Mirza Ehtesham Hussain

45, Denzil Road,

London, Great Britain, NW10 2UR.
Ph: +44 77 27 24 38 38
Email: mirza455@gmail.com

Professional Summary - A seasoned Information Security professional with close to 4 years of diverse
experience in IT and non-IT domains. I carry a rich background in Information Security with extensive
trainings and Masters Degree in Information Security & Computer Forensics from Great Britain. My
progressive hands-on experience in designing, implementation, management and support of various
Information Security solutions on network related components and through knowledge of security techniques
and system gives me a distinct edge when consulting with business on security issues and solutions.

Career Highlights

 Expertise in managing Encase & FTK operations in the field of Computer Forensics
 Sound knowledge and understanding in ISO 27001:2005 implementation framework and practices in
the area of Information security
 Progressive experience in evaluation and Implementation of new security products
 Sound Knowledge of performing system security audits for base systems & perimeter security
components and Risk Assessments & Management
 Good knowledge and hands on experience in Firewalls, Vulnerability Assessment, Penetration testing,
Endpoint Security solutions

Business Experience

 Technology and Security products’ positioning based on client requirements

 Good Analytical, Problem Solving and Leadership skills.
 Organize and Conduct training and awareness workshops.
 Ability to drive and motivate the team to achieve the desired goal.
 Products implementation and management.
 Project management and execution.

Educational Qualification

Master’s degree in Information Security & Computer Forensics from University of East London, London,
Great Britain
Certifications:

 Security+ Certification From CompTIA

 Pursuing Certified Information Systems Security Professional (CISSP)
Trainings completed:

 ISO 27001:2005 Implementation

 Symantec Endpoint Protection 11.0
 FTK & Encase

Experience

Organization Designation Type Duration

Tesco - IT Department IT Security Analyst Full-Time Feb 2009 to Till date
(www.Tesco.com )
Tesco Stock Analyst Part-Time March 2006 to Jan 2009
Present Job Responsibilities:

IT Security Analyst – Tesco (IT Department)

As a IT Security Analyst with Tesco IT Department providing

- Support on endpoint security solution with Symantec Endpoint security

- Work with steering committee to help implement best practices of ISO 27001:2005
- Facilitate the Risk Analysis process
- Perform regular Vulnerability Assessment and maintain records
- Assist in identification and reporting of noncompliance with security policies
- Create awareness among Employees regarding information security

Technology Experience

Forensic Analysis – Encase & FTK

- Write Blocker software which avoids contamination of original form of gadgets

- Recovery of information from deleted files and registry entries to the Internet history cache and automatic
Word backup files
- Collect information from server’s logs, E-mail headers and instant messaging logs
- Cryptography password recovery techniques via cipher and decipher procedure
- Electronic devices as an evidence acquisition, examination, and reporting of information found on
computers and networks that pertain to a criminal trespass

Endpoint Security - Symantec EPS 11.0

Operating Systems - Windows XP /NT/2000/2003

Patch Management Tool -Microsoft WSUS.

Vulnerability Assessment Tool – NESSUS, NMAP

Key Projects:

Project I – Bench Mark Study on Security Management & Risk Assessment for London Olympics
2012

As part of fulfillment of final dissertation of Master’s Degree in Information security and Computer
Forensics from University of East London, Great Britain independently complete this 4 months thesis

Project Scope – The scope of the project was to carry out a benchmark study on Security Management &
Risk Assessment for next Olympics 2012 event to take place in London, UK.

As part of the bench mark the following few were considered physical and logical boundaries to carry out the
study
- Host Infrastructure, Assets, Spectators, Sponsors
- Vulnerable Events & Potential Threats, Malicious attacks , Financial Threats
- Security teams & Layers of Security
- Previous Threats and Security Measures
- Security and Geopolitics issue
- Compromises and Constraints
- Limited budget versus infinite demands
- Accessibility versus protection
 - Technology versus timescales
- Multi-agency, International approaches versus coordination overheads
- Low-profile versus Pre-emptive policing
- Interactive Simulation Software

Activities Carried out

- Effective risk assessment by way of ISO 27001:2005 standards with 133 Controls availability for
instantaneous mitigation of threats.
- Plan-Do-Check-Act cycle has to monitor the whole risk assessment integrity.
- Physically collected twelve stadiums architectural information.
- Created hazards scenarios sketch prior to the security plan.
- Maintain Confidentially, Integrity and Availability to sustain the potential standards.
- Delivered in an immovable deadline.
- Distinct indebt survey Legacy, Budget, Impediments plus Impulsive response etc.

Project Summary

There were seven areas of vulnerable risks in this upcoming Olympics event. The specific conclusions and
recommendations on each are as follows: The procurement practices are effectively applied, Games
Delivering against an immovable deadline, Budget and there requirement has to be clearly determined and
effectively managed. Strategy for the lasting Legacy, The structures of Governance and deliveries to
coordinate the group involved in the Games and the multiplicity of organization. And the impact on the
National Lottery causes good. The assets those are vulnerable to attack during Olympics Games. They are
Organizers, Spectators, Host nation and the security itself. By analyzing these assets and the survey conduct
on previous games facing security cautions. The constraints that threats security during Olympics are infinite
security demands and large budget (in period of recession). This obviously creates obstacles to apply risk
based assessment to allocate the security resources. Delays in construction would disturb the security team to
verify and validate the security measurements. The Confidentially, Integrity and Availability procedure need
to follow to sustain for potential hazards. Hazards scenario had to be sketch prior to the security plan. The
risk assessment and security management is compulsory to mitigate the threats and vulnerabilities by
applying 133 controls of ISO 27001 standards on Olympics.

Project II- Antivirus Product Assessment and Conduct lab based Competitive Benchmark against Key
Competitors for Worlds’ Number One Software Organization.

• Out of box feature testing and their effectiveness for the mentioned products
• Usability testing of the products
• Manual performance test – connectivity, performance of the desktop
• Comprehensive analysis of reporting and logging
• Comparison of supported product features and type of threats detected :
– Virus , Spyware, Trojan, Rootkits, Worms
• Prepare Competitive Benchmark Reports, Battle Cards, Analysis graph’s and case studies for each
product on following features:
Ease of Administration, Ease of Integration into current infrastructure, Cost, Auditing Features, User
Friendliness, Response Time to Update the Product for New Threats, Quality of Reporting etc.
\
Reference available on Request.
PERSONAL PROFILE

Father’s Name : Mirza Sarfaraz Hussain

Date of Birth : 21st February 1981
Passport Number : G6005870
Sex : Male
Nationality : INDIAN
Languages known : English, Hindi, Urdu & Telugu
Status : Unmarried
Place: Hyderabad
Date: (Mirza Ehtesham Hussain)