IMTEYAZ AHMAD

Plot 105, Sangam Nagar, Ring Road, Nagpur-440013

Cell /WhatSapp+91- 8600038911/7208835363
Email:[email protected] Skype: imteyazbabu
Passport Validity: 2029; Driving License Validity: 2023

PROFILE SUMMARY:
Dedicated and highly skilled Cybersecurity Architect with over 24 years of experience in defining and
managing enterprise cybersecurity architecture. Seeking the Cybersecurity Specialist role to drive security
initiatives and establish robust cybersecurity policies and standards for Corporate and its affiliates, while
ensuring compliance with industry standards and regulations.
SUMMARY OF QUALIFICATIONS:
Extensive expertise in cybersecurity architecture, risk management, and compliance.
Proven ability to define and implement enterprise security architecture to support business strategies.
Strong knowledge of cybersecurity standards and frameworks (ISO27001, NIST, ISA/IEC 62443).
Experienced in evaluating and selecting security solutions and managing vendor relationships.
Excellent communication skills and the ability to collaborate with cross-functional teams.
Information Security Certification (CISA/CISM/CEH/CHFI/ISO27001/ISA/IEC 62443).
Bachelor's degree in Computer Science or Information Systems.
AREAS OF EXPERTISE

 IT&OT Security Project  Cybersecurity Architecture  Policy/ Procedure Creation

Management (SABSA/TOGAF)  Executive Presentations
 Industrial Control Systems (ICS)  Risk Management  Business Analysis &Technical
 SCADA Systems  Security Standards (ISO27001, Administration
 Threat Intelligence Platforms NIST, ISA/IEC 62443)  Business Recovery
 Vulnerability Assessment Tools  Enterprise Architecture  Quality & HSE policies and
 ICS Monitoring Solutions  IT/Solution Architecture procedures.
 Cybersecurity Frameworks  Vendor Selection and  After Action Reports(AAR)-
(NIST, IEC 62443) Management Disaster Recovery
 Incident Response Planning  Cloud Security  Strong human relation skills to
 Anomaly Detection Systems  Compliance and Governance interface with management
 Risk Management &  Technical Evaluation and staff at all levels.
Compliance  Communication and  Catastrophic Response
 Internal and External Reviews Collaboration Strategies
 Off-Shore Team Management  Evaluation and final approval of  Compliance &Regulatory
Project Planning information security Requirements
 Information Security Incident procurement  SABSA-ZACHMAN, TOGAF
Response (ISIRT)  Enterprise Security Governance /OSA/SOA
 IT&OT Security Audit and  Development and Maintenance /SOMF/DODAF/E2AF/COBIT

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 Assessment of Business  Asset Management & IT
 Process Design and Contingency/Disaster Recovery Infrastructure Coordination
implementation Plans  Business Impact Analysis

ENTERPRISE SECURITY TOOLS& TECHNOLOGY:

 Nextnine, Industrial defender, Splunk, Arcsight,, NetWitness, Encase, FTK, Tenable Nessus, Tofino Xenon,
QualysGuard, Nessus, Cenzic Hailstorm, HP Fortify, IBM AppscaneEye, McAfee ePO, McAfee HIPS (Entercept), ,
McAfee IntruShield , McAfee Network Security Manager system ,SNORT, Cisco ASA, Cisco Security Manager, MS
TMG Forefront/ ISA Server, Checkpoint NG, Fortinet fortigate, Sonicwall, Juniper Netscreen,Backtrack, Ecora
Enterprise, Retina,, nMap, ISS Scanner, AppDetective, LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy, Dsniff
etc.
HIGH AVAILABILITY TOOLS:
 Cisco, Barracuda, Citrix, Radware, F5, VMWare, VCS, SUN Cluster, MS Cluster.
DRP/BCP/BACKUP TOOLS:
 PlateSpin Forge, Symantec VERITAS Netbackup/Backup Executive, Acronis, Doubletake.
NETWORK MONITORING & MANAGEMENT:
 Fidelis XPS, RSA ,HP OpenView, Cisco works, Cisco QPM, CISCO NAM, Dell Open Manage, Solarwinds, OP
Manager, GFI LAN Guard, NETPRO Change Auditor.
PROJECT MANAGEMENT:
 MS PROJECT 2007/2010, Oracle Primavera, MS Office 2010.

LEADERSHIP CAREER HISTORY:

2021 TO Aug 2023 – Lead Specialist,Chief Cybersecurity Architect, ICS Pvt LTD
 Defined and managed enterprise cybersecurity architecture for Corporate and its affiliates in multiple countries.
 Led the implementation of new security solutions and evaluate and shortlist vendors.
 Provided technical expertise, roadmaps, principles, and standards for the Cyber Security Architecture strategic
roadmap.
 Assessed controls related to emerging technologies and market trends in cybersecurity.
 Collaborated with other Companies departments (IT/OT) to ensure alignment with cybersecurity policies and
standards.
 Monitor, control, and enforce compliance with cybersecurity policies and standards.
 Conducted thorough risk assessments of operational technology environments to identify cybersecurity threats,
vulnerabilities, and potential consequences to critical infrastructure and industrial processes.
 Monitored and analyzed OT-specific cyber threats, vulnerabilities, and attack techniques through various threat
intelligence sources and industry-specific information sharing platforms.
 Evaluated the security posture of OT assets, such as ICS devices and SCADA systems, to identify weaknesses and
potential entry points for cyber attackers.
 Developed and recommended risk mitigation strategies and countermeasures to address identified
vulnerabilities and potential cyber threats in OT systems.
 Ensured compliance with relevant cybersecurity standards and regulations specific to operational technology
environments, incorporating standards such as NIST SP 800-82 and IEC 62443.
 Collaborated with incident response teams to develop and test incident response plans tailored to OT
environments, ensuring effective response to cybersecurity incidents.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Provided specialized cybersecurity training and awareness programs for OT personnel to enhance their
understanding of cybersecurity risks and best practices.
 Evaluated the security design of OT systems and participated in the review of new OT projects to incorporate
security controls from the outset.
 Assessed the cybersecurity posture of OT vendors and third-party partners, ensuring alignment with the
organization's security requirements.
 Developed and presented regular cybersecurity risk reports to management and relevant stakeholders,
providing insights into the organization's OT security posture and risk exposure.
 Defined, implemented, and monitored enterprise information security and risk management program.
 Owned, developed, and delivered a risk-based plan and roadmap for threat and vulnerability management
services across corporate infrastructures, following a defense-in-depth strategy.
 Developed strategy, goals, and objectives for a comprehensive cybersecurity training, education, and awareness
program, adapting to emerging technologies and risks.
 Assessed cyber security controls for IT/OT environments, evolved architectures to enhance defensibility, and
improved resilience against attacks.
 Partnered with ITC stakeholders to identify and mitigate security threats aligned with business needs.
 Evaluated OT cybersecurity requirements, coordinated solution designs, and communicated recommendations.
 Developed and delivered comprehensive threat and vulnerability management reporting capabilities.
 Conducted in-depth analysis of current threat activity and trends.
 Communicated security control findings accurately and professionally to internal stakeholders and senior
management.
 Presented information security services in a high-quality professional manner, ensuring cybersecurity
requirements and budgets were in place for operational security.
 Prepared and maintained Cyber Incident Response plans, playbooks, and documentation.
 Reviewed and analyzed the effectiveness of security control implementation.
 Documented policies, processes, and procedures related to the threat and vulnerability management program.
Key Achievements:

 Successfully established and implemented the Information Security strategy and program, ensuring compliance with
laws and regulations.
 Led the development of a comprehensive cybersecurity training, education, and awareness program, significantly
improving the organization's security maturity.
 Enhanced defensibility of IT/OT environments by evolving architectures and implementing effective security controls.
 Developed and delivered threat and vulnerability management reporting capabilities, enabling informed decision-
making and proactive risk mitigation.

2018 TO 2020– ENTERPRISE ARCHITECT- IT INFRASTRUCTURE/SECURITY / GRC, QATARGAS, QATAR

 Developed and implemented a comprehensive cyber security strategy that resulted in improved security posture
and reduced risk for QATARGAS.
 Successfully led the establishment and enhancement of the organization's cyber security capability as part of a 5
years program.
 Implemented effective security controls and vulnerability management measures, resulting in a significant
decrease in the number of successful cyber-attacks.
 Led incident response planning and preparation, ensuring the organization was well-equipped to handle and
mitigate cyber incidents effectively.
 Collaborated with cross-functional teams, including Application, Telecom/Network, and Infrastructure, to guide
and support their efforts in improving overall security.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Built and maintained strong customer relationships with organizational stakeholders and third-party vendors,
resulting in enhanced compliance with security standards.
 Developed and delivered comprehensive cyber security training, education, and awareness programs that
increased employee awareness and adherence to security protocols.
 Successfully assessed IT/OT environments, identified vulnerabilities, and implemented controls that improved
the organization's ability to resist, detect, respond, and contain attacks.
 Prepared and presented high-quality reports and briefings on technical risks and issues to executive
management, enabling informed decision-making.
 Played a key role in ensuring compliance with Qatar laws and regulations related to information security,
contributing to a robust and legally compliant security program.
 Actively participated in industry certifications and maintained up-to-date knowledge of emerging technologies,
trends, and best practices in IT and OT security.
 Streamlined security processes and procedures, resulting in increased efficiency and effectiveness in threat and
vulnerability management.
 Received recognition for exceptional leadership and contribution to the organization's overall security posture.
 Successfully managed multiple inquiries and projects simultaneously, demonstrating strong multitasking and
prioritization skills.
 Received positive feedback from colleagues, stakeholders, and management for excellent communication,
collaboration, and problem-solving abilities.

2010 TO 2017- Sr. Consultant (ICS / PCD Cyber Security &BCP) INDIAN CONSULTANCY
SERVICES LTD. (MIDDLE EAST& AFRICA)
 Define global information risk solutions and security, create information security management
systems.
 Manage consultant teams and engineering security.
 Lead Security Architect for Compliance projects and Major IT Governance Risk.
 Organization of programs for ISO 27001.
 Consulting in the areas of out sourcing (Managed/Shared Services, Managed security and BCP/DRP).
 Leading the customer engagement for Data centre capacity planning, architecture, implementation,
optimization, virtualization, migration and Consolidation.
 Network, Storage and Server consolidation feasibility study, application suitability assessment,
planning and implementation.
 Infrastructure and application architecture assessment, design and implementation for high
availability, scalability, performance and security.

2008-2010 –SR. Solution Architect (Managed Security & IDC) BHARTI AIRTEL ENTERPRISE
SERVICES LTD
 Planning, designing and implementation of secure, reliable, scalable and efficient IT infrastructure.
 Infrastructure and application architecture assessment, design and implementation for high
availability, scalability, performance and security.
 Network, Storage and Server consolidation feasibility study, application suitability assessment,
planning and implementation.
 Building Partnership with Vendors & Industry Leaders to supply highest quality solutions.
 Providing the best-fit (built to suit) DC& DR solution that is aligned with the current and future needs of
the Company at affordable price.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
  Data center capacity planning, architecture, implementation, Consolidation, optimization Virtualization
and migration.
 Data center setup and Operational Capabilities Assessment.
 Costing all phases of projects and Preparing BOM/BOQ
 Conducting training for Presales and Sales team on DRP and other critical challenges of enterprise
customers.

2006 TO 2008- Sr. IT Consultant (Network/Security/BCP) MOHSIN HAIDER DARWISH LLC,

SULTANATE OF OMAN.
 Managed network security operations team.
 Prepared information security evaluation for new projects.
 Project improvement documentation, delivered process documentation.
 Information Security Operations liaison for IT initiatives.

2000-2006 IT executive, SKJ GROUP, BRUNEI DARUSSALAM

 Business continuity Planning& deployment.
 Trained and mentored employees in many job descriptions regarding security and system basics, best
practices, etc.
 Managed and organized backup infrastructure.
 Designed and implement network monitoring system.
 Cisco network management (routers, switches, firewalls).
 Systems Architect for security project.

1996-2000 System & Network Engineer, Net-tech Solutions.

 Troubleshooting Hardware/Software& networking Issues.
 Installing, configuring, testing, upgrading and administering Servers.
 Build Servers and Workstations including complete machines from empty boxes
 Used experience in company to focus on securing information and systems.
 Documented exiting and in-development policies, procedures, and systems.

NOTABLE PROJECTS:
 Kahramaa’s ICS/SCADA Security Risk& Vulnerability Assessment& BCP/BCM:
Customer Profile: Qatar General Electricity & Water Corporation is government authority to supply and support
Electricity and Water needs of the kingdom.
Project Objective: The scope of this project is to conduct Risk &Vulnerability Assessment and Design and deploy
BCP/BCM Policy, Standard and Procedure for Kahramaa’s ICS/ SCADA System.
My Role: Conducting Risk& Vulnerability assessment on People, Process, Tools and technology as per global best
practices and ICT Qatar/NIA , NIST and NERC Standards& security Guidelines and Leading the team of security
Consultants in the development of ICS /SCADA Security Blueprint for conducting the Risk Assessment /Vulnerability
assessment and BCP of Kahramaa’s ICS/SCADA system.
 QATAR GAS Business Process (Project)/ Information/ Application/ Technology/Security Reference Architecture

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 Development, It Architecture Principles Blue Print Design, Risk& Vulnerability Assessment of Enterprise
Architecture Tools and Technologies and Template Development.
CUSTOMER PROFILE: Qatargas is a unique global energy operator in terms of size, service and reliability. The
Company operates 14 Liquefied Natural Gas (LNG) trains with a total annual production capacity of 77 million tons.
This makes Qatargas the largest LNG producer in the world.
PROJECT OBJECTIVE: The scope of this project has been to:
1. Develop process (project) /information /application /technology/security reference architecture.
2. Risk &Vulnerability Assessment of EA tools and plug-ins.
3. Develop and draft Strategy, Policy, Procedure and Standards for QG solution’s Infrastructure evaluation System.
4. Providing advisory services to PMO on individual solutions for each business stream (example:
a. Evaluated& advised right solution for “Emergency Management& Fire protection division” to automate
the work flow and optimize the delivery of services from days to minutes.
b. Evaluated& advised right solution for “Communication& personal Administration division” for digital
transformation and any time anywhere digital library hosting.
My Role: Delivering all the above objective
 Aramco-Marafiq Berry Gas Plant –:
Customer Profile: Aramco & Marafiq are the Government owned companies in Kingdom of Saudi Arabia, Aramco is
one of the world’s largest OIL& Gas Company and Marafiq is Saudi Arabia largest water and electricity Supplier
covers entire Eastern State & kingdom Capital Riyadh.
Project Objective: The scope of this project was to conduct Risk Assessment and plan, design, and deploy complete
Wired& wireless Network Infrastructure for SCADA system, Security surveillance system & Unified Communication.
My Role: Conducted Risk assessment on People, Process, Tools and technology as per global best practices and
Marafiq Standards security Guidelines and led the team to supply and deliver long distance secured Wireless PTP
WAN infrastructure from O&M Center to Gas plant and various pumping stations.
 OMAN OIL MARKETING COMPANY LLC
Customer Profile: This is the Government owned companies in Oman responsible for marketing its OIL & Natural
GAS worldwide.
Project Objective: The scope of this project was to conduct audit& risk assessment and plan, design, and deploy
complete Data centre Infrastructure Security.
My Role: Conducted audit & risk assessment , planned, designed and deployed/implemented the security solution
which also includes BCP/DRP using Trend micro, Symantec Veritas, GFI, DELL|EMC storage and other third part
solutions.
 OMAN REFINERY COMPANY LLC(ORPC).
Customer Profile: This is the Government owned companies in Oman responsible for Production & Development of
OIL & Natural GAS and other resources.
Project Objective: The scope of this project was to Audit & asses the Business process and supply, Installation,
configuration, customization, testing and deployment of Service Management System /Help Desk System.
My Role: Audited, implemented, and customized the Help Desk System which includes Altiris Help Desk system,
Windows 2003, Dell Servers and other third party solutions.
 GUJRAT GAS LTD.
Customer Profile: This is the Government owned companies in Gujrat state of India responsible for Production &
Development of OIL & Natural GAS and other resources.
Project Objective: The scope of this project was to Audit & asses the Business requirement for Data center Hosting &
Network Infrastructure.
My Role: Assessed the business requirement and provisioned most cost effective and efficient Data center

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 Collocation services and hosted the network Infrastructure with Managed Physical and logical security services.
 SKJ GROUP OF COMPANIES, BRUNEI DARUSSALAM (CONTRACTOR AT BRUNEI SHELL PETROLEUM):
Customer profile:
This is one of oldest & largest Group of companies in Brunei Darussalam involved in Oil & Natural Gas, , Crude oil
Vessels and Tanker, Shipping, Scaffolding, Construction; Furniture & Interior, Information & Telecommunication
Services.
Project Objective: The scope of the project was to conduct risk assessment and develop and deploy a smart Business
Automation infrastructure & Quality Management System.
MY Role: Auditing & Risk assessment of the current infrastructure and developing and deployment of Quality
Management System, Quality Operation Procedure, Quality System Procedure as per ISO 9000:2000, ISO
17799(BS7799), ISO 20000(BS 15000), ISO 27001 and ITIL framework.
 MAADEN ALUMINUM SMELTER, KINGDOM OF SAUDI ARABIA:
Customer profile:
World’s Largest Aluminum Smelter worth more than USD$10 Billion; having a 14 Kilometer of PCD Fiber optic
network distribution for SCADA/ICS system.
Project Objective: The scope of the project was to conduct risk assessment and develop and deploy a smart secured
network infrastructure.
My Role: Conducted Risk Assessment/Security Audit for Fiber & UTP network based on ISO & BICSI standards
compliance and Quality Audit and certification for Network Distribution and Unified communication / IP Telephony
System and Planned, designed, architected Implemented and tested Scalable Unified Communication system (Cisco
IP Telephony Solutions) Infrastructure for 1500 Employees. Led the successful distribution, termination and of
testing around 400, 000-meter Fiber & Copper Backbone core network infrastructure for SCADA & voice & data
network.
 KENANA SUGAR COMPANY LTD, REPUBLIC OF SUDAN:
Customer profile:
World’s Largest Sugar production company worth more than USD$500 million; having a 4 Kilometer of PCN Fiber
optic network distribution for SCADA/ICS system.
Project Objective: The scope of the project was to conduct risk assessment and develop and deploy a smart secured
network infrastructure & Quality Management System.
My Role: Conducted Risk Assessments for process, technology and people, and Planned, designed, architected
Secured Wireless WAN (Long distance Free Frequency PTP) Infrastructure and factory Site PCD Network
Infrastructure
 ROYAL COURT AFFAIRS (DEWAN, THE PALACE) SULTANATE OF OMAN
Customer Profile: This is the Ministry of Royal Kingdom of Oman which is responsible for His Majesty Internal and
Global Affairs.
Project objective: The scopes of this project was to audit and analyze the current infrastructure , capacity planning,
reengineering the data center and propose an efficient Active Directory, File system auditing tools.
Equipment’s & software used: includes Multi Vendor Solutions, Netpro Change Auditor, Netpro Directory Analyzer,
Dell\EMC SAN Storage, HP and IBM Blades, Computer Associates Solutions, Citrix Solutions, Complete Microsoft
Infrastructure software, and third party equipments & Tools.
My Role: Conducted Security Audit , Planned and successfully implemented Enterprise Change Auditing Tools,
which gives the complete report of all the changes ( threat /Vulnerabilities) enterprise wise and the impact of that

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 change to the business and recovery and resumption option to undo the unwanted and un-expected changes driven
by hackers and internal threats.

EDUCATION & TRAINING

 Master of Science – Information Technology.
 Bachelor of Science – Information Technology.
 Higher National Diploma in Computer Programming.
CERTIFICATION& TRAINING
 Advanced Training on Global Industrial Cyber Security Professional (GICSP)
 Control System Cyber Security Training Course
 Certified Information System Auditor (CISA)
 Certified Information System Security Manager (CISM)
 Certified Ethical Hacker (CEH)v8
 Certified Computer Hacking Forensic Investigator (CHFI)v8
 Microsoft Certified System Engineer (MCSE 2000)
 Cisco Certified Network Professional (CCNP)
 TOGAF 9.2 certified Enterprise Architect
 Information Technology Infrastructure Library (ITIL) v3.
 ISO9000:2000 Certified Internal Auditor.
 Advanced Training on Strategy & Performance Management (Balanced Scorecard)
 Advanced Training in Business Continuity& High Availability Management.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.