IMTEYAZ AHMAD

IMTEYAZ AHMAD
Plot 105, Sangam nagar, ring road, Nagpur. MH , India-440013
Cell/whats app +91 8600038911 Email:imteyazahmad05@gmail.com Skype: imteyazbabu
Passport Validity: 2029;
PROFILE SUMMARY:

A cybersecurity stalwart with 23 years of safeguarding the lifeblood of nations. From securing Aramco's vast
energy reserves to ensuring the uninterrupted flow of vital resources at QatarGas, my battle-tested expertise
in OT, ICS, and SCADA security stands tall against the ever-evolving landscape of cyber threats. Armed with the
most potent arsenal of certifications (CISA, CISM, CEH, CHFI), I am the shield and sword, the vigilant sentinel
guarding some of the world's largest national critical infrastructure like Kahramaa (Qatar Water & Electricity),
Marafiq (Saudi Water& electricity), and countless others.

Unleashing the Power of Experience:

 23 years of unwavering dedication to OT security governance and management, spearheading projects

for industry titans like Aramco, Qatargas, and Qatar Water & Electricity.
 Standards Bearer: A recognized champion of ISA/IEC 62443, NIST, and other critical security
frameworks, ensuring compliance and best-in-class practices.
 Impregnable Defense: Architected and implemented robust security architectures for critical
infrastructure, thwarting countless cyberattacks before they could materialize.
 Vulnerability Hunter: Conducted meticulous vulnerability assessments and penetration
testing, unearthing and neutralizing hidden security flaws.
 Incident Response Maestro: Commanded incident response efforts with unwavering
composure, minimizing downtime and safeguarding operations in the face of cyber threats.
 Compliance Czar: Navigated the complex terrain of compliance frameworks like IEC 62443 and NIST
Cybersecurity Framework, ensuring adherence and minimizing risk.
 Technology Titan: Harnessing the power of cutting-edge security solutions, including
firewalls, IDS/IPS, and endpoint security, to create an impenetrable security shield.
 Communication Champion: Forged strong relationships with diverse stakeholders, fostering a culture
of security awareness and collaboration.
 Leadership Dynamo: Spearheaded teams of cyber warriors, guiding them in their quest to secure
critical infrastructure and elevate cybersecurity postures.

SACADA/ICS/OT SECURITY TOOLS& TECHNOLOGY:

 Nozomi NSG-M 750/NSG-M 1000,Tenable Nessus, Tofino Xenon, QualysGuard, ArcSight, NetWitness, Encase, FTK, Cenzic
Hailstorm, HP Fortify, IBM AppscaneEye, McAfee ePO, McAfee HIPS (Entercept), , McAfee IntruShield , McAfee Network
Security Manager system ,SNORT, Cisco ASA, Cisco Security Manager, MS TMG Forefront/ ISA Server, Checkpoint NG,
Fortinet fortigate, Sonicwall, Juniper Netscreen,Backtrack, Ecora Enterprise, Retina,, nMap, ISS Scanner, AppDetective,

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy, Dsniff etc. Cisco
 FOX-IT/ Lightware Data Diode, Palo Alto PA-500/2020/3060, Fortigate, FortiAnalyzer, FortiWiFi, FortiAP, FortiDB, and
FortiManager, Fortimail, FortiCleint, FortiMobile,FOrti SandBox; ISP Load balancing & Bandwidth Aggregation on Fortigate,
Failover on Fortigate Firewall ( Active/Standby & Active/Active), Cisco PIX /ASA Firewall & Cisco VPN Concentrator , Cisco
MARS 50 , Cisco Device Security, IPSec, VPNs, AAA Model (RADIUS and TACACS), NAT and Access Lists, IOS Firewall, DMZ
setups, CBAC, DoS and common threats prevention , Failover on ASA Firewall ( Active/Standby & Active/Active), Cisco
Secure ACS Server, Cisco ezvpn, Site to Site VPN, Remote Access VPN, Symantec Mail Security 8360 hardware appliance,
QRADAR/ArcSight, NetWitness, Encase, FTK, Nessus, eEye, McAfee ePO, McAfee HIPS (Entercept), McAfee IntruShield ,
McAfee Network Security Manager system ,SNORT, Cisco ASA, Cisco Security Manager, MS TMG Forefront/ ISA Server,
Checkpoint NG, Fortinet fortigate, Sonicwall, Juniper Netscreen, Backtrack, Ecora Enterprise, Retina, nMap, ISS Scanner,
AppDetective, LANalyzer, SAINT, kismet, GFI LanGuard, Paros Proxy, Dsniff etc.

CLOUD SECURITY:
 Google Cloud Identity and Access Management (IAM), Google Cloud Security Command Center (Cloud SCC), Google Cloud
Armor, AWS Identity and Access Management (IAM), AWS CloudTrail, AWS Shield Azure Active Directory (Azure AD),
Azure Security Center, Azure DDoS Protection.
IDM/IAM/PAM
 Centrify, CA identity suite, Saviynt, RadiantLogic
VDS,SiteMinder,Cyberark,Sailpoint,Okta,Ping,Forgerock,MIM, Azure AD,
HIGH AVAILABILITY TOOLS:
 Cisco, Barracuda, Citrix, Radware, F5, Veritas, VCS, Sun Cluster, MS Cluster.
DRP/BCP/BACKUP TOOLS:
 PlateSpin Forge, Symantec VERITAS Net backup/Backup Executive, Acronis, Doubletake, VMWare.
NETWORK MONITORING & MANAGEMENT:
 HP OpenView, Cisco works, Cisco QPM, CISCO NAM, Dell OpenManage, Solarwinds, OP Manager, GFI LAN
Guard, NETPRO Change Auditor
ANTIVIRUS:
 Macafee, Windows Defender ATP, Sophos, Symantec Norton Anti Virus, Trend Micro, AVG, Avast, Panda
Software etc.
ROUTERS & SWITCHES:
 CISCO ROUTER 1800, 2600, 2800, 7200, 7600 ETC.
 CISCO CATALYST CE500, 2900, 3500, 3700, 4500, 6500 ETC
SERVERS & STORAGE SOLUTIONS:
 Dell , HP, IBM, Super Micro, SUN, Netapps
PROJECT MANAGEMENT:
 MS PROJECT 2007/10/Oracle Primavera
NETWORKING:
 Google Cloud Virtual Private Cloud (VPC), Google Load Balancing, Google Cloud DNS, Amazon Virtual Private Cloud (VPC), Amazon Elastic
Load Balancing (ELB), Amazon Route 53, Azure Virtual Network (VNet), Azure Load Balancer, Azure DNS
OPERATING SYSTEM:
 Windows XX, Sun Solaris, Red Hat Linux.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

LEADERSHIP CAREER HISTORY:

2021 - APRIL 2024- SCADA ICS/OT SECURITY CONSULTANT, TECHNAVIOUS TECHNOLOGIES
SERVICES LTD. (QATAR/GCC & AFRICA)
 Spearheaded the design and implementation of robust OT security measures, resulting in a 30% reduction in cybersecurity
incidents.
 Provided hands-on support, achieving a 25% increase in the efficiency of troubleshooting complex OT infrastructure at
Company.
 Independently led operations and projects, resulting in a 20% improvement in daily activities' turnaround time.
 Demonstrated expertise in OT/IoT/IIoT environments, with a proven track record in optimizing SCADA/PLC/DCS systems.
 Collaborated with cross-functional OT teams to design solutions for new infrastructure implementations, contributing to a
15% increase in overall system performance.
 Applied advanced principles, theories, and concepts, resulting in a 20% reduction in vulnerabilities and software issues.
 Applied expertise in IoT/IIoT devices and HES, contributing to a 25% enhancement in the Smart meter solutions.
 Conducted gap assessments of OT systems across different business units, ensuring a 95% compliance rate with ISO-27001
framework and security controls.
 Assisted internal teams in gaining and maintaining accreditation for relevant compliance frameworks, achieving a 90%
success rate.
 Deployed OT security controls, including AV, WSUS, backup restore, and secure remote access, resulting in a 30%
improvement in overall system security.
 Participated in FAT and SAT activities of new projects, ensuring a 100% success rate in implementing robust security
measures.
 Exhibited excellent communication skills – both written and verbal – contributing to a 20% improvement in effective
reporting within the cybersecurity OT specialist team.

2018 TO 2020– ENTERPRISE ARCHITECT- IT INFRASTRUCTURE/SECURITY / GRC, QATARGAS,
QATAR
 Developed and implemented a comprehensive cyber security strategy that resulted in improved security posture and
reduced risk for QATARGAS.
 Successfully led the establishment and enhancement of the organization's cyber security capability as part of a 5 years
program.
 Implemented effective security controls and vulnerability management measures, resulting in a significant decrease in the
number of successful cyber-attacks.
 Led incident response planning and preparation, ensuring the organization was well-equipped to handle and mitigate cyber
incidents effectively.
 Collaborated with cross-functional teams, including Application, Telecom/Network, and Infrastructure, to guide and support
their efforts in improving overall security.
 Built and maintained strong customer relationships with organizational stakeholders and third-party vendors, resulting in
enhanced compliance with security standards.
 Developed and delivered comprehensive cyber security training, education, and awareness programs that increased
employee awareness and adherence to security protocols.
 Successfully assessed IT/OT environments, identified vulnerabilities, and implemented controls that improved the
organization's ability to resist, detect, respond, and contain attacks.
 Prepared and presented high-quality reports and briefings on technical risks and issues to executive management, enabling
informed decision-making.
 Played a key role in ensuring compliance with Qatar laws and regulations related to information security, contributing to a
robust and legally compliant security program.
 Actively participated in industry certifications and maintained up-to-date knowledge of emerging technologies, trends, and
best practices in IT and OT security.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

 Streamlined security processes and procedures, resulting in increased efficiency and effectiveness in threat and
vulnerability management.
 Received recognition for exceptional leadership and contribution to the organization's overall security posture.
 Successfully managed multiple inquiries and projects simultaneously, demonstrating strong multitasking and prioritization
skills.
 Received positive feedback from colleagues, stakeholders, and management for excellent communication, collaboration,
and problem-solving abilities.

2010 TO 2017- SR. CONSULTANT (ICS / PCD CYBER SECURITY &BCP) INDIAN
CONSULTANCY SERVICES LTD. (MIDDLE EAST& AFRICA)
 Designed and implemented a risk-based security architecture for a new biorefinery project, ensuring compliance with
industry regulations and minimizing operational risks.
 Led the evaluation and integration of advanced threat detection and response solutions, reducing average incident
response time by 20%.
 Conducted regular security assessments of IT/OT infrastructure, identifying and remediating vulnerabilities to improve
security posture.
 Developed and delivered security awareness training programs for personnel involved in Eni Sustainable Mobility's
operations.
 Supported the development of cross-cutting security requirements for new multi-energy and multi-service points of sale.
 Led detailed investigations of cyber security incidents targeting industrial control systems, identifying vulnerabilities and
implementing mitigating controls.
 Designed and implemented a secure SCADA network architecture for a new water treatment plant, ensuring compliance
with IEC 62351 and local regulations.
 Developed and trained personnel on secure engineering practices for SCADA systems, fostering a culture of cyber security
awareness.
 Monitored and analyzed SCADA network activity for suspicious behavior and anomalies, preventing potential cyberattacks.
 Improved operational efficiency by implementing data analysis tools to optimize wastewater treatment processes.
 Conducted thorough risk assessments of operational technology environments to identify cybersecurity threats,
vulnerabilities, and potential consequences to critical infrastructure and industrial processes.
 Monitored and analyzed OT-specific cyber threats, vulnerabilities, and attack techniques through various threat intelligence
sources and industry-specific information sharing platforms.
 Evaluated the security posture of OT assets, such as ICS devices and SCADA systems, to identify weaknesses and potential
entry points for cyber attackers.
 Developed and recommended risk mitigation strategies and countermeasures to address identified vulnerabilities and
potential cyber threats in OT systems.
 Ensured compliance with relevant cybersecurity standards and regulations specific to operational technology environments,
incorporating standards such as NIST SP 800-82 and IEC 62443.
 Collaborated with incident response teams to develop and test incident response plans tailored to OT environments,
ensuring effective response to cybersecurity incidents.
 Provided specialized cybersecurity training and awareness programs for OT personnel to enhance their understanding of
cybersecurity risks and best practices.
 Evaluated the security design of OT systems and participated in the review of new OT projects to incorporate security
controls from the outset.
 Assessed the cybersecurity posture of OT vendors and third-party partners, ensuring alignment with the organization's
security requirements.
 Developed and presented regular cybersecurity risk reports to management and relevant stakeholders, providing insights
into the organization's OT security posture and risk exposure.
 Defined, implemented, and monitored enterprise information security and risk management program.
 Owned, developed, and delivered a risk-based plan and roadmap for threat and vulnerability management services across
corporate infrastructures, following a defense-in-depth strategy.
 Developed strategy, goals, and objectives for a comprehensive cybersecurity training, education, and awareness program,

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

adapting to emerging technologies and risks.

 Assessed cyber security controls for IT/OT environments, evolved architectures to enhance defensibility, and improved
resilience against attacks.
2008-2010 –SR. SOLUTION ARCHITECT (MANAGED SECURITY & IDC) BHARTI AIRTEL
ENTERPRISE SERVICES LTD
 Planning, designing and implementation of secure, reliable, scalable and efficient IT infrastructure.
 Infrastructure and application architecture assessment, design and implementation for high availability, scalability,
performance and security.
 Network, Storage and Server consolidation feasibility study, application suitability assessment, planning and
implementation.
 Building Partnership with Vendors & Industry Leaders to supply highest quality solutions.
 Providing the best-fit (built to suit) DC& DR solution that is aligned with the current and future needs of the Company at
affordable price.
 Data center capacity planning, architecture, implementation, Consolidation, optimization Virtualization and migration.
 Data center setup and Operational Capabilities Assessment.
 Costing all phases of projects and Preparing BOM/BOQ
 Conducting training for Presales and Sales team on DRP and other critical challenges of enterprise customers.

2006 TO 2008- SR. IT CONSULTANT (NETWORK/SECURITY/BCP) MOHSIN HAIDER

DARWISH LLC, SULTANATE OF OMAN.
 Partnered with ITC stakeholders to identify and mitigate security threats aligned with business needs.
 Evaluated OT cybersecurity requirements, coordinated solution designs, and communicated recommendations.
 Developed and delivered comprehensive threat and vulnerability management reporting capabilities.
 Conducted in-depth analysis of current threat activity and trends.
 Communicated security control findings accurately and professionally to internal stakeholders and senior management.
 Presented information security services in a high-quality professional manner, ensuring cybersecurity requirements and
budgets were in place for operational security.
 Prepared and maintained Cyber Incident Response plans, playbooks, and documentation.
 Reviewed and analyzed the effectiveness of security control implementation.
 Documented policies, processes, and procedures related to the threat and vulnerability management program.
 Key Achievements:
 Successfully established and implemented the Information Security strategy and program, ensuring compliance with QATAR
laws and regulations.
 Led the development of a comprehensive cybersecurity training, education, and awareness program, significantly improving
the organization's security maturity.
 Enhanced defensibility of IT/OT environments by evolving architectures and implementing effective security controls.
 Developed and delivered threat and vulnerability management reporting capabilities, enabling informed decision-making
and proactive risk mitigation.
 Defined global information risk solutions and security, created information security management systems.
 Managed consultant teams and engineering security.
 Led Security Architect for Compliance projects and Major IT Governance Risk.
 Organization of programs for ISO 27001, IEC- 62433, NIST.
 Consulting in the areas of out sourcing (Managed/Shared Services, Managed security and BCP/DRP).
 Leading the customer engagement for Data center capacity planning, architecture, implementation, optimization,
virtualization, migration and Consolidation.
 Network, Storage and Server consolidation feasibility study, application suitability assessment, planning and
implementation.
 Infrastructure and application architecture assessment, design and implementation for high availability, scalability,
performance and security.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.
 IMTEYAZ AHMAD

2000-2006 IT EXECUTIVE, SKJ GROUP, BRUNEI DARUSSALAM

 Business continuity Planning& deployment.
 Trained and mentored employees in many job descriptions regarding security and system basics, best practices, etc.
 Managed and organized backup infrastructure.
 Designed and implement network monitoring system.
 network management (routers, switches, firewalls).
 Managed network security operations team.
 Prepared information security evaluation for new projects.
 Project improvement documentation, delivered process documentation.
 Information Security Operations liaison for IT initiativesSystems Architect for security project.

1996-2000 SYSTEM & NETWORK ENGINEER, NET-TECH SOLUTIONS.

 Troubleshooting Hardware/Software& networking Issues.
 Installing, configuring, testing, upgrading and administering Servers.
 Build Servers and Workstations including complete machines from empty boxes
 Used experience in company to focus on securing information and systems.
 Documented exiting and in-development policies, procedures, and systems.

EDUCATION & TRAINING

 Master of Science – Information Technology.
 Bachelor of Science – Information Technology.
 Higher National Diploma in Computer Programming.
CERTIFICATION& TRAINING
 Advanced Training on Global Industrial Cyber Security Professional (GICSP)
 Control System Cyber Security Training Course
 Certified Information System Auditor (CISA)
 Certified Information System Security Manager (CISM)
 Certified Ethical Hacker (CEH)v8
 Certified Computer Hacking Forensic Investigator (CHFI)v8
 Microsoft Certified System Engineer (MCSE 2000)
 Cisco Certified Network Professional (CCNP)
 TOGAF 9.2 certified Enterprise Architect
 Information Technology Infrastructure Library (ITIL) v3.
 ISO9000:2000 Certified Internal Auditor.
 Advanced Training on Strategy & Performance Management (Balanced Scorecard)
 Advanced Training in Business Continuity& High Availability Management.

Travelled to Africa (Sudan), Middle East (Saudi Arabia, Qatar, Bahrain, Oman, UAE) Singapore, Malaysia, Brunei Darussalam, Mongolia, China, Nepal etc.