IMTEYAZ AHMAD

CISA|CEH|CHFI|CISM|TOGAF|CCIE|MCSE|ITIL
Plot 105, Sangam Nagar, Ring Road, Nagpur-440013
Cell/WhatSapp+91- 8600038911/7208835363
Email:imteyazahmad05@gmail.com Skype: imteyazbabu
Passport Validity: 2029; Driving License Validity: 2023

Profile Summary:
Results-driven cybersecurity leader with a proven track record of driving business growth and innovation.
Seeking the position of Head of Cybersecurity at CertX to lead and expand the automotive cybersecurity
business in Europe and worldwide. Offering expertise in cybersecurity frameworks, standards, and regulatory
compliance, along with a passion for fostering customer relationships and building high-performing teams.
Over 23+ years of leadership in evaluating and enhancing cybersecurity practices within the automotive
industry. Proven ability to develop and lead strategic initiatives, drive innovation, and ensure compliance with
industry standards and regulations. Adept at building and nurturing cross-functional teams to deliver
exceptional results. Expert in strategic and tactical planning, compliance, governance, and setting the posture
of Information Security for organizations. Experienced Information Security Risk Manager with strong
leadership and relationship-building Security Professional with passion for aligning security architecture plans
and processes with security standards and business goals.
23+ years of expertise in collaborating with Leadership & C Suite (Executive Leadership) to establish goals and
intended outcomes relating to Security Strategy, Governance, and Contextual Architecture.
Strong people leader who believes human resources are the biggest assets of an organization & develops
teams to achieve group goals. An energetic leader with a passion for people development, a track record of
recruiting and retaining top talent and a demonstrated ability to effectively lead and work in a highly matrixed
global environment. Extensive experience in managing the team of security, network and test engineers to
identify the IT security risks in various applications, systems and networks and recommending the practical
solutions for fixing the security related issues
In-depth knowledge of industry standards and industry frameworks ( e. g. TOGAF, SABSA, COBIT,
CIS.MITRE,COSO, ISO 27001&2, PCI, ISA-62443-3-2-WD - ISA99, CIP (NERC), API 1164, ISO/IEC 17799, AGA-12,
NISCC, NIST 800-82/53, TR 27019, Sarbanes-Oxley Act (SOX) .In-Depth Knowledge of Regulatory compliance,
Process reviews, ISO 27001-2 controls and Developing cyber security policies and procedures.
20+ years of expertise in designing & architecture of multilayered defense strategy known as “DEFENCE-IN-
DEPTH” to protect OT& IT systems against remote attacks, Man-in-the- middle attacks, Network control plane
attacks, Masquerading attacks, Snooping and scouting Malware attacks.
Excellent communicator and presentation skills to support the development and communication of business
related strategies and roadmaps to both senior business stakeholders and highly technical audiences. Proven
ability to Plan and execute enterprise security CAPEX and OPEX budgets, lead seamless implementations and
deliver technical solutions improving revenues, margins and workplace productivity. Adept at analyzing
business requirements and crafting technical security solutions.

Skills & Expertise

 Endpoint Security Strategy  Endpoint Security  IT&OT Information
 Threat Detection & Response Technologies: EDR, XDR, Governance, Risk &
 Security Architecture Antivirus, Application Control, Compliance.
 Incident Management DLP, Encryption  IT&OT ISMS based on NIST/ISO
 Compliance & Governance  Threat Intelligence Platforms 27001:2013/IEC62443
 Technology Evaluation &  Security Information and  Secure Configuration
Adoption Event Management (SIEM) Standards
 Vendor Management  Penetration Testing Tools  Penetration Tests & ASV
 Budgeting & Resource  Cyber security Frameworks: Vulnerability Scans
Management NIST, CIS, MITRE ATT&CK  Encryption Key & Certificate
 Team Leadership &  Incident Response Platforms Management
Development  IT&OT Risk & Vulnerability  Malware Analysis.
 ICS/ OT Cyber Security Management  Computer Forensics
Consulting Services  IT&OT Cyber Security  Holistic Risk Assessments
 IT&OT/ICS Security Policies & Technology Roadmaps  Network Security & Ethical
Procedures  IT&OT Applications & Hacking
 COBIT/SABSA/NIST-800 Infrastructure Risk Assessment  SOC Deployment (with
/ISA99-62243  Dynamic, Mobile and Static capabilities on AI+ML,
 Host Based Security System Application Security Testing Deception and (SOAR)) SIEM &
(HBSS)  Data Compression & Data FIM
 Secure Software Development Encryption at Rest & in Transit  Enterprise Data Governance &
Life Cycle (Email Encryption) Management
 Cyber Threat Intelligence (CTI)  Secure Architecture Design
 IT& Cyber security Awareness  Protecting Sensitive Data/DLP
Training Program 
Development

ENTERPRISE SECURITY TOOLS& TECHNOLOGY:

 Nextnine, Industrial defender, Splunk, Arcsight,, NetWitness, Encase, FTK, Tenable Nessus, Tofino Xenon,
QualysGuard, Nessus, Cenzic Hailstorm, HP Fortify, IBM AppscaneEye, McAfee ePO, McAfee HIPS
(Entercept), , McAfee IntruShield , McAfee Network Security Manager system ,SNORT, Cisco ASA, Cisco
Security Manager, MS TMG Forefront/ ISA Server, Checkpoint NG, Fortinet fortigate, Sonicwall, Juniper
Netscreen,Backtrack, Ecora Enterprise, Retina,, nMap, ISS Scanner, AppDetective, LANalyzer, SAINT,
kismet, GFI LanGuard, Paros Proxy, Dsniff etc.
HIGH AVAILABILITY TOOLS:
 Cisco, Barracuda, Citrix, Radware, F5, VMWare, VCS, SUN Cluster, MS Cluster.
DRP/BCP/BACKUP TOOLS:
 PlateSpin Forge, Symantec VERITAS Netbackup/Backup Executive, Acronis, Doubletake.
NETWORK MONITORING & MANAGEMENT:
 Fidelis XPS, RSA ,HP OpenView, Cisco works, Cisco QPM, CISO NAM, Dell Open Manage, Solarwinds, OP
Manager, GFI LAN Guard, NETPRO Change Auditor.
PROJECT MANAGEMENT:
 MS PROJECT 2007/2010, Oracle Primavera, MS Office 2010.
LEADERSHIP CAREER HISTORY:
2018 TO PRESENT – SVP-Cyber Security, ICS PVT LTD.
 Lead and oversee all aspects of the organization's security strategy and operations, ensuring the
protection from cyber threats and attacks.
 Develop and execute a comprehensive endpoint security strategy aligned with business and cyber
security objectives.
 Provide strategic leadership to the security team, fostering innovation and continuous improvement.
 Collaborate with cyber security leaders and executive management to integrate security measures into
the broader cyber security framework.
 Conducted comprehensive risk assessments to identify threats, vulnerabilities, and potential consequences to
critical infrastructure and industrial processes.
 Investigated testing procedures and related infrastructure for evaluating vehicle and automotive subsystem
security.
 Initiated, guided, and conducted international research projects for automotive and industrial cybersecurity,
contributing to the advancement of industry knowledge.
 Demonstrated a strong ability to unlock business growth by fostering customer relationships, building teams,
and ensuring compliance with cybersecurity standards.
 Drove the development and implementation of strategic initiatives that aligned with Client’s vision, resulting in
enhanced cybersecurity practices and business performance.
 Prepare and manage the security budget, optimizing resource utilization and cost-effectiveness.
 Define and implement robust security architectures, frameworks, and solutions to mitigate a wide
range of threats.
 Evaluate and select security technologies, tools, and products that align with industry best practices.
 Establish and manage advanced threat detection and response capabilities, utilizing behavioral
analytics, machine learning, and AI-driven solutions.
 Lead and coordinate incident response efforts related to security incidents, ensuring minimal impact
and rapid recovery.
 Oversee day-to-day security operations, including monitoring, alerting, and reporting on security
events and incidents.
 Develop and maintain security policies, standards, and procedures to ensure compliance with industry
regulations and internal requirements.
 Collaborate with external vendors and partners to evaluate, select, and implement security products
and services.
 Drive cyber security awareness programs and provide training to staff on security best practices and
risks.
 Led and managed the Cybersecurity department as a vital member of the Client’s Management Team,
reporting to the MD of Client’s and functionally to the CEO of Client’s.
 Served as the lead auditor and assessor for evaluating cybersecurity standards including UN ECE R155
& R156, ISA/IEC 62443, and ISO/SAE 21434 following ISO/PAS 5112 and VDA A-CSMS Red Volume
guidance.

2018 TO PRESENT – ENTERPRISE ARCHITECT- IT INFRA& SECURITY, QATARGAS OPERATING COMPANY LTD.

 Led the design and implementation of IT Security architectures for enterprise-level systems and
applications.
 Conducted thorough risk assessments and vulnerability analyses, proposing mitigation strategies and
 controls.
 Collaborated with cross-functional teams to ensure security considerations were integrated into
project lifecycles.
 Developed and maintained security policies, standards, and procedures, ensuring compliance with
industry regulations.
 Led the evaluation and selection of security technologies, tools, and vendors to enhance overall
security posture.
 Designed and implemented Identity & Access Management solutions, enabling secure user
authentication and authorization.
 Implemented security monitoring and incident response processes, minimizing the impact of security
breaches.
 Provided technical guidance and mentoring to junior security professionals, fostering skill
development.
 Led the development of a comprehensive security framework based on industry best practices and
standards.
 Collaborated with business units to define security requirements and integrate security into business
processes.
 Conducted regular security assessments, identifying vulnerabilities and recommending remediation
strategies.
 Designed and implemented cloud security solutions, ensuring the secure adoption of cloud
technologies.
 Played a key role in achieving compliance with industry standards (ISO 27001, NIST) through effective
security measures.
 Collaborated with external auditors to facilitate security audits and assessments.

2014 TO 2017-HEAD OF INFORMATION & CLOUD SECURITY, GULF BUSINESS CENTRE WLL. (MIDDLE EAST).

 Led the organization's information and cloud security strategy and operations, ensuring robust
protection of data and cloud environments.
 Developed and executed comprehensive security strategies aligned with business goals, industry
standards, and regulations.
 Collaborated with cross-functional teams to integrate security measures into the overall IT
architecture.
 Designed and implemented cloud security architectures, ensuring the secure deployment of
applications and services in cloud environments.
 Managed and evaluated security technologies, tools, and solutions to effectively safeguard sensitive
information and cloud resources.
 Established and monitored security policies, standards, and procedures to ensure compliance and
mitigate risks.
 Led incident response and recovery efforts, minimizing the impact of security incidents and ensuring
rapid restoration of services.
 Provided leadership and mentorship to the security team, fostering skill development and a culture of
excellence.
 Built and maintained relationships with vendors and partners to enhance security capabilities and stay
abreast of industry trends.
 Collaborated with internal and external stakeholders to promote security awareness and best
practices.
2011 TO 2013 - HEAD-NETWORK & INFORMATION SECURITY, KENANA SUGAR COMPANY LTD, SUDAN.

 Managed network security initiatives, ensuring the secure operation of the organization's network
infrastructure.
 Designed and implemented network security controls, including firewalls, intrusion detection systems,
and VPNs.
 Conducted regular security assessments and vulnerability scans, recommending and implementing
mitigation strategies.
 Collaborated with IT teams to ensure the timely resolution of network security incidents and issues.
 Led all aspects of the organization's network and information security strategy and operations.
 Developed and executed comprehensive security strategies, aligned with business objectives and
industry standards.
 Collaborated with cross-functional teams to integrate security measures into the network and IT
infrastructure.
 Designed and implemented robust network security architectures, ensuring the protection of critical
assets and data.
 Evaluated and selected security technologies and solutions to effectively safeguard the network
environment.
 Established and enforced security policies, standards, and procedures to ensure compliance and
mitigate risks.
 Led incident response and recovery efforts, minimizing the impact of security incidents and ensuring
business continuity.
 Provided leadership and mentorship to the security team, fostering skill development and a culture of
excellence.
 Built and maintained relationships with vendors and partners to enhance security capabilities and stay
updated on industry trends.
 Conducted security awareness programs and training sessions to educate employees on security best
practices.

2008-2010 –DGM (MANAGED INFORMATION SECURITY & IDC), BHARTI AIRTEL ENTERPRISE SERVICES LTD.
 Led all aspects of the organization's network and information security strategy and operations.
 Developed and executed comprehensive security strategies, aligned with business objectives and
industry standards.
 Collaborated with cross-functional teams to integrate security measures into the network and IT
infrastructure.
 Designed and implemented robust network security architectures, ensuring the protection of critical
assets and data.
 Evaluated and selected security technologies and solutions to effectively safeguard the network
environment.
 Established and enforced security policies, standards, and procedures to ensure compliance and
mitigate risks.
 Led incident response and recovery efforts, minimizing the impact of security incidents and ensuring
business continuity.
 Provided leadership and mentorship to the security team, fostering skill development and a culture of
excellence.
 Built and maintained relationships with vendors and partners to enhance security capabilities and stay
updated on industry trends.
  Conducted security awareness programs and training sessions to educate employees on security best
practices.

2006 TO 2008-SR. INFORMATION SECURITY CONSULTANT - MOHSIN HAIDER DARWISH LLC, SULTANATE OF
OMAN.
 Partnered with clients to assess their security risks and develop customized security strategies and
roadmaps.
 Conducted comprehensive risk assessments, identified vulnerabilities, and recommended mitigation
strategies.
 Led the design and implementation of security architectures aligned with industry standards and best
practices.
 Collaborated with cross-functional teams to integrate security measures into business processes and
technology.
 Assisted clients in achieving regulatory compliance (GDPR, HIPAA, etc.) through policy development
and controls implementation.
 Conducted incident response activities, investigated security breaches, and facilitated recovery efforts.
 Provided security awareness training and workshops to educate clients' staff on cybersecurity best
practices.
 Developed and delivered comprehensive reports and recommendations to executive stakeholders.
 Assisted in the development and implementation of security policies, standards, and procedures.
 Monitored security events, analyzed logs, and investigated potential security incidents.
 Conducted vulnerability assessments and penetration testing to identify weaknesses in the
infrastructure.
 Contributed to the development of incident response plans and participated in incident handling.

2000-2006-IT EXECUTIVE & CISO, SKJ GROUP SDN BHD, BRUNEI DARUSSALAM.

 Directed the IT department, overseeing technology infrastructure, applications, and support services.
 Developed and executed IT strategies to enhance operational efficiency, streamline processes, and
improve user experiences.
 Led the migration of critical applications to the cloud, optimizing resource utilization and scalability.
 Implemented ITIL-based service management processes, improving incident resolution and service
delivery.
 Collaborated with business units to identify technology solutions that supported their objectives and
goals.
 Managed the IT budget, ensuring cost-effective technology solutions and resource allocation.
 Led the implementation of disaster recovery and business continuity plans, ensuring IT resilience.

1996-2000-SYSTEM & NETWORK ENGINEER, INDIAN CONSULTANCY SERVICES.

 Provided technical support to end-users, resolving hardware and software issues in a timely manner.
 Managed user accounts, permissions, and access controls across various systems and applications.
 Assisted in the deployment of software updates, patches, and security fixes.
 Participated in IT projects, including office relocations and hardware upgrades.
 Contributed to the creation of user guides and technical documentation for internal knowledge base.
 Assisted in the maintenance of Active Directory, DNS, and DHCP services.
EDUCATION &TRAINING
 MASTER OF SCIENCE - INFORMATION TECHNOLOGY.
 BACHELOR OF SCIENCE - INFORMATION TECHNOLOGY.
 HIGHER NATIONAL DIPLOMA IN SOFTWARE ENGINEERING.
 Master Level Studies in “Strategic Management” from Indian Institute of Management –Bangalore.
 Master Level Studies in “Risk Management” from University of Oxford. United Kingdom.
 Master Level Studies in “Performance Management” from Performance-Soft, Singapore.
CERTIFICATION& TRAINING
 Certified Information system Auditor( CISA)
 TOGAF 9.2 Certified Enterprise Architect
 Certified Information System Security Manager(CISM)
 Certified Ethical Hacker(CEH)v8
 Certified Computer Hacking Forensic Investigator (CHFI)v8
 Information Technology Infrastructure Library (ITIL) v3.
 Microsoft Certified System Engineer (MCSE 2000)
 Cisco Certified Network Professional (CCNP)
 Advanced Training on Global Industrial Cyber Security Professional (GICSP)
 Advanced Training on Certified Information system Security Professional( CISSP)
 Advanced Training on Strategy &Performance Management/ Balanced Scorecards Solution Deployment.
 Advanced Training in Business Continuity& High Availability Management.