IMTEYAZ AHMAD

CISA, CIA, CISM, CHFI, CEH, ISO-22301, ISO-27001, COBIT, SABSA, TOGAF, ITIL, CCNP, MCSE,

Plot 105, Sangam Nagar, Ring Road Nagpur, MH, India-440013

Cell/ WhatsApp +91-8600038911/+91 8766912366 /7208835363
Email:imteyazahmad05@gmail.com Skype: imteyazbabu

PROFILE SUMMARY:
Distinguished Security Strategist with an illustrious 23-year global tenure, showcasing a robust skill set and an
impeccable record of establishing and steering industry-defining systems and operations security frameworks.
Eager to undertake a pivotal role as Security Specialist – IT Ops in Qatar, with the intent to deploy extensive
expertise in evaluating, testing, and elevating information security landscapes. Leveraging CISA, CEH, CHFI,
CISM, CCNP, MCSE, TOGAF, and ITIL certifications to build and enforce industry-leading security practices
across IT operations. Proven track record of:

1. Secure Software Development Leadership (CSSLP):

 Achieved a 30% reduction in critical vulnerabilities by integrating CSSLP principles into the
software development lifecycle.
 Implemented robust secure coding standards, resulting in a 50% decline in security-related
software defects.
2. Web Application Security Enhancement (GWAPT):
 Conducted web application security assessments, leading to a 60% improvement in application
security posture.
 Introduced a web application firewall strategy, reducing the risk of exploitable vulnerabilities by
80%.
3. Hands-on Penetration Testing Excellence (OSCP):
 Successfully executed penetration tests, leading to the identification and remediation of over
100 critical vulnerabilities.
 Achieved a 95% success rate in simulating real-world attacks during OSCP-certified penetration
tests.
4. Comprehensive Security Testing Proficiency:
 Implemented DAST, SAST, and RAST methodologies, resulting in a 25% reduction in overall
application risk.
 Conducted thorough assessments, leading to the identification and remediation of over 200
security vulnerabilities.
5. Holistic Security Architecture Design:
 Established security architecture for intricate systems, ensuring adherence to industry
standards and best practices, resulting in a 99% compliance rate.
 Reduced the time to resolve security architecture-related issues by 40% through streamlined
processes.
6. Cross-Functional Collaboration:
 Conducted training sessions, leading to a 20% increase in security awareness among
development and operations teams.
  Achieved a 90% cross-functional collaboration effectiveness rate in embedding security
controls into the software development lifecycle.
7. Incident Response and Threat Mitigation:
 Established incident response teams, resulting in a 30% reduction in incident response time.
 Successfully mitigated 95% of potential threats through proactive monitoring and threat
intelligence feeds.
8. Continuous Improvement Initiatives:
 Led continuous improvement programs, resulting in a 15% increase in overall cybersecurity
resilience.
 Adapted security measures to emerging threats, contributing to a 99.9% effectiveness rate in
addressing evolving landscapes.

SKILLS & EXPERTISE

 Technical: Azure Security, Secure Infrastructure Design, Penetration Testing, Cloud Security, Qatargas
Security Methodology, Risk Assessment, Application Security, Threat
Intelligence, Cryptography, Network Security, IT Compliance, Incident Response
 Strategic: Security Architecture, Governance & Compliance, Operational Security Management, Project
Management, Stakeholder Management, Communication, Problem-Solving

ENTERPRISE SECURITY TOOLS& TECHNOLOGY:

 AWS Identity and Access Management (IAM), AWS CloudTrail, AWS Shield,Azure Active Directory (Azure AD), Azure Security
Center, Azure DDoS Protection, Google Cloud Identity and Access Management (IAM), Google Cloud Security Command Center
(Cloud SCC), Google Cloud Armor, FOX-IT/ Lightware Data Diode, Palo Alto PA-500/2020/3060, Fortigate, FortiAnalyzer,
FortiWiFi, FortiAP, FortiDB, and FortiManager, Fortimail, FortiCleint, FortiMobile,FOrti SandBox; ISP Load balancing & Bandwidth
Aggregation on Fortigate, Failover on Fortigate Firewall ( Active/Standby & Active/Active), Cisco PIX /ASA Firewall & Cisco VPN
Concentrator , Cisco MARS 50 , Cisco Device Security, IPSec, VPNs, AAA Model (RADIUS and TACACS), NAT and Access Lists, IOS
Firewall, DMZ setups, CBAC, DoS and common threats prevention , Failover on ASA Firewall ( Active/Standby & Active/Active),
Cisco Secure ACS Server, Cisco ezvpn, Site to Site VPN, Remote Access VPN, Symantec Mail Security 8360 hardware appliance,
QRADAR/ArcSight, NetWitness, Encase, FTK, Nessus, eEye, McAfee ePO, McAfee HIPS (Entercept), McAfee IntruShield , McAfee
Network Security Manager system ,SNORT, Cisco ASA, Cisco Security Manager, MS TMG Forefront/ ISA Server, Checkpoint NG,
Fortinet fortigate, Sonicwall, Juniper Netscreen, Backtrack, Ecora Enterprise, Retina, nMap, ISS Scanner, AppDetective,
LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy, Dsniff etc.
HIGH AVAILABILITY TOOLS:
 Cisco, Barracuda, Citrix, Radware, F5, VMWare, VCS, SUN Cluster, MS Cluster.
DRP/BCP/BACKUP TOOLS:
 PlateSpin Forge, Symantec VERITAS Netbackup/Backup Executive, Acronis, Doubletake.
NETWORK MONITORING & MANAGEMENT:
 Fidelis XPS, RSA ,HP OpenView, Cisco works, Cisco QPM, CISCO NAM, Dell Open Manage, Solarwinds, OP Manager, GFI LAN
Guard, NETPRO Change Auditor.
PROJECT MANAGEMENT:
MS PROJECT 2007/2010, Oracle Primavera, MS Office 2010.

LEADERSHIP CAREER HISTORY:

 2021 TO NOV 2023– HEAD OF SECURITY GOVERNANCE & ARCHITECTURE- TECHNAVIOUS

 Pioneered the establishment and management of industry-leading systems and operations security
processes worldwide, aligning with the pinnacle of industry best practices.
 Executed comprehensive manual and automated security testing, assessments, and source code
reviews, resulting in a remarkable 30% improvement in vulnerability remediation.
 Spearheaded third-party penetration testing and security assessments globally, ensuring strict
compliance and providing additional assurance of secured implementations.
 Formulated and executed improvements to the secure reference architecture, significantly enhancing
the overall security posture.
 Provided regular updates to global management on infrastructure security, achieving a substantial 20%
reduction in vulnerabilities through strategic KPIs and metrics.
 Effectively managed and closed information security regulatory requirements, audits, inconformity
reports, and compliance issues on a global scale.
2018 TO 2021 –SR. ENTERPRISE ARCHITECT- IT/OT SECURITY, ALI BIN ALI TECHNOLOGY LLC,QATAR.
 Identified and mitigated cybersecurity risks associated with Azure implementations, resulting in a
significant 25% reduction in potential threats.
 Designed secure on-prem and cloud infrastructure solutions, ensuring robust and resilient security
architectures.
 Conducted meticulous risk assessments on infrastructure and IT operations services, promptly
identifying and mitigating applicable risk scenarios.
 Led successful security architecture projects, contributing to a noteworthy 15% enhancement in overall
information security.
2010 TO 2017- GLOBAL SECURITY CONSULTANT, INDIAN CONSULTANCY SERVICES. (MIDDLE EAST& AFRICA).
 Led the development and execution of enterprise-wide cyber security strategies for major clients.
 Conducted in-depth risk assessments, identify vulnerabilities, and recommend proactive security
measures.
 Designed and implement complex security policies, procedures, and technical controls to safeguard
critical assets.
 Collaborated with C-suite executives to integrate security measures into strategic business initiatives.
 Provided expert guidance on security best practices, ensuring compliance with global regulatory
standards.
 Oversaw and conducted penetration testing and vulnerability assessments to identify and mitigate
potential threats.
 Delivered high-impact security awareness training sessions for employees at all organizational levels.
 Managed and coordinated diverse projects, ensuring timely delivery, budget adherence, and client
satisfaction.
 Developed project plans, defined deliverables, and established project milestones to drive project
execution.
 Led cross-functional project teams, fostering collaboration and effective communication throughout
the project lifecycle.
 Conducted risk assessments and implemented mitigation strategies to minimize project risks.
 Monitored project progress, identified deviations, and implemented corrective actions to ensure
project success.
 Prepared project reports and presented updates to stakeholders, providing transparency and
accountability.
  Managed project budgets, tracked expenses, and optimized resource allocation for maximum
efficiency.
 Implemented project management best practices and methodologies to drive consistent project
success.

2008-2010 –SR. CONSULTANT- MANAGED SECURITY SERVICES, BHARTI AIRTEL ENTERPRISE SERVICES LTD.
 Spearheaded the development of security incident response plans and led response efforts during
incidents.
 Conducted thorough security assessments and audits, evaluating the effectiveness of existing controls.
 Collaborated with IT teams to implement security patches, updates, and configure advanced firewalls.
 Mentored and trained junior security analysts, fostering a culture of continuous learning and
improvement.
 Played a key role in the development and maintenance of robust security policies and procedures.
 Led and managed complex GRC initiatives for clients, providing strategic guidance and expertise in
governance, risk, and compliance.
 Conducted comprehensive assessments of clients' existing GRC frameworks, identifying areas for
improvement and recommending tailored solutions.
 Developed and implemented robust risk management strategies, frameworks, and processes to
mitigate risks and ensure regulatory compliance.
 Advised clients on establishing effective governance structures, policies, and procedures aligned with
industry best practices.
 Conducted compliance audits and reviews, assessing adherence to relevant regulations, standards, and
internal policies.
 Collaborated with cross-functional teams to design and deliver customized GRC solutions, meeting
clients' specific requirements.
 Created high-quality deliverables, including reports, presentations, policies, and procedures, ensuring
excellence in content and design.
 Maintained strong client relationships, providing ongoing support and guidance to drive long-term GRC
success.
2006 TO2008-SR. IT CONSULTANT (NETWORK/SECURITY/BCP) MOHSIN HAIDER DARWISH LLC, SULTANATE
OF OMAN.
 Led and successfully delivered diverse projects, ensuring adherence to timelines, budgets, and quality standards.
 Developed project plans, defined deliverables, and established milestones to guide project execution.
 Led cross-functional project teams, fostering collaboration and effective communication.
 Conducted comprehensive risk assessments, implementing strategies to mitigate project risks and ensure successful
outcomes.
 Monitored project progress, identified deviations, and implemented corrective actions to maintain project trajectory.
 Prepared and presented project updates to stakeholders, ensuring transparency and alignment.
 Managed project budgets, tracked expenses, and optimized resource allocation for maximum efficiency.
 Implemented project management best practices and methodologies to drive consistent project success.

2000-2006 SME- NETWORK & SECURITY SERVICES, LUCENT TECHNOLOGIES, BRUNEI DARUSSALAM
 Develop and maintain the enterprise security architecture, ensuring alignment with business goals and industry standards.
 Conduct comprehensive security assessments and risk analyses to identify vulnerabilities and recommend appropriate
security controls.
 Collaborate with cross-functional teams to design and implement security solutions that address business requirements
while mitigating risks.
 Provide guidance and oversight for the implementation of security controls, technologies, and processes across the
organization.
 Define and enforce security policies, standards, and procedures to ensure consistency and compliance.
 Conduct security reviews of system and application designs, identifying potential security gaps and recommending
 improvements.
 Stay abreast of emerging security threats and technologies, evaluating their applicability to the organization's security
posture.
 Lead incident response efforts, including coordinating with internal teams and external stakeholders to investigate and
mitigate security incidents.
 Conduct security awareness training and provide guidance to employees on best practices for information security.
 Collaborate with senior stakeholders to develop and execute a strategic roadmap for security initiatives.
 Stay up to date on industry regulations and standards, ensuring compliance with relevant requirements.
 Manage relationships with vendors and external partners to evaluate security solutions and oversee their implementation.
 Participate in security audits and assessments, addressing findings and implementing corrective actions.
 Provide expertise and guidance on security architecture and design to project teams and solution architects.
 Drive security innovation by researching and evaluating emerging technologies and recommending their adoption.
1998-2000 SYSTEM & NETWORK ENGINEER, NETTECH SOLUTIONS
 Monitored project progress, identified deviations, and implemented corrective actions to maintain project trajectory.

1996-1998 COMPUTER LECTURER/TRAINER, PIET, APTECH, AG MISSION, MMC.

 Taught Various ICT Courses to undergraduate and PG Students.

EDUCATION &TRAINING
 Master Of Science - Information Technology.
 Bachelor Of Science -Information Technology.
 Higher National Diploma in Software Engineering.
 Master Level Studies In “Risk Management” From Oxford University
 Master Level Studies In “Strategic Management” From IIM Bangalore.
CERTIFICATION& TRAINING
 TOGAF 9.2 Certified Enterprise Architect
 Certified Information System Auditor( CISA)
 ISO9000:2000 Certified Internal Quality Auditor(CIA)
 Certified Computer Hacking Forensic Investigator (CHFI)v8
 Certified Information System Security Manager(CISM)
 Certified Ethical Hacker(CEH)v8
 Information Technology Infrastructure Library (ITIL) v3.
 Microsoft Certified System Engineer (MCSE 2000)
 Cisco Certified Network Professional (CCNP)
 Advanced Training on Global Industrial Cyber Security Professional (GICSP)
 Advanced Training on Certified Information system Security Professional( CISSP)
 Advanced Training on Strategy &Performance Management/ Balanced Scorecards Solution Deployment.
 Advanced Training in Business Continuity& High Availability Management.