Abdus Samad ., Senior Managing Consultant

Abdus Samad .

Senior Managing Consultant

Abacus Consulting

Location
Pakistan - Islamabad
Education
Master's degree, Programming / Networks
Experience
18 years, 8 Months

Share My Profile

Block User


Work Experience

Total years of experience :18 years, 8 Months

Senior Managing Consultant at Abacus Consulting
  • Pakistan - Islamabad
  • My current job since March 2021

Responsible for IT-Cloud Architecture, Information Security, Datacenter and Networks.
Analysis, SRS, Audit, ISMS, Compliance and Governess.
Major accomplishments :
 Responsible of leading IT-Cloud and Information Security Team for multiple projects.
 Develop, implement and monitor a strategic, comprehensive enterprise information
security and IT risk management program to ensure that the integrity, confidentiality
and availability of information is owned, controlled or processed by the organization.
 Secure IT- Cloud architecture, Secure Application design, Application Security, Cyber
Security tools implementations, SecOps and GRC.
 Preparation of SRS for Enterprise Software concerning Infrastructure / architecture and
Information Security.
 Cloud Migration, Atlassian Project Management, SecOps, O365, Azure, AWS, Huawei
Cloud Administration.
 ISMS implementation, Policies and Procedures. Trainings, Monitoring.
 Manage security incidents and events to protect corporate IT assets, including
intellectual property, regulated data and the company's reputation. Monitor the
external threat environment for emerging threats, and advise relevant stakeholders on
the appropriate courses of action.
 Managing / supervision of day-to-day activities of threat and vulnerability management,
identify risk tolerances, recommend treatment plans and communicate information
about residual risk. Ensuring audit trails, system logs and other monitoring data sources
are reviewed periodically and comply with policies and audit requirements.
 The technology stack includes but not limited to Enterprise Endpoint Protection
Manager, ELK Stack Cluster - SIEM, EDR, DLP Solution, Secure designing of Datacenter,
Enterprise Firewalls, WAF, Load Balancer, Docker/micro services, Penetration /
Vulnerability Assessment, Windows Active Directory, Ubuntu, RHEL, GPO,
Cryptography, Digital Certificates, Secure VPN, ISMS, ISO 27001, 27005, NIST CSF, Cyber
Kill Chain, MITRE, GDPR, SANS, GRC, CICD, JIRA Scrum, Disaster Recovery and Business
Continuity .

IT and Security Manager at Ai Xprt
  • Pakistan - Islamabad
  • March 2019 to March 2021

Responsible for Information Security, IT - Cloud, Datacenter and Networks. Analysis
and proposing solutions.
Major accomplishments :
Designing and Building Datacenter / Network Network Administration and Monitoring. Devising
Organization wide Policies and Procedures in accordance with ISMS. ISMS preparation /
implementation leading to certification.
O365 / Azure administration, designing Application architecture in AWS, Symantec Endpoint
Protection Manager, Symantec EDR Administration, IR. Carbon Black EDR administration, IR,
Threat Hunting. SIEM Implementation - Splunk Integration, DLP Endpoint Protector preparation /
implementation, Windows Server 2019 Domain Environment, GPOs designing, SAN / NAS
implementation, SAN / NAS Administration, Implementation of baselines and normal network
behaviour, PCI DSS Assessment, (ISO 27001, ISO 27005, NIST CSF), Cyber Kill Chain, MITRE,
Network / Application Pen Testing, Vulnerability Assessment and Management, SOC / NOC
Management/ Cloud Administration and Security, BCP / BIA Implementation (Disaster Recovery
Planning and testing), SANS Incident Management, Risk Management, GRC - Preparation,
Implementation and Monitoring, Penetration Testing / Vulnerability Assessment of the Network
quarterly. Application Security Architect, Pen Testing and Vulnerability Assessment, WAF

ITC Lead & InfoSec Consultant at Zebec Pvt Ltd
  • Pakistan - Rawalpindi
  • January 2016 to February 2019

Responsible for the maintenance and delivery of IT Services across the board (ISO 27001, 27005 / NIST). Providing risk analysis, vulnerability management, penetration testing, incident management. As a cyber/information security consultant, I am responsible for all security engagements: Cloud Security (IaaS, PaaS, SaaS) - Design and Concepts Requirements, Infrastructure Security, Data Protection, Cryptography, Legal Compliance, Governance, Audit, Application Security, Vulnerability Management.

Projects:
Implementation of a new wide area network, Devising and establishing IT and Security polices (ISO 27001, 27005 / NIST), Installation of new servers (HP ProLiant) and SAN infrastructure to support data warehousing.
Vulnerability Management and Penetration Testing - Using multiple tools and solutions. Compliance, Governance, Audit and Application Security analysis. Control Budget and report on expenditure, supervised the development and maintenance of CMS website and Database Server.

Deputy IT Manager at Engility Corp - IRG - USAID
  • Pakistan - Islamabad
  • March 2014 to January 2016

International Resource Group is a Contractor company of USAID.
Responsible for Information Technology (IT) Designing / Deploying / Security and Support (ISO 27001, 27005 / NIST). Analyze IT security threats and make valid recommendations for remediation. Enforce and sustain IT controls in the areas of Cyber-Security, Governance, Risk Management, Vulnerability Management, and Compliance in a cost effective and efficient manner. Develop an annual IT-business risk assessment report that describes IT business risk covering all aspects of IT (applications, infrastructure, IT vendors, IT processes and IT workforce) along with recommended risk mitigation, looking out over the next five years. Review
it annually with the Leadership team.

Furthermore responsible for managing Network infrastructure Security and have a working experience on following but not limited to: Cisco Routers 2900 series, 2800 series / Switches 2900 series, 3500 series, VSAT Links C and KU band, IPSEC / SSL VPN Services, VLANS, Windows Server 2008 R2, Cacti Monitoring Server, FTP / SFTP Servers, Barracuda Web Filters, Backup Exec 2014 Server, PowerEdge Dell Servers, Dell Autoloader, Dell Power Vault ISCI SAN, ESX Servers 5.5, VSPHERE, Symantec Messaging Gateway, Kali Linux, Exchange Server 2010, Panasonic PABX, Active Directory, WSUS Server, VCenter Server, Symantec Endpoint Protection Deployment, Video Conferencing Equipment Cisco and Polycom Units, MS Office Suite and level 1, 2 and 3 support. Design, built and deployed a new virtual environment to support current and future growth projections for the next 3-5 yrs.

Projects:
Performed and analyzed vulnerability scans for critical servers and services.
Upgraded old Hardware with new Dell PowerEdge R720XD Servers.
Implemented SAN ISCSI Storage for better handling of Data, faster speed, Data Security and easy Backup
Implemented VMware ESXi 5.5 environment for virtualization to improve availability and security. Patch Management

ITC & Document Control Officer at Tethyan Copper Company Pakistan (Barrick Gold / Antofagasta)
  • Pakistan - Islamabad
  • March 2010 to July 2013

Tethyan Copper Company Pakistan (Pvt.) Limited (TCC) is a joint venture company of two of the world’s leading mining companies; Barrick Gold Corporation of Canada and Chile based Antofagasta PLC.
Responsible for managing Network infrastructure and have a working experience on following but not limited: Cisco Routers / Switches, VSAT Links, VPN links, VLANS, Windows Server 2003 R2, PRTG Server, Windows Server 2008, IBM Servers, Tandberg Storage NAS, SAN, ESX Servers 4.1, VSPHERE, Symantec Messaging Gateway, Exchange Server 2007, Panasonic PABX, TDA 200, TDE 100, Active Directory, WSUS Server, VCenter, Symantec Endpoint Protection Deployment, MS Office Suite and level 1, 2 and 3 support. Enterprise Content Management System (Livelink, Open Text): Livelink Administration, Support, Training and Troubleshooting.

Projects:
Implemented Content Management System Open Text Livelink / CS 10
Upgraded SAN ISCSI environment to Fiber Channel SAN IBM DS 3500 series.
Upgraded vital servers to Cloud environment
Implemented HRIS Software
Upgraded VMware ESXi 5 environment for virtualization

Administrator at ZJ International Consultants (MOL Hungarian Oil & Gas Co. Pakistan)
  • Pakistan - Islamabad
  • February 2006 to February 2010

I have been overseeing and controlling all aspect concerning administration and IT. Maintaining data and hardware security at all levels. Liaise with data users, update security systems regularly. Maintain security for all servers installed. Maintaining regular backups of all data, including software on a monthly basis, servers and users data as required. Maintaining and updating hardware and software as required within the budget limitation. Liaise with the finance department in regard to budget availability. Managing official functions, Network structure issues, Network status and traffics.

Programmer / Network Engineer at Tech Ni Test
  • Pakistan - Rawalpindi
  • February 2005 to January 2006

Served as IT and support officer, I have been involved in helping the foreign delegations to conduct their recruitment tests efficiently. Developed the overall Computer Network structure of organization and optimized for database software. (Network Troubleshooting, Backups, Update, Monitoring etc..)
Being an IT fellow I was given the task of designing the organization informatory portal, and engineering of computerized Database record software for the organization in Visual Basic + Microsoft Access.

Education

Master's degree, Programming / Networks
  • at FUUAST, ISLAMABAD, PAKISTAN
  • March 2009

MS Computer Science, Major in Computer Network

Bachelor's degree, Computer Science
  • at Allama Iqbal Open University
  • May 2004

BS CS, 4 years program

Specialties & Skills

Network Architecture
System Administration
Vulnerability Management
IT Risk
Information Security
Web Designing and Programming
Programming
Network Administration
Network Security
Routing, Switching, Firewalls, IPS, IDS,VPN
Policies, Pen Testing, Vulnerability Assessment,
Virtualization , SIEM,
Group Policy
Risk Managment
ISO 27001
Penetration Testing
Vulnerability Assessment
Firewalls
Information Security Management
Cyber Security
ISO 27005
Network Architecture
Server Administration
Microsoft Exchange
Active Directory

Languages

Arabic
Beginner
English
Expert
Urdu
Native Speaker

Memberships

ISC2
  • Participant
  • January 2017

Training and Certifications

Atlassian ACP 610, 620 (Certificate)
Date Attended:
August 2021
Valid Until:
February 2024
Cisco Cyber Security Ops (Certificate)
Date Attended:
November 2018
Valid Until:
November 2021
MCSA (Certificate)
Date Attended:
April 2017
CISSP (Certificate)
Date Attended:
November 2018
Valid Until:
November 2021
CCNA (Certificate)
Date Attended:
March 2017