Hi Everyone. I am looking for an Information Security Position. I am open for relocation. And if My Resume impresses one of you. Then Please do let me know, I would be very happy to give you more details and references on request. FAISAL IFTIKHAR KHAN Email: faisalkhat_private <mailto:faisalkhat_private> Mobile: +971-50-6319767 Res: +971-6-5686936 CAREER PROFILE Having 8 years extensive experience in the field of IT especially in the Security & Networks arena. Looking for an opportunity in the Security or Networking Positions. Excellent Leadership & Presentation skills being a collaborative team player with ability to coordinate and communicate with others. SECURITY CREDENTIALS - Certified Information Systems Security Professional (CISSP) from London, United Kingdom. - Cisco Security Specialist (CSS) - Cisco Network Security Specialist - Cisco Pix Firewall Expert - Cisco Secure Intrusion Detection System Expert - Cisco Virtual Private Network Expert NETWORKING CREDENTIALS - Cisco Certified Networking Professional (CCNP) - Cisco Certified Designing Professional (CCDP) - Cisco Certified Network Associate (CCNA) - Trained by NCR Corporation. SYSTEMS CREDENTIALS - Microsoft Certified Systems Engineer Win2k & NT 4.0 (MCSE Win2k & NT 4.0) - Microsoft Certified Database Administrator (MCDBA). - Microsoft Certified Systems Engineer + Internet (MCSE + I). - Microsoft Certified Professional with Internet (MCP + I). - Microsoft Certified Professional (MCP). ACADEMIC QUALIFICATION - Holding Master of Business Administration from International University of Missouri with specialization in Management Information Systems. - Holding a Advanced Diploma in Software Engineering (3 yrs) from Aptech Computer Training Institute in affiliation with University of British Columbia, Canada. - Holding a Higher Diploma in Software Engineering (2 yrs) from Aptech Computer Training Institute in affiliation with University of British Columbia, Canada. - Passed G.C.E. A'Level & O'Level from University of London. SHORT TERM CERTIFICATION OBJECTIVES BY YEAR END 2002 - Complete Cisco Certified Internetworking Expert (CCIE) Certification in (1) Security and (2) Routing & Switching - Complete Project Management Professional (PMP(r)) Program EXPERIENCE Oct 2001 - till date Aspidex Technologies Operations Security Manager Based at the Dubai Internet City (DIC) - Aspidex Technologies, a Rasmala Company, is a specialized eBanking Application Service Provider (ASP), enabling banks and financial institutions in the wider Middle East region (North Africa, Middle East, East Mediterranean, South Asia) to meet the increasing demand of their customers for online banking services. As Operation Security Manager I am responsible for the management of all the operations requirements for providing end to end superior security services and advice to the customers of Aspidex i.e. Banks & also responsible for Security matters for all the companies under Rasmala eg: iHilal, Start Consult, Cupola, Start Consult, Aramex etc. The scope of my responsibilities was: - Responsible for the overall security assurance for Aspidex and its customers in the banking and financial services industry, and for providing optimum assurance for the Data Centers of Aspidex in Frankfurt & Dubai. - e-Enabling banks in the Region for online banking and financial sites for e-brokerage. - The Scope for the above included setting up Access Control Systems & Methodologies, Telecommunication & Network Security, Security Management & Best Practices, Cryptographic techniques, designing & recommending Security Architecture & Models, Business Continuity Planning & Implementation, Disaster Recovery Planning, Physical Security, Auditing & Incident Management and procedures for continuous vulnerability & threat assessments, Risk Management Support. - Designed a complete Hosting solution for the Middle East Market, and also enabling cost reduction measures to cut down millions of Dollars of Cost incurred annually. - Supervise a Technical Team and liaise with the team to provide 24x7 technical production support of security & operations. Interview and hire additional permanent and contingency staff as needed to support current support demands. - Integrating Computer Security Best Practices for the organization, Conducting Auditing & Security Assessments. Developing all Computer Related Security Materials for multi-layered platforms. - Currently in a process of Security certification of ISO 17799 for the Aspidex & iHilal.com. - Manage and direct the provision of network- and host-based security policy compliance oversight, monitoring, reporting and enforcement for multiple ATM & Frame Relay links connecting several sites. - Plan and direct testing, implementation and ongoing maintenance for the continuous for the e-finance site of iHilal..com - Meet and negotiate with current and future security product vendors and suppliers, write and issue "white papers" and business RFQs regarding enterprise security assessments, intrusion detection, vulnerability reviews, analysis of rolling "current" enterprise security state to external corporate "best practices", providing internal and external trending analyses for general staff and senior management - Analyze security-related problems, make a valid business case for senior management and, when authorized, direct timely implementation and application of innovative, cutting-edge technology-based solutions for complex customer- and business-driven requirements. Aug 2000 - Oct2001 ASPGulf.com Systems Manager - June 2001 till Oct-2001 Senior Security Engineer - Aug 2000 till June 2001 Based at the Dubai Internet City (DIC) and partnered with leading technology vendors, ASPGulf is pioneering the application service provisioning business in the Middle East. Being a Systems Manager/Senior Security Engineer I have the prime responsibility for designing and establishing the application hosting environment that will deliver world class SLA terms of availability, performance and security. My role includes: - Sole Responsibility for Systems and Network Security for ASPGulf and its customers being hosted at Dubai Internet City. - Responsible for implementing and generating Security Polices and Procedures for Systems & Network Security. - Scope of Network Security - Worked directly with Cisco Middle East to develop the design as per the complex requirements of ASPGulf.com being an Application Hosting Provider, Managed Services Provider etc. - Implemented the top of the range Cisco Pix 525 firewalls - Front end and Back end firewalls fully redundant in fail safe mode. - Configured the firewalls with inbuilt Intrusion Detection capabilities of the Pix. - Configured VPN (Virtual Private Network) connectivity in PIX Firewall for across the internet access to the ASPGulf premises at Dubai Internet City. VPN tunneling provided using 3Des Encryption. Users allowed to access the services of ASPGulf and it's various customers through ATM, Frame Relay, Internet & Dial ups. - Implemented the Cisco Intrusion Detection Systems for security auditing and providing real time monitoring and alerts. - Implemented VLAN scenarios as per the complex segregation of different customers using the services of ASPGulf. - In process of doing external audits, vulnerability assessment and extreme penetration testing to test the security of ASPGulf setup along with Cisco and 3rd party auditors. - Implemented Cisco's Tacacs+ AAA Server for Authentication, Authorization & Accounting purposes. - Scope of Systems Security - Worked directly with Microsoft Middle East to develop a secured hosting environment for the ASPGulf as a Application Hosting Provider, Managed Services Provider etc. - Designed the core Windows 2000 Active Directory Infrastructure for hosting various customers. - Hardened the Windows 2000 Operating System through special system policies and procedures to provide a fool proof environment to the best as per Microsoft recommendations. - Secured the IIS environment for providing web access services to our clients. - Modifying and Optimizing SQL 2000 to support secured virtual instances for different Customer Databases. - Established secured and encrypted Citrix sessions for client connectivity. - Secured Exchange 2000 Server for provisioning of E-mail services for the clients. - Daily Auditing of violation of System Security Policies - Designing and Implementing Disaster Recovery and Backup Procedures. - Became the heart and the key personnel for the Operations Dept in the moment of crisis as took the responsibility to handle other key positions solely along with the job responsibilities of a Security Engineer as a Systems Engineer, Exchange Engineer, Network Engineer. Achievements in the above mentioned responsibilities emphasized below: - Systems Engineer - Designed and Developed the full ASP Systems Infrastructure standardizing on Windows 2000 Advanced Server, Exchange 2000 Server and SQL 2000 Server. - Designed & maintaining the Active Directory Model which provides logon authentication and services for clients to use the services of ASPGulf. - Managing 20+ Dell Power Edge High End servers and a Power Vault Fiber San supporting upto 7.2 terabytes of Storage. - Managing 10+ Compaq DL360 servers with scsi attached storage unit. - Setup and implemented the San Solution with Fiber Switches and HBA Devices. - Implemented a Fully redundant environment for high availability and fail safe environment in terms of Clustering File services, Exchange 2000 & SQL 2000 Services in Active/Active Cluster mode. - Implemented Load Balancing on IIS Servers & Citrix Server Farm to cater High performance requirements of Customers for web sessions. - Implemented a true fully functional Terminal Services Environment, allowing upto 300+ users to connect and utilize the services of ASPGulf. - Exchange Engineer - Designed and Developed the Architecture of Exchange 2000 with Microsoft Middle East for providing E-mail Hosting solutions to multiple customers. - Implemented and Setup the Exchange 2000 Environment in an ASP Model. - Setup Exchange 2000 in an Active Active Clustered mode environment. - Provided Connectivity to Customers Using Outlook 2000, Outlook Express and Outlook Web Access. - Provided Access to mailboxes using MAPI, IMAP & Pop3. - Responsible for migrating 14 + sites Exchange Servers fully functional to ASP Model. - Network Engineer - Designed and Developed the Network Architecture with Cisco Middle East for it's customers and ASP Gulf's Data Center Setup. - Handled the connectivity & network recommendations for using ASP Gulf's Services. - Provisioned and set up the link between client's network and ASPGulf Data Center through means of Internet, Frame Relay, Leased Line and Dial ups. - Responsible for migrating 14+ sites connectivity to ASPGulf in an effort to reduce the Communication costs for the client. - Responsible for setting up and configuration of Cisco Routers & Switches across LAN & WAN links. - Other Responsibilities Handled - Build and lead a highly professional team of systems and applications engineers. - Establishing and managing direct technology partnerships with key technology vendors like Microsoft, Dell, Cisco, Computer Associates and others. - Responsible to overlook Middleware Management Software Installation by Computer Associates i.e. Unicentre TNG, Arcserve etc. covering Server Performance Management, SQL/Exchange Management, SLA Management, Reporting and Diagnostic tools, Backup etc. - Evaluation, design and implementation of the various data center components: o Enterprise class server farms/clusters conforming to distributed 3-tier architecture standards o Fiber Channel Storage Area Network o Gigabit Ethernet network and connectivity solution enabling customer connections through Internet, dialup and dedicated links like Frame Relay, Leased circuits and ATM May 1999 - Aug 2000 Gemer International (securAX Division) Network Engineer- Team Leader - Representing One of the World's biggest IT Security Company providing solutions to International Navy, Atomic Energy Commission, Deutsche Telecommunication and with over 12 million users Worldwide and much more. - Have got full in depth training in the security arena, dealing with security issues, loopholes, network breaches. - Conducting Seminars and Workshops to Educate & Train the people in the filed of Security. - Doing Technical Presentations to the Valued Customers. - Going on site to handle Technical Issues & Problems. - Installing & configuring Security Solutions in Organizations, Multinationals. - Working in Heterogeneous Environments like Novell, NT, Unix etc. - Providing Support to Users & Clients with basically from over more than 500+ users i.e. Large Corporate. - Personally looked after for one of the Army's installation for Norman's Products. - Designed, Created, Implemented & Administering the Gemer International's LAN & WAN. - Implemented Firewall & Exchange Server to Host E-mails, Provided RAS Connectivity between different locations & Sister Concerns. - Played a role in Implementation of SAP in the Organization across Terminal Services. Jan 1998 - April 1999 American Life Insurance Company Reporting for A&H Division (Gulf & Middle East ) - Analyzing & Studying the Production Reports with the Senior Executives. - Preparing Weekly, Monthly, Quarterly & Yearly Reports for the Regional Vice President & Senior Executives. - Making Loss Ratio Reports, Production & Progress Reports. - Preparing Liquid Bonus Reports for the Agent's. - Developing & Preparing Customized Software's for the dept. Jan 1997 - Dec 1997 Mashreq Bank Junior Computer Programmer/Operator - Worked as a data Entry Operator Initially. - Performed Technical Trouble Shooting of Database Management. - Headed the Customer Satisfaction Survey Program in the Research Dept. - Worked in the RBG in the Administration & Operations Dept, Loans Section. Handling Computer Operations, Maintaining Databases, Categorizing, Tracking & Lodgment of Loans Cases, Booking the Loans, Preparing Vouchers, Doing MIS, Post & Amend Transactions & Trouble Shooting Software & Hardware Problems. - Creating Custom Designed Software Applications for the Dept. 1992 - December 1996 4 Years Experience in Sales & Maintenace of Computers & Peripheral Devices: - Sales of Computers & Peripherals Devices. - Installation, Servicing, Maintenance & Upgradation of Computers. - Providing Help Desk & Online Trouble Shooting of H/W & S/W Problems. - After Sales Support to Customers.
This archive was generated by hypermail 2b30 : Thu May 23 2002 - 21:37:49 PDT