Imran Rasheed

About the Candidate

Mr Imran Rasheed

28-Lower park road

Victoria Park

Manchester

M14 5RH

Email=aaddaab@gmail.com

imran@imranrasheed.com

Ph=+ (44)7916314620

Nationality = British

Summary

An Experienced Security Consultant with a proven track record of 20 years in different security areas, including cyber defence, Enterprise Security program, Governance, Business Continuity, and Risk Management. Achieved ISO 27K, PCI-DSS, GDPR, and Cyber Essentials accreditation, SACS-002, delivered security awareness training programs, and enforced policy procedures, guidelines, and standards. Hands-on experience with SIEM, VAPT tool, risk and threat management solutions, DLP, content filtering systems, EDR, Compliance, and application monitoring technologies. Acted as technical expertise in information security teams and developed security programs.

Certification                                            Training

·   C|CISO                          In Progress

·   CISSP

·   CEH

·   CISA

·   ISO 27K Lead Implementer

·   Cyber Essential Assessor.

·   SC-300 Microsoft Certified: Identity and Access Administrator Associate

·   SC-100 Microsoft Certified: Cybersecurity Architect Expert

·   F5 (101,201) Certified Big IP Administrator.

·   CCIE Security            Written
·   Crowd strike Falcon administration

·   Splunk Enterprise

·   Prince 2 practitioner

·   Juniper Networks Certified Internet Associate

·   Check Point Certified Security Administrator

·   Fortinet Certified Network Security Administrator

·   Arc Sight

·   IBM Qradar

·    Burp Suit

·   Nessus Tenable

·   Acunetix

Experience

11/2023 -Current

Cyber Security Architect , HCL  (UK)

·       HCL is a leading MSP where I managed multiple accounts of financial and insurance industry.(L&G ,RCA) I am responsible for each account cybersecurity program . It involves collaborating closely with clients to understand their security needs and designing and implementing GRC Farmwork and Gap Analysis best practices security policies and business processes using the security-by-design principle. Moreover, I provided advisory services to C-suite executives to optimize their information security programs for maximum efficiency.

·       One of my key responsibilities is develop and deliver right security control and technologies for the each account . that including the vulnerability Management, Supervising the Red team for Penetration testing, SAST and DAST implementation in DevSecOps Access management, EDR and SOC services.

·       Effectively utilized SIEM solutions, particularly Splunk, to correlate and analyze security events, contributing to the development and updating of operational documentation and runbooks.

·       Implementation of perimeter security controls by using WAF, IPS/IDS. NGFW, Monitoring and auditing the network traffic with CIS benchmark.

·       Regularly assessment of the ISO 27001:2022,NIST, SOC2 and Cybers essentials . Currently working on the DORA compliance.

·       My successful track record includes delivering a wide range of projects, from technically assessment to compliance management.

08/2022 – 10/2023

Cyber Security Architect, Euronet Solutions Ltd UK

·       Played a critical part in a law enforcement agency to develop and implement digital and manual information security best practices, worked closely with the CTO and produced Policies, procedures and standards for all domains.

·       Microsoft Azure for cloud hardening using Purview for compliance and DLP.

·       Configure and monitor the Microsoft Defender and MS Sentinel

·       Formulated, advised, and executed cybersecurity policies and frameworks, achieving ISO27001 and implementing the NIST frameworks with CIS benchmark.

·       Implemented and utilized Tenable Nessus Pro vulnerability scanning tool to perform vulnerability assessments and analysis, ensuring appropriate mitigation measures were taken.

·       Conducted Risk Assessments on critical information security assets, identifying critical assets run CIA risk appetite and recommending mitigation controls.

·       Carried out the Third-Party Risk Management, Conduct risk reviews and advise for the best practice are adopted.

·       Designed and implemented the cybersecurity awareness program to educate internal users, introduced a simulated training platform. Host cybersecurity awareness events .
10/2020 – 05/2022

Security Consultant,  BARCLAYS BANK – UK

·       Collaborated closely with the program manager to develop and review the security infrastructure, aligning with industry best practices

·       Successfully executed a project focused on configuring and validating CIS Benchmark Baseline security controls on servers and network devices and AWS Cloud ensuring adherence to best practices and enhancing overall security posture.

·       Produced and reviewed applications High-Level Design (HLD) and Low-Level Design (LLD) . reviewed Pen testing ,vulerbility assesments reports

·        Reviewed and maintained DDoS appliances to ensure consistency of input information and effectively managed by using the WAF, F5 ASM, Silverline.

·       Vetted and reviewed various end-to-end application solutions to enhance security measures in data in motion and data at rest principals

·       Provided valuable insights and recommendations as part of the department’s Change Advisory Board (CAB) processes

·       Worked collaboratively with application owners to implement robust incident response plans, minimising downtime and mitigating potential data breaches

·       Conducted thorough reviews of network architecture and configurations, proposing optimisations and information security recommendations.

08/2019 – 10/2020

Cyber Security Specialist, ABN-AMRO – Netherlands

·       While consulting, worked on refreshing the SOC, identified areas of improvement, and reviewed the incident response process and runbooks and playbooks.

·       Created short-term and long-term plans to address these gaps and submitted my recommendation in migrating from the existing platform to new platform

·       This included migrating from the existing SIEM (Qradar) to Splunk enterprise and AV to EDR(Crowdstrike)

·       Performed audits and testing of controls in Network Vulnerability Assessments, SOC audits, IS security audits implementation in infrastructure Firewalls, Proxy, WAF

·       Using Qualys Tenable IO for Vulnerabilities Assessment on-premises and cloud applications.
04/2017 – 08/2019

Security CONSULTANT, HSBC – UK

·   Delivered five projects as an Information Security Specialist, where creating and managing the bank Asset Register

·   Examining internal IT controls exposure as per NIST, CIS and ISO controls for the Network and firewall infrastructure for risk mitigation

·   Application Risk Management Project, Budget: £500K

·   Creating and managing the device and application risk registers with the asset owners on a day-to-day basis

·   Examined internal IT controls, evaluated design and operational effectiveness, determined exposure to risk, and developed remediation strategies

·   Collaborate with teams from different departments to create and put into action secure network architecture controls

·   Provide expertise in regulatory compliance like ISO, PCIDSS, NIST and ensure asset owner and product owner adhere to relevant standards.
08/2014 – 03/2017

IT Infrastructure Specialist , Hewlett-Packard – UK

·   Part of the infrastructure design team for the expansion of the DWP Universal Credit System

·   Successfully migrated infrastructure from legacy network devices to a new cloud network and firewall infrastructure by designing HLD and LLD for the new application, legacy application migration strategy, and Disaster recovery DR solution, along with capacity planning, risk analysis, and redundancy configuration

·   Installed and configured Junos firewall in paired on the perimeter and down to the LAN

·   Provided technical expertise in GTM design and changes, Adding Listeners, Wide IPs, pools, Load balancing methods, and DNS troubleshooting

·   Created VS, VIP, pool, and customise profiles in F5 LTM

·   Designed and configured F5 GTM, ASM, and LTM on VIPRION Chassis and single Appliances like LTM 10000, GTM 2000

·   Upgraded V11 to V11.6, patched and configured the F5 boxes from Standalone to VIPRION platform

·   Configured and maintained Forum Sentry and ASM for WAF

·   Configured and managed the CDN on.
08/2016 – 12/2016

WAF SME, IBM – UK

·   Conducted black box and white box pen-testing to evaluate vulnerabilities and flaws within the internal and external systems

·   Worked on Co-op bank account for a migration project to set up a new WAF (F5) and SIEM (Qradar)

·   Technical implementation and support ‘ IBM QRadar SIEM (SOC) project where performed event/flow correlation of event logs, parsing and managing correlation rules

·   My responsibilities included monitoring and prioritising events, alerts, and tips for further investigation, as well as gathering evidence of security investigations regarding incidents such as malware, data loss, and network intrusion

·   Designed existing QRadar SIEM platforms in a distributed environment.
01/2012 – 07/2014

Network/Firewall Infra Design Consultant, Barclays Bank Plc – UK

·   Managed IP network/firewall infrastructure, including the deployment of Juniper, Checkpoint, and Cisco switches and routers, installation and maintenance of large Juniper MX and T-series routers in line with the bank’s set standards

·   Resolving technical issues by troubleshooting during the migration of the network

·   Deployed many Site-to-Site VPNs, in production and DMZ environment

·   Configured and administered F5 LTM, profile, PKI certificates, TLS, VIP, Pools, and SSL terminations

·   Monitored multi-vendor Firewalls using Skybox, firewall assurance, network assurance, and change management

·   Managed checkpoint R65/R71, VSX, with provider 1 and Smart dashboard, upgrading checkpoint R71 to R75.40

·   Integrated Cisco ISE with Cisco WLC 44xx for BYOD for guest services LAP authentication and authorisation

·   Designed and configured F5 GTM, ASM, and LTM on VIPRION Chassis and single Appliances like LTM 10000, GTM
01/2009 – 01/2012

Network Engineer  (BackOffice), Ericsson UK

·   UK MBNL – London, UK

·   T-Mobile, Orange & H3G) IP/ETHERNET PROJECT.
06/2006 – 12/2008

Team LEAD, British Telecom UK

·   BTGSC – MPLS

·   Reuters BT-MPLS | PROJECT, IP-MPLS (Service Delivery) Team, Awarded 2nd employee of the year 2008.

Education and Training

03/2008

MSc, Mobile Computing and Communication

University of Greenwich – London
Skills

·   IT Governance

·   Risk Management

·   Cybersecurity Frameworks

·   Business continuity Planning

·   Compliance Management

·   Network Security

·   Application Security

·   Stakeholder Communication

·   Process Improvements

·   Information Security Awareness

·   Data Migration

·   GDRP Compliance

·   PCI DSS Compliance

·   Datacenter technologies

·   Firewall deployment and Management

·   Cloud security

·   Azure

·   AWS

·   SOC operation and management

·   Security tools: NMAP, Nessus, Wireshark, Burp suit, John The Ripper, Nagios, Cacti, Metasploit, and more

·   Security/Firewalls Technology: IPSec, VPNs, Cryptography, AAA Model, Access Lists, CDN, DDoS, WAF, IAM

·   OWASP top10, SANS Top 20
Accomplishments

·   Security compliance, audit and assessment

·   Internal and external compliance against best practices ISO27001 Security compliance, audit and assessment

·   Internal and external compliance against best practices

·   Assessment against ISO27K, ISO31K, PCI-DSS, PSR, NZISM, SWIFT (CSP), NIST, SANS, CIS, OWASP, SOC2

·   Risk Management: Create policies, procedure, guidelines and standards Risk and control framework development

·   Risk assessment

·   Cyber maturity assessments

·   Third part risk assessments

·   Business Continuity/ Disaster Recovery: BCP/DRP Plan development and enablement

·   BIA and RA creation

·   BIA/DRC maturity assessment

·   Cyber Security: SOC, SIEM (QRadar), IBM IDPS (XGS), Riverbed Steel Central Application performance monitoring (APM) Packet Analyser, NetShark, Web Analyser, NetProfiler, HP Arc sight, OWASP, and ISO27001
References

Reference: will be provided upon request.