Majid Khan

• Data Security & Risk Management: Implemented security measures, risk analysis, and vulnerability management.

Data Labeling, Classification & Protection: Designed policies with DLP, DAM, and tokenization.

Governance, Risk & Compliance (GRC): Developed policies and architecture aligned with ISO 27001, NIST, and IEC 62443.

Identity & Access Management (IAM) & Privileged Access Management (PAM): Implemented RBAC, MFA, least-privilege, and session monitoring.

Data Protection (On-Prem & Cloud): Designed encryption, cryptography, and key/certificate management.

Security Operations & Continuous Monitoring: Established SOC with SIEM, IDS, NAC, and NG firewalls.

Incident Response & Insider Threat Management: Developed and executed incident response and insider threat plans.

Cybersecurity Project Execution: Executed PNRA cyber capacity and oversight projects, SOC, and CSDS I&C Lab.

Strategic Integration of Security into Business & IT Projects: Embedded security by design into systems and processes.

Dashboards & KPIs: Developed dashboards tracking data security, access protection, KPIs, and KRIs.

Collaboration & Stakeholder Engagement: Maintained strong cross-team working relationships.

Training & Awareness: Conducted awareness programs, mentoring, and promoted security culture.

Procurement & Security Investments: Oversaw IT/security procurement and solution implementation.

Frameworks: Applied SAMA, NCA (ECC-1:2018, CCC-1:2020, CSCC-1:2022, OTCC-1:2022), NDMO, GDPR, PCI-DSS, NIST, CSF, RMF.

• Network Infrastructure Management: Designed, deployed, and
managed large-scale network infrastructures across multiple sites,
ensuring high availability, performance, and security. Expertise in
network routing protocols (BGP, OSPF, EIGRP), switches, firewalls
(Palo Alto, Cisco ASA, FortiGate, Sophos), VPNs (IPSEC), and
IAM/PAM solutions.
• Implemented
• Planned and designed scalable network architectures,
integrating on-premise, cloud, and hybrid environments while
ensuring compliance with industry standards.
• Network Performance & Monitoring: using tools like PRTG,
proactively identifying potential issues to minimize downtime and
enhance operational efficiency. Optimized network traffic routing,
load balancing, and bandwidth management to support high-demand
applications.
• Security Management: Design, implement and manage corporate
security strategies, measures, including Email Security appliance
(ESA), Proxy, Next Generation Firewalls (Palo Alto, Cisco ASA,
FortiGate, Sophos), encryption protocol, VPNs (IPSEC), IPS/IDS and
DLP.
• Troubleshooting: Troubleshoot and resolved complex network
connectivity issues, diagnosing hardware, software, and protocol
related failures across diverse network environments
• Documentation: Maintain comprehensive documentation of the
network infrastructure, configurations, and procedures. Create and
update network HLD/LLD diagrams and topologies.
• Upgrades and Maintenance: Plan and execute network upgrades
and maintenance activities. Ensure systems are up-to-date with the
latest security patches and updates.
• Voice Network Management: SDH connectivity with service
provider. PABX (AVAYA) installation, configuration and maintenance
• Support: Provide technical support and training to end-users and
other IT staff. Assist in the development and implementation of IT
policies and procedures.
• Collaboration: Worked closely with ISPs, content delivery networks
(CDNs), and cross-functional teams, ensuring seamless network
connectivity, performance, and customer-facing services.
• Backups & Patch Management: Maintain backups of configuration,
IOS
• Experience with cloud networking and virtualization, integrating
network automation and infrastructure-as-code (IaC) principles to
streamline deployments. Strong Linux server environment knowledge,
ensuring seamless network services and performance optimization.
• Proficient in Python for scripting, network automation, and
troubleshooting, improving network management efficiency through
custom automation tools.
• Supported IT procurement processes, from vendor evaluation to
tender management, ensuring optimal infrastructure investments.
• Event Management: Video conferencing, conduct virtual training
and meetings etc.

• Daily inspection and health check of network equipment.
• Network optimization, documentation, and reporting.
• Ticket resolution and Escalation of TT to Tier3 and Huawei GTAC
• Service verification of new service and technical discussions for
network performance.
• Emergency fault handling and change requests.
• Complete network monitoring of IP/MPLS core network
• Emergency Handling of critical and emergency fault with end-to-end
progress update
• Keep tracking & verification after the network fault has been resolved
• Priorities faults to meet SLA/WLA.
• Involved in upgrade/updates of live nodes.

• Configuring & Manage TCP/IP-base, routing and network
management protocols (OSPF, EGIRP, BGP)
• Configuration of high availability protocols including HSRP, VRRP and
configuration of DHCP, DNS, and VPNs (IPsec).
• Design and deploy VLAN infrastructure
• IP Management and Reporting
• Network upgrades as per business requirements.
• Configuration of Access point, routers and IPTV, WIMAX services.
• Configuration of wireless encryption WPA2 and TKIP setting.
• Configure and Manage SNMP, NetFlow, Syslog and TACACS+
• DNS resolution and hosting issues
• Escalation of billing issues
• Ticket Resolution and Escalation.
• Ticket follow up

• Daily financial reconciliation of toll.
• Toll Management
• Active Directory management.
• User Group policy implementation and maintenance.
• Reporting and Documentation
• Installation, Configuration and Maintenance of Network and System
Equipment