IMTEYAZ AHMAD

IMTEYAZ AHMAD
Plot 105, Sangam nagar, ring road, Nagpur. MH , India-440013
Cell/whats app +91 8600038911 Email:imteyazahmad05@gmail.com Skype: imteyazbabu
Passport Validity: 2029; KSA DRIVING LICENSE: EXPIRED CAN BE RENEWED

PROFILE SUMMARY:

Highly motivated and results-oriented OT Sr. Cybersecurity Architect with 24 years of experience designing,
implementing, and maintaining robust security architectures for critical infrastructure. Proven ability to bridge the gap
between IT and OT environments, ensuring comprehensive cybersecurity posture across the organization. Possesses a
deep understanding of industrial control systems (ICS) protocols and OT security best practices. Passionate about
fostering a culture of security awareness and keeping abreast of emerging threats and technologies.

KEY ACHIEVEMENTS:
 Designing Secure OT Architectures: Architected a segmented OT network and utilized RSA Archer to conduct
comprehensive risk assessments and manage identified vulnerabilities. This risk-based approach prioritized
critical vulnerabilities, resulting in a 60% reduction in the attack surface and prevented potential cyberattacks
that could have caused $4 million in damages and production downtime.
 Strengthening Network Security: Spearheaded a network security overhaul utilizing firewalls, IDS/IPS, and TLS
encryption. This reduced suspicious network activity by 30%, significantly lowering the risk of successful cyber
intrusions. Additionally, implemented SIEM integration for real-time threat monitoring and incident response.
 Proactive Vulnerability Management: Led a team in conducting bi-annual OT cybersecurity risk assessments
using RSA Archer. This proactive approach identified and remediated 90% of critical vulnerabilities within 48
hours, preventing potential exploits.
 Risk Mitigation Strategies: Developed a risk-based vulnerability mitigation strategy utilizing RSA Archer for
prioritization. These prioritized critical vulnerabilities based on severity and potential impact, resulting in a 25%
reduction in remediation time and improved resource allocation.
 Compliant Security Policies: Drafted and implemented OT-specific security policies and procedures aligned with
62443 and NCA standards. This achieved and maintained 100% compliance for three consecutive audits,
demonstrating a robust security posture. Utilized RSA Archer for policy management and compliance tracking.
 Measurable Security Posture: Established a comprehensive OT security KPI framework using RSA Archer for
data collection and analysis. This included vulnerability patching time (reduced by 70%), incident response time
(reduced by 50%), and security awareness training completion (increased to 95%). This data-driven approach
enabled continuous security improvement and informed strategic decision-making.
 Bridging the IT/OT Gap: Championed a collaborative effort with IT security teams. This resulted in a unified
cybersecurity strategy that reduced overall security incidents by 40% across the entire IT and OT infrastructure.
 Comprehensive Documentation: Streamlined OT security documentation by implementing a centralized
repository within RSA Archer. This increased document accessibility by 80% for internal teams and auditors,
facilitating efficient information retrieval and streamlined security audits.
 Secure Third-Party Vendor Integration: Developed a rigorous security evaluation process for third-party OT
vendors. This process identified and mitigated potential supply chain risks, preventing security breaches linked
to third-party vulnerabilities.
 Cultivating Security Awareness: Created engaging and interactive OT cybersecurity training programs with a
focus on real-world scenarios. This training program increased employee security awareness by 45%, leading to
a 20% decrease in phishing attempts impacting the organization.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

 Championed the pilot implementation of an anomaly detection system using machine learning. This early
detection system identified a critical security threat within 2 hours, allowing for immediate mitigation and
preventing a potential cyberattack. Integrated the system with SIEM for real-time threat analysis and response.

AREAS OF EXPERTISE:
 Risk Management  Compliance Management  Incident Response
 Vulnerability Management  RSA Archer Expertise  SIEM Integration
 Security Policy Development  Network Security (Firewalls,  OT Security Awareness
Threat Intelligence IDS/IPS, TLS) Training
 Network Design  Communication &
Collaboration
GRC TOOLS EXPOSURE:
OT/IT eGRC (SAI360), RSA Archer GRC, Lockheed Martin Agility GRC, MetricStream, IBM Security Guardium,
Onspring, ProcessUnity GRC, VirtusaPolaris GRC, Auditor, OneTrust GRC

SACADA/ICS/OT SECURITY TOOLS& TECHNOLOGY:

 Nozomi NSG-M 750/NSG-M 1000,Tenable Nessus, Tofino Xenon, QualysGuard, ArcSight, NetWitness, Encase, FTK, Cenzic
Hailstorm, HP Fortify, IBM AppscaneEye, McAfee ePO, McAfee HIPS (Entercept), , McAfee IntruShield , McAfee Network
Security Manager system ,SNORT, Cisco ASA, Cisco Security Manager, MS TMG Forefront/ ISA Server, Checkpoint NG,
Fortinet fortigate, Sonicwall, Juniper Netscreen,Backtrack, Ecora Enterprise, Retina,, nMap, ISS Scanner, AppDetective,
LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy, Dsniff etc. Cisco
 FOX-IT/ Lightware Data Diode, Palo Alto PA-500/2020/3060, Fortigate, FortiAnalyzer, FortiWiFi, FortiAP, FortiDB, and
FortiManager, Fortimail, FortiCleint, FortiMobile,FOrti SandBox; ISP Load balancing & Bandwidth Aggregation on Fortigate,
Failover on Fortigate Firewall ( Active/Standby & Active/Active), Cisco PIX /ASA Firewall & Cisco VPN Concentrator , Cisco
MARS 50 , Cisco Device Security, IPSec, VPNs, AAA Model (RADIUS and TACACS), NAT and Access Lists, IOS Firewall, DMZ
setups, CBAC, DoS and common threats prevention , Failover on ASA Firewall ( Active/Standby & Active/Active), Cisco
Secure ACS Server, Cisco ezvpn, Site to Site VPN, Remote Access VPN, Symantec Mail Security 8360 hardware appliance,
QRADAR/ArcSight, NetWitness, Encase, FTK, Nessus, eEye, McAfee ePO, McAfee HIPS (Entercept), McAfee IntruShield ,
McAfee Network Security Manager system ,SNORT, Cisco ASA, Cisco Security Manager, MS TMG Forefront/ ISA Server,
Checkpoint NG, Fortinet fortigate, Sonicwall, Juniper Netscreen, Backtrack, Ecora Enterprise, Retina, nMap, ISS Scanner,
AppDetective, LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy, Dsniff etc.

CLOUD SECURITY:
 Google Cloud Identity and Access Management (IAM), Google Cloud Security Command Center (Cloud SCC), Google Cloud
Armor, AWS Identity and Access Management (IAM), AWS CloudTrail, AWS Shield Azure Active Directory (Azure AD),
Azure Security Center, Azure DDoS Protection.
IDM/IAM/PAM
 Centrify, CA identity suite, Saviynt, RadiantLogic
VDS,SiteMinder,Cyberark,Sailpoint,Okta,Ping,Forgerock,MIM, Azure AD,
HIGH AVAILABILITY TOOLS:
 Cisco, Barracuda, Citrix, Radware, F5, Veritas, VCS, Sun Cluster, MS Cluster.
DRP/BCP/BACKUP TOOLS:
 PlateSpin Forge, Symantec VERITAS Net backup/Backup Executive, Acronis, Doubletake, VMWare.
NETWORK MONITORING & MANAGEMENT:
 HP OpenView, Cisco works, Cisco QPM, CISCO NAM, Dell OpenManage, Solarwinds, OP Manager, GFI LAN
Guard, NETPRO Change Auditor

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

ANTIVIRUS:
 Macafee, Windows Defender ATP, Sophos, Symantec Norton Anti Virus, Trend Micro, AVG, Avast, Panda
Software etc.
ROUTERS & SWITCHES:
 CISCO ROUTER 1800, 2600, 2800, 7200, 7600 ETC.
 CISCO CATALYST CE500, 2900, 3500, 3700, 4500, 6500 ETC
SERVERS & STORAGE SOLUTIONS:
 Dell , HP, IBM, Super Micro, SUN, Netapps
PROJECT MANAGEMENT:
 MS PROJECT 2007/10/Oracle Primavera
NETWORKING:
 Google Cloud Virtual Private Cloud (VPC), Google Load Balancing, Google Cloud DNS, Amazon Virtual Private Cloud (VPC), Amazon Elastic
Load Balancing (ELB), Amazon Route 53, Azure Virtual Network (VNet), Azure Load Balancer, Azure DNS
OPERATING SYSTEM:
 Windows XX, Sun Solaris, Red Hat Linux.

LEADERSHIP CAREER HISTORY:

2021 - PRESENT- HEAD OF SCADA ICS/OT SECURITY SERVICES/CHIEF CONSULTANT,
TECHNAVIOUS TECHNOLOGIES SERVICES LTD. (QATAR/GCC & AFRICA)
 Designed and implemented a robust cybersecurity infrastructure aligned with approved standards like IEC 62443, reducing
OT/ICS vulnerabilities by 30%.
 Led the successful migration of legacy OT systems to a secure cloud environment adhering to NIST SP 800-53 guidelines,
enhancing scalability and efficiency.
 Implemented a risk management program based on CIS CSC frameworks, mitigating threats and ensuring business
continuity.
 Developed and delivered cybersecurity awareness training aligned with ITIL best practices, fostering a culture of security
awareness within the operational staff.
 Oversaw the procurement of new OT systems, prioritizing security considerations and ensuring adherence to established
protocols like ISA100 & Wireless HART.
 Reduced security vulnerabilities in OT/ICS environment by 35% through rigorous penetration testing and vulnerability
assessments aligned with IEC 62443 standards.
 Implemented network protection components (Firewalls, VPNs, NIDS) and conducted regular security audits following
CCNA R&S best practices.
 Proactively identified and neutralized emerging cyber threats targeting OT systems, utilizing knowledge of different attack
classes and stages.
 Maintained a spotless safety record while performing on-site task
 Spearheaded the design and implementation of robust OT security measures, resulting in a 30% reduction in cybersecurity
incidents.
 Provided hands-on support, achieving a 25% increase in the efficiency of troubleshooting complex OT infrastructure at
Company.
 Independently led operations and projects, resulting in a 20% improvement in daily activities' turnaround time.
 Demonstrated expertise in OT/IoT/IIoT environments, with a proven track record in optimizing SCADA/PLC/DCS systems.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

 Collaborated with cross-functional OT teams to design solutions for new infrastructure implementations, contributing to a
15% increase in overall system performance.
 Applied advanced principles, theories, and concepts, resulting in a 20% reduction in vulnerabilities and software issues.
 Applied expertise in IoT/IIoT devices and HES, contributing to a 25% enhancement in the Smart meter solutions.
 Conducted gap assessments of OT systems across different business units, ensuring a 95% compliance rate with ISO-27001
framework and security controls.
 Assisted internal teams in gaining and maintaining accreditation for relevant compliance frameworks, achieving a 90%
success rate.
 Deployed OT security controls, including AV, WSUS, backup restore, and secure remote access, resulting in a 30%
improvement in overall system security.
 Participated in FAT and SAT activities of new projects, ensuring a 100% success rate in implementing robust security
measures.
 Exhibited excellent communication skills – both written and verbal – contributing to a 20% improvement in effective
reporting within the cybersecurity OT specialist team.

2018 TO 2020– ENTERPRISE ARCHITECT- IT INFRASTRUCTURE/SECURITY / GRC, QATARGAS,
QATAR
 Developed and implemented a comprehensive cyber security strategy that resulted in improved security posture and
reduced risk for QATARGAS.
 Successfully led the establishment and enhancement of the organization's cyber security capability as part of a 5 years
program.
 Implemented effective security controls and vulnerability management measures, resulting in a significant decrease in the
number of successful cyber-attacks.
 Led incident response planning and preparation, ensuring the organization was well-equipped to handle and mitigate cyber
incidents effectively.
 Collaborated with cross-functional teams, including Application, Telecom/Network, and Infrastructure, to guide and support
their efforts in improving overall security.
 Built and maintained strong customer relationships with organizational stakeholders and third-party vendors, resulting in
enhanced compliance with security standards.
 Developed and delivered comprehensive cyber security training, education, and awareness programs that increased
employee awareness and adherence to security protocols.
 Successfully assessed IT/OT environments, identified vulnerabilities, and implemented controls that improved the
organization's ability to resist, detect, respond, and contain attacks.
 Prepared and presented high-quality reports and briefings on technical risks and issues to executive management, enabling
informed decision-making.
 Played a key role in ensuring compliance with Qatar laws and regulations related to information security, contributing to a
robust and legally compliant security program.
 Actively participated in industry certifications and maintained up-to-date knowledge of emerging technologies, trends, and
best practices in IT and OT security.
 Streamlined security processes and procedures, resulting in increased efficiency and effectiveness in threat and
vulnerability management.
 Received recognition for exceptional leadership and contribution to the organization's overall security posture.
 Successfully managed multiple inquiries and projects simultaneously, demonstrating strong multitasking and prioritization
skills.
 Received positive feedback from colleagues, stakeholders, and management for excellent communication, collaboration,
and problem-solving abilities.

2010 TO 2017- SR. CONSULTANT (ICS / PCD CYBER SECURITY &BCP) INDIAN
CONSULTANCY SERVICES LTD. (MIDDLE EAST& AFRICA)

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

 Designed and implemented a risk-based security architecture for a new biorefinery project, ensuring compliance with
industry regulations and minimizing operational risks.
 Led the evaluation and integration of advanced threat detection and response solutions, reducing average incident
response time by 20%.
 Conducted regular security assessments of IT/OT infrastructure, identifying and remediating vulnerabilities to improve
security posture.
 Developed and delivered security awareness training programs for personnel involved in Eni Sustainable Mobility's
operations.
 Supported the development of cross-cutting security requirements for new multi-energy and multi-service points of sale.
 Led detailed investigations of cyber security incidents targeting industrial control systems, identifying vulnerabilities and
implementing mitigating controls.
 Designed and implemented a secure SCADA network architecture for a new water treatment plant, ensuring compliance
with IEC 62351 and local regulations.
 Developed and trained personnel on secure engineering practices for SCADA systems, fostering a culture of cyber security
awareness.
 Monitored and analyzed SCADA network activity for suspicious behavior and anomalies, preventing potential cyberattacks.
 Improved operational efficiency by implementing data analysis tools to optimize wastewater treatment processes.
 Conducted thorough risk assessments of operational technology environments to identify cybersecurity threats,
vulnerabilities, and potential consequences to critical infrastructure and industrial processes.
 Monitored and analyzed OT-specific cyber threats, vulnerabilities, and attack techniques through various threat intelligence
sources and industry-specific information sharing platforms.
 Evaluated the security posture of OT assets, such as ICS devices and SCADA systems, to identify weaknesses and potential
entry points for cyber attackers.
 Developed and recommended risk mitigation strategies and countermeasures to address identified vulnerabilities and
potential cyber threats in OT systems.
 Ensured compliance with relevant cybersecurity standards and regulations specific to operational technology environments,
incorporating standards such as NIST SP 800-82 and IEC 62443.
 Collaborated with incident response teams to develop and test incident response plans tailored to OT environments,
ensuring effective response to cybersecurity incidents.
 Provided specialized cybersecurity training and awareness programs for OT personnel to enhance their understanding of
cybersecurity risks and best practices.
 Evaluated the security design of OT systems and participated in the review of new OT projects to incorporate security
controls from the outset.
 Assessed the cybersecurity posture of OT vendors and third-party partners, ensuring alignment with the organization's
security requirements.
 Developed and presented regular cybersecurity risk reports to management and relevant stakeholders, providing insights
into the organization's OT security posture and risk exposure.
 Defined, implemented, and monitored enterprise information security and risk management program.
 Owned, developed, and delivered a risk-based plan and roadmap for threat and vulnerability management services across
corporate infrastructures, following a defense-in-depth strategy.
 Developed strategy, goals, and objectives for a comprehensive cybersecurity training, education, and awareness program,
adapting to emerging technologies and risks.
 Assessed cyber security controls for IT/OT environments, evolved architectures to enhance defensibility, and improved
resilience against attacks.
2008-2010 –SR. SOLUTION ARCHITECT (MANAGED SECURITY & IDC) BHARTI AIRTEL
ENTERPRISE SERVICES LTD
 Planning, designing and implementation of secure, reliable, scalable and efficient IT infrastructure.
 Infrastructure and application architecture assessment, design and implementation for high availability, scalability,
performance and security.
 Network, Storage and Server consolidation feasibility study, application suitability assessment, planning and
implementation.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

 Building Partnership with Vendors & Industry Leaders to supply highest quality solutions.
 Providing the best-fit (built to suit) DC& DR solution that is aligned with the current and future needs of the Company at
affordable price.
 Data center capacity planning, architecture, implementation, Consolidation, optimization Virtualization and migration.
 Data center setup and Operational Capabilities Assessment.
 Costing all phases of projects and Preparing BOM/BOQ
 Conducting training for Presales and Sales team on DRP and other critical challenges of enterprise customers.

2006 TO 2008- SR. IT CONSULTANT (NETWORK/SECURITY/BCP) MOHSIN HAIDER

DARWISH LLC, SULTANATE OF OMAN.
 Partnered with ITC stakeholders to identify and mitigate security threats aligned with business needs.
 Evaluated OT cybersecurity requirements, coordinated solution designs, and communicated recommendations.
 Developed and delivered comprehensive threat and vulnerability management reporting capabilities.
 Conducted in-depth analysis of current threat activity and trends.
 Communicated security control findings accurately and professionally to internal stakeholders and senior management.
 Presented information security services in a high-quality professional manner, ensuring cybersecurity requirements and
budgets were in place for operational security.
 Prepared and maintained Cyber Incident Response plans, playbooks, and documentation.
 Reviewed and analyzed the effectiveness of security control implementation.
 Documented policies, processes, and procedures related to the threat and vulnerability management program.
 Key Achievements:
 Successfully established and implemented the Information Security strategy and program, ensuring compliance with QATAR
laws and regulations.
 Led the development of a comprehensive cybersecurity training, education, and awareness program, significantly improving
the organization's security maturity.
 Enhanced defensibility of IT/OT environments by evolving architectures and implementing effective security controls.
 Developed and delivered threat and vulnerability management reporting capabilities, enabling informed decision-making
and proactive risk mitigation.
 Defined global information risk solutions and security, created information security management systems.
 Managed consultant teams and engineering security.
 Led Security Architect for Compliance projects and Major IT Governance Risk.
 Organization of programs for ISO 27001, IEC- 62433, NIST.
 Consulting in the areas of out sourcing (Managed/Shared Services, Managed security and BCP/DRP).
 Leading the customer engagement for Data center capacity planning, architecture, implementation, optimization,
virtualization, migration and Consolidation.
 Network, Storage and Server consolidation feasibility study, application suitability assessment, planning and
implementation.
 Infrastructure and application architecture assessment, design and implementation for high availability, scalability,
performance and security.

2000-2006 IT EXECUTIVE, SKJ GROUP, BRUNEI DARUSSALAM

 Business continuity Planning& deployment.
 Trained and mentored employees in many job descriptions regarding security and system basics, best practices, etc.
 Managed and organized backup infrastructure.
 Designed and implement network monitoring system.
 network management (routers, switches, firewalls).
 Managed network security operations team.
 Prepared information security evaluation for new projects.
 Project improvement documentation, delivered process documentation.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

 Information Security Operations liaison for IT initiativesSystems Architect for security project.

1996-2000 SYSTEM & NETWORK ENGINEER, NET-TECH SOLUTIONS.

 Troubleshooting Hardware/Software& networking Issues.
 Installing, configuring, testing, upgrading and administering Servers.
 Build Servers and Workstations including complete machines from empty boxes
 Used experience in company to focus on securing information and systems.
 Documented exiting and in-development policies, procedures, and systems.

EDUCATION & TRAINING

 Master of Science – Information Technology.
 MBA Level Studies in Risk Management from University of Oxford.
 MBA Level Studies in Strategic Management from IIMB.
 Bachelor of Science – Information Technology.
 Higher National Diploma in Computer Programming.
CERTIFICATION& TRAINING
 Advanced Training on Global Industrial Cyber Security Professional (GICSP)
 Control System Cyber Security Training Course
 Certified Information System Auditor (CISA)
 Certified Information System Security Manager (CISM)
 Certified Ethical Hacker (CEH)v8
 Certified Computer Hacking Forensic Investigator (CHFI)v8
 Microsoft Certified System Engineer (MCSE 2000)
 Cisco Certified Network Professional (CCNP)
 TOGAF 9.2 certified Enterprise Architect
 Information Technology Infrastructure Library (ITIL) v3.
 ISO9000:2000 Certified Internal Auditor.
 Advanced Training on Strategy & Performance Management (Balanced Scorecard)
 Advanced Training in Business Continuity& High Availability Management.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.