ZEESHAN ALI

Key Responsibilities:
• Strategic Planning and Leadership: Develop and implement comprehensive Information Security guidelines and action plans aligned with organizational goals. Spearhead strategic initiatives to enhance cyber security posture and mitigate risks effectively. Provide visionary leadership in driving innovation and resilience across the IT and cyber security domains.
• Policy Development and Compliance: Establish and enforce network security standards and policies to ensure compliance with regulatory requirements and industry best practices. Lead ISO27001 Information Security Management System (ISMS) execution to uphold security standards and minimize breaches.
• Incident Response and Crisis Management: Develop and oversee incident response protocols to swiftly address security incidents and minimize their impact on operations. Collaborate with cross-functional teams to manage crisis situations and maintain business continuity.
• Infrastructure Engineering and Management: Lead the engineering and management of Microsoft 365 (M365) infrastructure migration projects, enforcing Multi-Factor Authentication (MFA) and reducing phishing attacks.
• Design and implement disaster recovery plans to minimize downtime and ensure the resilience of critical systems and data.
• Security Operations Center (SOC) Architecture and Management: Architect SOC strategies to enhance network defense capabilities and safeguard critical assets against emerging threats. Manage SOC operations, including security incident detection, analysis, and response.
• Risk Management and Remediation: Conduct risk assessments and vulnerability scans to identify security weaknesses and mitigate risks effectively. Implement risk remediation activities across multiple offices, ensuring the security of servers and other IT assets.
• Training and Awareness Programs: Develop and deliver cybersecurity training programs to increase awareness and adherence to security policies among employees. Establish an IT lab for testing software updates and vulnerabilities, facilitating proactive risk management and mitigation.
• Information Security Guidelines: Championed annual Information Security guidelines, resulting in reduction in security incidents.
• M365 Infrastructure Migration: Engineered the migration of 400+ users to M365, enforcing MFA and reducing phishing attacks.
• Data Protection: Classified company data and utilized Microsoft DLP solution to protect data.
• Disaster Recovery Plan: Executed a custom disaster recovery plan, reducing recovery time and ensuring business continuity.
• IAM: Worked with active directory and Azure AD for IAM.
• IT Lab Establishment: Established an IT lab for software update testing and vulnerability assessment including patch management.
• Risk Remediation Activities: Implemented risk remediation activities across multiple offices, managing over 10 servers.
• PAM: Introduced PAM for the IT environment.
• Domain Controller Migration: Successfully migrated user profiles to a new domain controller, ensuring uninterrupted access for 400+ users.

Key Responsibilities:
• Infrastructure Management: Oversaw the design, implementation, and maintenance of IT infrastructure, including servers, networks, and storage systems, ensuring optimal performance and scalability to support the company's operations.
• Systems Administration: Managed Windows and Linux-based servers, ensuring their stability, security, and availability. Administered Active Directory services, user accounts, permissions, and group policies.
• Network Administration: Designed, implemented, and maintained LAN/WAN networks, including routers, switches, firewalls, and VPNs. Monitored network performance and implemented improvements to enhance reliability and speed.
• Security Management: Implemented and maintained robust security measures, including firewalls, intrusion detection/prevention systems, antivirus solutions, and regular security audits to safeguard company data and infrastructure.
• Data Backup and Recovery: Implemented backup solutions to ensure data integrity and availability. Developed and tested disaster recovery plans to minimize downtime in case of system failures or disasters.
• User Support and Training: Provided technical support to end-users, troubleshooting hardware and software issues, and resolving technical problems promptly. Conducted training sessions to educate users on IT best practices and new technologies.
• Vendor Management: Collaborated with external vendors and service providers to procure IT equipment and services, negotiate contracts, and ensure timely delivery and quality of services.
• Compliance and Regulation: Ensured compliance with relevant industry standards and regulations, such as ISO 27001, GDPR, and local data protection laws. Conducted regular audits to assess compliance and implemented corrective actions as needed.
Key Achievements:
• Aramco Security Compliance Achievement: Successfully guided ATIT in obtaining the prestigious “CCC” Aramco security compliance
certificate, showcasing the company's commitment to robust security standards.
• Secure Remote Access Implementation: Spearheaded the deployment of an OpenVPN setup, enabling seamless and secure remote connectivity to the headquarters pfSense firewall, enhancing accessibility without compromising security.
• Timely Security Patch Management: Implemented a WSUS server, ensuring timely deployment of security patches across the network, bolstering defense against potential vulnerabilities and cyber threats.
• Physical Access Control Enhancement: Mitigated company security risks through the installation of robust physical access control measures, safeguarding critical infrastructure and sensitive information from unauthorized access.
• Cybersecurity Training Impact: Mentored 100 employees on cybersecurity best practices, resulting in a significant reduction in potential attack risks, fostering a culture of security awareness and vigilance across the organization.
• IT Infrastructure Upgrade: Executed a flawless migration project upgrading IT infrastructure from Windows 2012 domain to Windows 2019 with Exchange Server, resulting in a remarkable increase in system uptime and enhanced network performance, optimizing operational efficiency.
• Predictive Maintenance Implementation: Enhanced operational efficiency by implementing predictive maintenance strategies and virtualization technology, resulting in a commendable decrease in downtime, minimizing disruptions and maximizing productivity.
• Backup System Validation: Conducted bi-annual testing and validation of System Recovery backup systems, ensuring optimal performance and data integrity, while maintaining business continuity even in the face of unforeseen disruptions.

Centralized IT Infrastructure Deployment for Alfozan Company:
• Led the planning and execution of a centralized IT infrastructure deployment for Alfozan Company, seamlessly integrating servers, databases, and security systems.
• This initiative optimized resource utilization and enhanced operational efficiency, laying the foundation for scalable growth and streamlined operations.
LAN/WAN Connectivity Overhaul at Sraco Company:
• Directed a comprehensive LAN/WAN connectivity overhaul project at Sraco Company, resulting in a significant increase in network speed and connectivity across all branches.
• By enhancing network performance, this project contributed to improved collaboration and operational efficiency, enabling seamless communication.