
 Provisioned end to end network & systems solutions.

Skills:
ENTERPRISE SECURITY TOOLS& TECHNOLOGY:
 Forcepoint, Digital Guardian, MacAfee, Clearswift, Cososys, GTB, Fidelis, Cisco ISE, ForeScout, ClearPass,
Nextnine, FortiGate, Checkpoint, FirePower, Palo Alto, Juniper SRX/Netscreen, Industrial defender, Splunk, Arcsight,,
NetWitness, Encase, FTK, Tenable Nessus, Tofino Xenon, QualysGuard, Nessus, Cenzic Hailstorm, HP Fortify, IBM
AppscaneEye, McAfee ePO, McAfee HIPS (Entercept), , McAfee IntruShield , McAfee Network Security Manager
system ,SNORT, Cisco ASA, Cisco Security Manager, MS TMG Forefront/ ISA Server, Checkpoint NG, Fortinet
fortigate, Sonicwall, Juniper Netscreen,Backtrack, Ecora Enterprise, Retina, nMap, ISS Scanner, AppDetective,
LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy, Dsniff etc.
HIGH AVAILABILITY TOOLS:

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Cisco, Barracuda, Citrix, Netscalers , F5 Radware, F5, VMWare, VCS, SUN Cluster, MS Cluster.
PROXY SOLUTIONS:
 Zscaler, other proxy technologies
DRP/BCP/BACKUP TOOLS:
 PlateSpin Forge, Symantec VERITAS Netbackup/Backup Executive, Acronis, Doubletake.
NETWORK MONITORING & MANAGEMENT:
 Fidelis XPS, RSA ,HP OpenView, Cisco works, Cisco QPM, CISCO NAM, Dell Open Manage, Solarwinds, OP
Manager, GFI LAN Guard, NETPRO Change Auditor.
PROJECT MANAGEMENT:
 MS PROJECT 2007/2010, Oracle Primavera, MS Office 2010.

EDUCATION &TRAINING
 MASTER OF SCIENCE - INFORMATION TECHNOLOGY.
 BACHELOR OF INFORMATION TECHNOLOGY.
 HIGHER NATIONAL DIPLOMA IN SOFTWARE ENGINEERING.

CERTIFICATION& TRAINING
 Advanced Training in Azure Security Architect (AZ-305)
 TOGAF 9.2 Certified Enterprise Architect
 Advanced Training on Global Industrial Cyber Security Professional (GICSP)
 Certified Information System Security Manager(CISM)
 Certified Ethical Hacker(CEH)v8
 Certified Computer Hacking Forensic Investigator (CHFI)v8
 Information Technology Infrastructure Library (ITIL) v3.
 Microsoft Certified System Engineer (MCSE 2000)
 Cisco Certified Network Professional (CCNP)
 ISO9000:2000 Certified Internal Auditor.
 Advanced Training on Certified Information system Security Professional( CISSP)
 Advanced Training on Certified Information system Auditor( CISA)
 Advanced Training on Strategy &Performance Management/ Balanced Scorecards Solution Deployment.
 Advanced Training in Business Continuity& High Availability Management.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.