OIST Research Intern Application

Confidential Information

WAQAR AHMAD

Application Number: OIST-37745

Online Application- WAQAR AHMAD, OIST-37745 page 2

Disclaimer
Confirmation: I confirm that I have read and agree to the above stated policies.

Basic information

First or given name printed in your passport: WAQAR

Family name printed in your passport: AHMAD
Preferred first name: WAQAR
Gender: Male
Date of birth: 20.03.1989
Citizenship: PAKISTAN

Permanent address

Country: PAKISTAN
Street address: 48 B Traders Colony, Bharakaho
City: Islamabad
Region: Punjab
Postal code: 45400
Supporting information

Statement of purpose: My name is Waqar Ahmad. I did my MSc (Internet, computer, system security) from University
of Bradford, UK. I completed my BS (Hons) in computing from University of Bradford.

> How does OIST and my desired research unit(s) fit with my current expertise and skill set?

As I have done my MSc in Information Security so in order to polish my ethical hacking skills and to gain some
practical knowledge I decided to get the training of Certified Ethical Hacker (CEH). CEH certification is one of the
hottest picks for IT security professionals pursuing a career in penetration testing. I also learned about intrusion de-
tection system/intrusion prevention system (IDS/IPS), network access control (NAC), data loss prevention (DLP) and
enterprise anti-virus solutions. Other relevant topics covered in my CEH training include Mobile Hacking, System
Hacking, Sniffing, Social Engineering, DOS, DDOS, Penetration Testing, Secession Hijacking and Man in the Middle. I
think this CEH is most relevant and would prove very useful in continuing my research internship in Quantum Systems
Unit at OIST because I can make use of my practical knowledge I obtained from my previous cyber security field into
my internship at OIST.

Other than CEH I am Microsoft Certified Professional MCP as well. I also successfully completed my Windows Server
2008, Server Administrator in 2011. So I was introduced to analyzing system logs and identifying potential issues with
computer systems, Performing routine audit of systems and software, Applying operating system updates, patches,
and configuration changes. Installing and configuring new hardware and software and answering technical queries
and assisting users. After finishing the training I successfully got the certification of Microsoft Certified Technology
Specialist (MCTS) by an online test conducted at Microsoft testing center. I also have got the RHCSA and CCNA
training where I had a chance to get a firm grip on my practice capabilities of systems administration.

I also have done couple of other certifications and trainings which are related to computer science as well as cy-
ber security. Which include following CompTia Network + (Ebryx CSIRT Trainings), CompTia), Security + (Ebryx
CSIRT Trainings), GIAC (Comprehensive Packet Analysis), SANS SEC-556 training, GIAC GSEC (Security Essen-
tials), SANS SEC-401 training, GIAC GCIA (Intrusion Detection In-Depth), SANS SEC-503 training, GIAC GMON
(Continuous Security Monitoring), SANS SEC-511 training. I hope my relevant certifications and trainings makes me
suitable candidate for OIST internship program.

If you are interested in multiple research units, please explain your interest and fit for each briefly within one sin-
gle statement.
Yes, I am indeed interested multiple disciplines also.

Quantum Systems Unit by Professor Thomas Busch

Evolution, Cell Biology, and Symbiosis Unit by pro, Filip Husnik
Integrated Open Systems Unit br Prof, Hiroaki Kitano

> What do I hope to accomplish at OIST?

Now I want pursue my career by doing internship at OIST. I think this internship would be really helpful to enhance my
knowledge in Quantum Systems Unit area and will enable me to see the world from the eye of an amazing university
OIST which has no departments so that there is no barrier between inter related fields and disciplines.

I believe that would be a unique and one of its kind opportunity for me because normally other universities students
and learning environment is divided into multiple fields like maths, computer science etc.

The purposed this internship is to explore the university, new people and to meet talented professors and students
there. Also I would love to find out and meet the professors and students who have similar research interest like me.
Which can be my potential future PHD Research companion if I get PHD at OIST in future.

I hope this internship will also give me opportunity to explore research area to redevelop the Mobile Security Mod-
ules (ASM) framework that aims to improve the security of android and iOS devices in order to prevent the hackers
to misuse the mobile applications permissions, Because I already have done MSc Information Security moreover my
relevant skills like CCNA, MSITP, RHCSA and most importantly my cyber security training are genuine drive and moti-
vation for this internship at OIST.

> How does a research internship at OIST fit into my overall career plans/aspirations?

As I have been working at different companies for my job and career particularly in CS area. So I believe that my
internship at OIST is a door to new opportunity for me for my future career. I have heard that those students doing
research at OIST have the access to the world class laboratories and equipment’s for their particular research areas.
Moreover, as OIST provides students with centralized research resources and technical support so I believe this in-
ternship is going to not only enhance my relevant knowledge but also going to play an important role for my future
research career in cyber security.

Lastly I would like to say, as you can see in my CV I have done multiple jobs in industry so in order to enhance
and enrich my industry based knowledge, I would love to explore more from the internship how Japanese nation work.
Not only I am already inspired by the Japanese nation but also because of this OIST internship boosting my career
goals in cyber security research would be an extraordinary achievement for me.

That’s why I have decided to pursue this internship program at OIST Japan. Looking forward to get a positive feedback
soon.

Curriculum Vitae: File attached

Photo: File attached

Financial Support from third party: No

Education history
Education history:
City: Bradford
Converted GPA: 3.4
Country: UNITED KINGDOM
Dates attended/attending: September, 2013 to December, 2014
GPA Score: 3.40
Help Text for adding new entries:
Honors, Awards, Fellowships and Scholarships: Post Graduate Representative at University
Institution: University of Bradford
Level of study: Master
Level of study (Other):
Major: Computer Science
GPA Scale: 4.00
Primary language of education is English: Yes
Region: Yorkshire
Document- Transcript
PAGE 1 OF 3 SEE SECURITY INFORMATION ON PAGE 1 PAGE 1 OF 3

University of Bradford

Copy of Official Transcript

Security Information
You are viewing a PDF document (or a print out of that document) that was generated by University of Bradford and
was downloaded by the individual named in the document from a website hosted at University of Bradford https://
edocs.brad.ac.uk/.

This PDF (or print) is NOT a secure document. It was created from the official document at time of production, but could
have been tampered with since it was downloaded or printed.

Recommendation
The secure original document resides online at University of Bradford. University of Bradford provides a free and secure
online service for recruiters and other third parties to verify the authenticity of official documents issued to its student and/
or graduates. While this service allows students and graduates to control who sees their information, only authorised
officials of University of Bradford can create actual documents. This the most secure way to verify these documents.

To use the system, you should contact the student or graduate who provided you with this document, and ask them to
log on to the student/graduate area at https://edocs.brad.ac.uk/ and create a Document Share for you using the secure
email delivery as the delivery method (they will need your email address for this). The Document Share is a generated
URL linking back to a secure website at University of Bradford (https://edocs.brad.ac.uk/). The Document Share URL
will be delivered directly to you by certified email from University of Bradford, so that you know the URL is legitimate.

When you visit the Document Share URL, you may be required to register with the system. Registration is free and
straightforward, and may be required by the individual named in this document in order to restrict access to their
document for Data Protection reasons. Once you are registered and logged in (or if no registration was required by the
student/graduate), visiting the Document Share URL will cause the document to be verified online and you can be sure
you are viewing the document as it was originally issued by University of Bradford.

Data Protection
This document contains personal information about the individual named in it and may be subject to Data Protection
laws in your jurisdiction. This information may only be used with the consent of the individual named in the document
and for the purposes agreed with the individual. You may not distribute this information to a third party without the prior
consent of the named person.

Further Information
For further information, please see the University of Bradford website at: https://edocs.brad.ac.uk/.

PAGE 1 OF 3 SEE SECURITY INFORMATION ON PAGE 1 PAGE 1 OF 3

Document- Transcript
PAGE 2 OF 3 SEE SECURITY INFORMATION ON PAGE 1 PAGE 2 OF 3

University of Bradford Transcript

This document is an official University of Bradford Transcript.
1. Personal Details
Name of Student Waqar Ahmad Date of Birth 20/03/1989
University Reference 08030577/2 HESA Reference 1311110305776
2. Programme of Study and Qualification Sought
Qualification Master of Science
Teaching Institution University of Bradford
Awarding Institution University of Bradford
Programme of Study MSc Dept of Computing
Programme Title Internet, Computer and System Security
Language(s) of Instruction English
Language(s) of Assessment English
3. Level and Duration of the Qualification
Programme Level Master of Science
1,200 total study hours per full-time academic year (or pro rata for part-
Programme Hours
time study)
4a. Contents of the Programme of Study and Results Achieved
Module ECTS
Year Module Title Level Mark Grade Credits
Code Credits
2013/4 CM-1035M Computer Architecture and Systems M 89.00 P 10 5
2013/4 CM-1052D Security, Privacy and Data Protection M 58.00 P 20 10
2013/4 CM-0424Z Dissertation M 62.00 P 60 30
2013/4 CM-1066D Networks and Protocols M 66.00 P 20 10
2013/4 CM-1044D Artificial Intelligence with Applications M 77.00 P 20 10
2013/4 CM-1064D Internet Security and Protocols M 70.00 P 20 10
2013/4 CM-1063L Incident Response and Novel Approaches to Security M 52.00 P 20 10
2013/4 CM-0421M Introduction to Cryptography M 35.00 CP 10 5

Total credits gained / Total ECTS credits gained 180 90

4b. Qualifications Achieved
Award Achieved Classification Date of Award
Master of Science Merit 04/12/2014
5. Transcript Certification
Date Of Issue
Authorised by Shirley Congdon
Official Post Pro-Vice-Chancellor (Learning and teaching)
Further Information https://edocs.brad.ac.uk

PAGE 2 OF 3 SEE SECURITY INFORMATION ON PAGE 1 PAGE 2 OF 3

Document- Transcript
PAGE 3 OF 3 SEE SECURITY INFORMATION ON PAGE 1 PAGE 3 OF 3

6. University Regulations
Programmes, modules, Each programme of study at the University of Bradford is made up of a number of modules, taken at different stages of
credits and levels the programme. Modules are available in multiples of ten credits. Each 10-credit module requires the average student to
undertake approximately 100 hours of study, including contact time. This means that a full-time undergraduate student
will study for about 1200 hours in an academic year, spread over 30 weeks (2 semesters); a postgraduate will study for
an additional 600 hours in a third trimester, usually on a project.

Each module has a designated level, which reflects how advanced the material is. Usually, the level is the same as the
stage number (the year) in which the module is taken.

For each award, some modules are compulsory and some optional. Students may take some elective modules, which
may not be related directly to their award but which address an area that is of interest to them (such as studying a
language).

The curriculum for each programme of study is described in a programme specification, which designates the title, credit
value, level, stage and semester of each module, and whether it is compulsory or optional.
Progression and Award A student is permitted two attempts at each module, the initial one and one supplementary assessment, as of right. A
third attempts will be granted if a student achieves 80 credits at 40% and has undertaken the second attempt. One further
attempt (total of 4, including the initial attempt) is at the discretion of the Board of Examiners according to their School
algorithm for fourth attempts. The best mark is used to determine the amount of credit achieved and whether a student
meets the progression criteria. Following supplementary assessment, a capped mark of 40% (or the original mark if
higher) is used to calculate degree classifications and eligibility for an award with merit or distinction, where appropriate.
If an assessment is not taken at the first attempt, without good cause, or is handed in late, a mark of zero is awarded
(which is used in the calculations for classification). If a mark is not achieved, at the first attempt, a numbered subscript
shows the bona fide attempt number next to the mark on the transcript.

Postgraduate awards in the School of Management use a grading system rather than numeric marking. Module results
are graded as follows:

AD - Pass with distinction

B - Pass with merit
C - Pass
D - Marginal fail
EF - Fail

Awards are made as follows:

Master's degree: at least 160 credits at C or above.

Postgraduate Diploma: at least 100 credits at C or above.

Postgraduate Certificate: at least 40 credits at C or above.

Awards (including those Once a student has completed a specified number of credits, s/he is entitled to an award of the University (see
that are accredited by Ordinance 2 at http://www.bradford.ac.uk/aqpo/ordinances-and-regulations/).
external bodies) Many of our awards are accredited by professional, statutory and regulatory bodies, which often have requirements
additional to the general regulations of the University applied to programmes of study (such as students having to
pass both the theory and practice components of a module's assessment, or having to pass a particular module with a
minimum overall mark). Where there are such exceptions, these are referred to in the programme specification. Such
awards may also restrict the number of electives that can be taken.
More Information More information is available on the University's web-site:
http://www.bradford.ac.uk/aqpo/ordinances-and-regulations/ for taught course regulations;
http://www.bradford.ac.uk/academic-quality-unit/programme-specifications/ for programme specifications (available by
year of entry to the appropriate award);
Below are links to the Quality Assurance Agency for Higher Education
http://www.qaa.ac.uk/AssuringStandardsAndQuality/quality-code/Pages/UK-Quality-Code-Part-A.aspx
http://www.qaa.ac.uk/Publications/InformationAndGuidance/Pages/quality-code-A1.aspx
http://www.qaa.ac.uk/Publications/InformationAndGuidance/Pages/quality-code-A2.aspx
http://www.qaa.ac.uk/Publications/InformationAndGuidance/Pages/quality-code-A3.aspx
http://www.bradford.ac.uk/academic-quality-unit/quality-assurance-handbook/
http://www.bradford.ac.uk/academic-quality-unit/codes-of-practice/ for the University's response to the national Code of
practice
Place(s) of study: (will vary: e.g. Management Development Institute of Singapore, Indian Institute for Learning in
Management)

PAGE 3 OF 3 SEE SECURITY INFORMATION ON PAGE 1 PAGE 3 OF 3

Area of scientific interest
Scientific core fields: Cellular neuroscience, Computer science - general, Computer systems - networks and archi-
tecture, Information science, Quantum physics
Scientific minor fields: Cellular neuroscience, Computer science - general, Computer systems - networks and archi-
tecture, Information science, Quantum physics
Faculty of interest 1: Thomas Busch
Faculty of interest 2: Hiroaki Kitano
Faculty of interest 3: Filip Husnik

Duration of your visit

Desired duration of visit: 01.10.2021
Are your requested dates flexible?: Yes

Your interest in OIST

Are you interested in the OIST PhD program?: Yes
Do you wish to be kept informed of OIST news?: Yes
If you are not selected for the Research Internship Program, would you like for us to share your information
with other divisions at OIST if we determine that your skillset and experience may be a good match for other
opportunities at OIST?: Yes

Travel information

Passport number: XH1154583

Passport photo/scan: File attached

Do you hold a Japanese visa?: No
Nearest major airport: Islamabad International Airport
Nearest Japanese embassy/consulate to your location: Embassy of Japan, 53-70, Ramna 5 Diplomatic Enclave,
Islamabad, Islamabad Capital Territory 44000

Relationship with OIST

 WAQAR AHMAD
Email: waqarvikiwaqar@gmail.com || Mobile: +92 3005197570 || WhatsApp: +65 98581549

Sr. Information Security Engineer

A proficient Cyber Security Engineer with experience in data loss prevention (DLP), systems and network security, incident analysis and recovery. Proficient at
communicating with analysts, engineers and clients in a clear and understandable manner.

WORK EXPERIENCE
Ebryx, Pakistan 01/2021 – Current EDUCATION
Sr. Information Security Engineer (SOC)
 Currently working at Ebryx Technologies in SOC (Security MSc Cyber Security 09/2013 – 12/2014
Operations Center) team. Responsibilities included are but not University of Bradford, UK
limited to continuously monitor and improve organization's BS (Hons) Computing 09/2009 – 08/2012
security posture while preventing, detecting, analyzing, and University of Bradford, UK
responding to cybersecurity incidents.
DHE Network Administration 09/2008 – 08/2009
Namal College, Pakistan
OCBC Bank, Singapore 04/2019 – 08/2020
Cyber Security Engineer (DLP)
 While working at Cyber Technology Support (CTS) team at
CERTIFICATIONS & TRAININGS
TISO-OCBC, handled the Web Content Scanning (Data Loss
Prevention) system for the Bank and its subsidiaries (Bank of
Singapore, OCBC Malaysia, OCBC Wing Hang, OCBC Intl). C|EH (Certified Ethical Hacker)
 Worked as a lead engineer for Web Content Scanning WCS CCNA (Cisco Certified Network Associate)
System at Bank. Responsibilities included Policies deployment, MCTS (Microsoft Certified Technology Specialist)
fine-tuning, raising exceptions requests, communicating with MCP (Microsoft certified Professional)
stake holders regards DLP requests and then implementing RHCSA (Red Hat Certified System Administrator)
those DLP Exception requests. RHCE (Red Hat Certified Engineer)
CompTia Network + (Ebryx CSIRT Trainings)
NUS & SingTel Lab, Singapore 11/2018 – 04/2019 CompTia Security + (Ebryx CSIRT Trainings)
Cyber Security Researcher GIAC (Comprehensive Packet Analysis)
 Worked as an Info-Sec Researcher on a collaborative IoT SANS SEC-556 training
security research project at National University of Singapore & GIAC GSEC (Security Essentials)
Singtel Cyber Security R&D lab in Singapore. Participated in
SANS SEC-401 training
research for a new security protocol using mbTLS to provide an
GIAC GCIA (Intrusion Detection In-Depth)
expressive In-Network Security Orchestration for enterprise.
SANS SEC-503 training
Lenovo/Motorola, Beijing 09/2016 – 11/2018 GIAC GMON (Continuous Security Monitoring)
Information Security Engineer SANS SEC-511 training
 Worked as Sr. NOC Engineer and supervised NOC engineers in
IT NOC (Motorola). Later transferred to SOC (Lenovo) and
took part in deployment of OSSEC for security monitoring,
effective threat detection & incident response.

Ebryx, Lahore 09/2015 – 09/2016

ONGOING TRAININGS
Security Analyst (CSIRT)
 While working at Computer Security Incident Response Team CISSP (Certified Information Systems Security Professional)
carried out continuous security monitoring (CSM) at Alien
Exam Planned: Jan 2021
Vault SIEM (Security Information and Event Management).
CISA (Certified Information Systems Auditor)
Premier Systems 08/2012 – 09/2013 Expected Exam Date: Aug 2021
System Support Engineer
CISM (Certified Information Security Manager)
 Managed and monitored all systems within the organization.
Configured, tested and maintained operating systems, Expected Exam Date: Dec 2021
application software and system management tools.
 PROJECTS INFORMATION SECURITY TOOLS
DLP System Handover & Upgrade OCBC Bank
 Led the handover of DLP (Web Content Scanning) System from
CSOC team to CTS team as main DLP system for the Bank.
 Other project’s responsibilities included were implementation of
Bank’s DLP Nagios Network Alien Vault
content scanning policies, Raising DLP Exceptions approvals to Scanning System Monitoring (SIEM)
committee, proving recommendations to committee on behalf of
DLP team, clarifying the concerns raised by committee based on
Banks internal DLP policies, guiding customers about WCS
system, Implementing the exceptions and fine tune the policies
with updated records, keeping all DLP servers up and running.
 Monitoring and analyzing the DLP Alerts, taking actions on Kali Linux Wireshark Metasploit
BackTrack5 Snort / Nmap
DLP Incidences and sending emails to respective managers (if
some incident occurred). Communicating with respective
managers and guiding them the next procedures to be followed, TECHNICAL SKILLS
pulling the requested DLP Alerts for auditors, housekeeping the
WCS servers if required.
Network Security Skills
Packet Analysis for Intrusions
Security Orchestra FireEye Network Security Monitoring (NSM)
Lead (Invotas Security Orchestra) IDS/IPS
 Quality assurance of a security orchestra called Invotas. MITM
Automated information security tasks (used to be performed Social Engineering
manually), resulted in improved response times, reduced risk Penetration Testing
exposure and maintained process consistency. Networking
Switching / Routing
Mobile Pen-Testing Toolkit University of Bradford TCP-IP Stack
Cyber Security Researcher IP Subnet Masking
 Deployment of a penetration testing toolkit for android based HTTP, HTTPS, DNS, DHCP
mobile devices while working as a security researcher at IP4 and IP6
University of Bradford, UK. Research published in University's Languages
journal considering project as the best MSc research Thesis. C#/Python/JavaScript
PHP/HTML/XML/CSS
Freelance Projects Web/Soft Development SQL Databases
 Developed Kinect Control System (controlling using gestures) Designing
 Developed IT Support System for Namal College. Adobe Flash/Photoshop/Illustrator
 Developed Online CV creation application for client. Rapid CSS/PHP
 PenTesting of Shahid Sweets & Bakers’s website.
 PenTesting of Fuelthrifters Team’s website.
AWARDS
Students Union President 11/2013
University of Bradford, UK (UBU)

CORE SKILLS HOBBIES & INTERESTS

SIEM & Threat Monitoring Deep Packets Inspection (DPI)

Sketching Hiking
Taekwondo
DLP Alerts Analysis DLP Policies DLP Implementation Drawing Camping

Cyber Security Support Badminton

Fencing Travelling Squash

Football Cycling Cooking