Saqib Mahmood

Roles and Responsibilities:

Managing and conducting wide range of consulting assignments ranging from:

• Hands-on experience in building state of the art NOC, SOC and OSS (IBM Tivoli/Netcool, Solarwinds & Linux-based open source implementation)
• Business/Operation Support System
• Element Management System
• ITU-T FCAPS model for TMN
• Governance, risk and compliance
• Cyber Security & CIIP
• Hardening ICT infrastructure
• Risk Management / ISO/IEC 27005:2011
• Defense in depth methodologies
• ICT audit & compliance management
• Business continuity / BS25999-2
• ITIL & COBIT processes implementation
• Enterprise services management
• Stake-holder and large customers account management
• Information security project and program management
• Compliance audits and consultancy for ISO/IEC 27000, 27001, 27002 and 27032:2012 and BS25999
• Manage and conduct various web, infrastructure & penetration testing projects
• Managing geographically apart penetration testing teams
• Information technology/security architecture and design services
• Consulting and implementing IT governance frameworks and perform InfoSec risk assessments for clients
• Vulnerability remediation, IDS/IPS performance tuning, pre-sales activities, training customers and internal employees

Roles and Responsibilities:

• Directly responsible for Interpreting business requirements into technical network and security solutions framework
• Provide technology roadmaps governed by strategic direction, business requirements as well as resourcing and financial constraints (HCIS Compliance)
• Served as custodian of the architecture process that interfaces with project/program managers to provide direction on scope/direction of network solutions
• Worked closely with project managers and directors as well as IT department clients and provided guidance in linking network and security architecture with business requirements
• From a technical perspective engage Network Engineers (L1/L2) as well as other architecture and engineering staff as well as align with the operations team and or custodians of SLA (Service Level Agreement)
• Lead client discussion and provide technical direction and frameworks to meet business needs
• Liaised with management and support teams
• Provided assistance in scoping and costing of projects
• Guided and influenced team members and business colleagues
• Created presentations/solutions and articulate to boards and executives Work with other SMEs and technical support teams in the pursuit of technically excellent solutions
• Manage network design solutions and integration projects through all phases of project life cycle analysis, design, development, testing, implementation, and post-production support.
• Overview written proposals by presales department in response to RFP and win new contracts from THALES. Manage multiple contracts and negotiate new teams for contract extension.
• Performed project oversight for independent review and analysis of the agency wide IT systems integration project. Applied project management knowledge and expertise to gauge system performance and assess risk. Provided stakeholders with project status and outlook for success, and recommend project improvements.

Roles and Responsibilities:

Contract: BI-00074 - Replace Data Network Equipment for Saudi Aramco
(LSTK Contract: 2000+ Building, 4000+ devices, 80.000+ end users and 100+ suppliers)

• Mainly was responsible for Discovering, FAT & SAT over 4000+ devices within Saudi Aramco’s network infrastructure.
• Redesigning/Migrating corporate core and edge blocks from an existing ATM technology to MPLS framework.
*Lack of information disclosure is due to signed NDA

Roles and Responsibilities:

• Core network redesign to migrate from EIGRP and RIPv2 routing protocols to an OSPF multiple area network design. Implemented Solarwinds/Orion network monitoring tools with backend Netflow/SNMP, for monitoring and easier device management throughout the domain. Upgrade from 3550 series switches to Cisco 6509 Catalysts.
• Design, implementation and support of the core network (Spanning tree re-design, Trunking, VLAN setup). Inter connecting various client sites through VPNs. Teaching in-house Cisco courses (CCNA, CCNP, IPv6, and Security) to internal departments.
• Internal security audits and penetration tests on small to large networks in order to tighten up network security utilizing the following toolsets: IPScanner, Immunity Canvas, Metasploit, NMAP, Nessus, ISS Internet Scanner, Cisco Security Scanner, N-Stealth Scanner, CyberCop Scanner, Ettercap, Etherape and Linux Live Security CDs such as "The Auditor", "PHLAK", "iWHAX", "BOSS", “BackTrack” and others.

Outline:

Started out with an intern, quickly landed a Network Engineer position in less than 4 months and was promoted to the designation of Lead Senior System/Network Engineer in May of 2008. Soon after the completion of the migration project, I was formally assigned the Regional IT Manager position in August of 2009.

Roles and Responsibilities:

• One of the largest Chemical providing industry in the US, which serves more than 3 Million individual customers, on data and voice national networks.
• Design and implement new WAN architecture scalable for VoIP using MPLS technology and Cisco 7200, 3800, 2800 series ISR routers, Catalyst 6500, 4500 and 3750 series Multilayer switches.
• Participated in the deployment of VoIP Pilot Project defining the placement of the network and configuring Cisco CallManager and CallManager Express, Cisco Unity.
• Merged Recently acquired companies to existing network. Provided Tier 2 and Tier 3 hands on support for NOC utilizing tools such as CiscoWorks.
• Designed and Configuring the WAN infrastructure, consisting of multiple T1 and T3 lines.
• Installation and deployment of Redhat Enterprise Linux server infrastructure.
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements and multi-homing. This involved negotiating with ISPs for SLA's, switching from T1 to Flexible T3 lines and configuring/replacing existing Cisco 1605 series routers with Cisco 3640 routers. Documentation of all the work done using Microsoft Visio/Excel/Word and CADE.
• Migration from RIPv2 to OSPF protocol and connectivity between remote-sites using GRE IPsec Tunneling.
• Optimized performance of the WAN network consisting of Cisco 4500/5500 switches by configuring VLANs along with optimization bandwidth using Cisco's QoS techniques.
• Implementation of Checkpoint Firewall 4.1 to protect and authenticate local-net and DMZ. Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways.
• Performed on-site and remote security audit, web application security assessment and on site Internet security assessment performed ethical cracks (hacks) to assess the vulnerabilities of test, Internet/Intranet connected systems, networks, and operating systems including Windows, Linux, Solaris, AIX, HPUX and Cisco IOS.
• Generated and presented reports on security vulnerabilities to both internal customers.
• Configured Web Trends for Real-time web traffic analysis and e-Commerce Analysis.
• Enabled remote users to access corporate LAN with VPN connectivity.
• Monitoring and managing network resources using HP OpenView by implementing policies and creating custom events.
• Created and deployed desktop images using Symantec Ghost.