Imran Rasheed
Manchester
Summary
A Security Consultant with 20+ years of experience working across multiple industries, including Banking, Insurance & Government.
Developed and implemented self-service, preventative methodologies to enhance the company's cyber defence program. Collaborated with telecoms, government, and utility organisations to ensure alignment with industry standards.
A track record providing consultation services in various security areas, such as assisting the CISO office in board representation, Enterprise Security program, Governance, Business Continuity, and Technology Risk Management.
A proven record of preparing and achieving the ISO 27K, PCI-DSS, GDPR, Cyber Essentials accreditation, delivering security awareness training programs and writing and enforcing policy procedures, guidelines, and standards according to industry standards
Hands-on experience with SIEM tools, VAPT, risk and threat management solutions, DLP, content filtering systems, EDR, Compliance, and application monitoring technologies.
Acted as technical expertise in leading information security teams, developing security programs, analysing security incidents, and detecting and mitigating Advanced Persistent Threats.
Overview
18
18
years of professional experience
Work History
Cyber Security Architect
Euronet Solutions Ltd
01.2022 - Current
- Played a critical part in a law enforcement agency to develop and implement digital and manual information security best practices, worked closely with the CTO and produced Policies, procedures and standards
- Spearheaded the development and execution of digital and manual information security best practices, resulting in a 30% decrease in cyber threats and enhanced protection of sensitive data within the law enforcement agency
- Formulated, advised, and executed cybersecurity policies and frameworks, achieving ISO27001, implemented the NIST and CIS frameworks
- Effectively communicated cybersecurity strategies to board and C-suite executives
- Orchestrated collaboration among IT, application team, business team and supply chain threats
- Designed and implemented a holistic Business Continuity Plan for critical business functions, ensuring a swift and effective response in case of disruptions
- Implemented security controls in a cloud services environment, Azure and AWS environment
- Manage the public, private, and hybrid cloud apps in SaaS, PaaS, and IaaS.
Information Security Consultant
BARCLAYS BANK
09.2020 - 05.2022
- Proficient in the administration of Qradar, Tenable IO, and Splunk, ensuring optimal performance and accurate log analysis
- Collaborated closely with the program manager to develop and review the overall security infrastructure, aligning with industry best practices
- Engaged with business stakeholders to ensure compliance with ISO27001, NIST, and CIS Top 20 security controls
- Analysed applications of High-Level Design (HLD) and Low-Level Design (LLD) to make sure cybersecurity controls are met as per bank policies
- Vetted and reviewed various end-to-end application solutions to enhance security measures in data in motion and data at rest principals
- Provided valuable insights and recommendations as part of the department's Change Advisory Board (CAB) processes
- Worked collaboratively with application owners to implement robust incident response plans, minimising downtime and mitigating potential data breaches
- Conducted thorough reviews of network architecture and configurations, proposing optimisations and information security recommendations.
Cyber Security Specialist
ABN-AMRO
07.2020 - 10.2020
- While consulting, worked on refreshing the SOC, identified areas of improvement, and reviewed the incident response process and runbooks
- Playbooks
- Created short-term and long-term plans to address these gaps and submitted my recommendation in migrating from the existing platform to new platform
- This included migrating from the existing SIEM (Qradar) to Splunk enterprise and AV to EDR
- Performed audits and testing of controls in Network Vulnerability Assessments, SOC audits, IS security audits implementation in infrastructure Firewalls, Proxy, WAF
- Using Qualys Tenable IO for Vulnerabilities Assessment on-premises and cloud applications
Subject Matter Expert
RBS
Edinburgh
10.2019 - 07.2020
- (SME) in the information security system for cross-functional teams, providing a threat modelling framework in application security
- Advise internal teams on cybersecurity measures during the automation process and API integration firewall and SDN automation program
- Regularly communicate progress and insights with executives throughout the automation project
- Enhance and optimise service offerings related to Networks, Application Security, Web Application Firewall (WAF), DNS, Splunk, and CrowdStrike (Falcon)
- Provide consultation on solution designs and the integration of secure-by-design principles into the overall solution architecture
- Identify and proactively mitigate security incidents, ensuring adherence to established security standards
- Develop and implement automated metrics to measure and enhance the effectiveness of the security strategy.
Information Security Consultant
LFAB
08.2019 - 10.2019
- Created and managed security accreditation packages for
- Reviewed Security assessment reports and developed risk mitigation plans as per the Mitre attack framework
- Implemented OWASP top 10 security risks vulnerabilities through LFAB security infrastructure
- Led the implementation of the security framework throughout the bank in accordance with ISO27001, NIST and CIS top 20 controls
- Managed and developed a team of eight highly expert professionals at LFAB.
Information Security CONSULTANT
HSBC
04.2017 - 08.2019
- Delivered five projects as an Information Security Specialist, where creating and managing the bank Asset Register
- Examining internal IT controls exposure as per NIST, CIS and ISO controls for the Network and firewall infrastructure for risk mitigation
- Application Risk Management Project, Budget: £300K
- Creating and managing the device and application risk registers with the asset owners on a day-to-day basis
- Examined internal IT controls, evaluated design and operational effectiveness, determined exposure to risk, and developed remediation strategies
- Collaborate with teams from different departments to create and put into action secure network architecture controls
- Provide expertise in regulatory compliance like ISO, PCIDSS, NIST and ensure asset owner and product owner adhere to relevant standards.
Application Design Consultant
Hewlett-Packard
08.2014 - 03.2017
- Part of the infrastructure design team for the expansion of the DWP Universal Credit System
- Successfully migrated infrastructure from legacy network devices to a new cloud network and firewall infrastructure by designing HLD and LLD for the new application, legacy application migration strategy, and Disaster recovery DR solution, along with capacity planning, risk analysis, and redundancy configuration
- Installed and configured Junos firewall in paired on the perimeter and down to the LAN
- Provided technical expertise in GTM design and changes, Adding Listeners, Wide IPs, pools, Load balancing methods, and DNS troubleshooting
- Created VS, VIP, pool, and customise profiles in F5 LTM
- Designed and configured F5 GTM, ASM, and LTM on VIPRION Chassis and single Appliances like LTM 10000, GTM 2000
- Upgraded V11 to V11.6, patched and configured the F5 boxes from Standalone to VIPRION platform
- Configured and maintained Forum Sentry and ASM for WAF
- Configured and managed the CDN on
Cybersecurity Specialist
IBM
08.2016 - 12.2016
- Conducted black box and white box pen-testing to evaluate vulnerabilities and flaws within the internal and external systems
- Worked on Co-op bank account for a migration project to set up a new WAF (F5) and SIEM (Qradar)
- Technical implementation and support ' IBM QRadar SIEM (SOC) project where performed event/flow correlation of event logs, parsing and managing correlation rules
- My responsibilities included monitoring and prioritising events, alerts, and tips for further investigation, as well as gathering evidence of security investigations regarding incidents such as malware, data loss, and network intrusion
- Designed existing QRadar SIEM platforms in a distributed environment.
Network/Firewall Infra Design Consultant
Barclays Bank Plc
01.2012 - 07.2014
- Managed IP network/firewall infrastructure, including the deployment of Juniper, Checkpoint, and Cisco switches and routers
- Installation and maintenance of large Juniper MX and T-series routers in line with the bank's set standards
- Configuration FW rules, zones, Interfaces and sub interfaces, IPsec VPNs using the NSM platform
- Resolving technical issues by troubleshooting during the migration of the network
- Deployed many Site-to-Site VPNs, in production and DMZ environment
- Configured and administered F5 LTM, profile, PKI certificates, TLS, VIP, Pools, and SSL terminations
- Monitored multi-vendor Firewalls using Skybox, firewall assurance, network assurance, and change management
- Integrated firewalls with skybox
- Managed checkpoint R65/R71, VSX, with provider 1 and Smart dashboard, upgrading checkpoint R71 to R75.40
- Integrated Cisco ISE with Cisco WLC 44xx for BYOD for guest services LAP authentication and authorisation
- Lead Engineer in multiple projects following the merger of Barclays Capital and Barclays Retail
- Designed and configured F5 GTM, ASM, and LTM on VIPRION Chassis and single Appliances like LTM 10000, GTM
- Co-ordinated with server & application team for network connectivity in virtualisation environment (Citrix, VM platform)
- Planned and organised meetings with third parties and suppliers to discuss project progress and any technical issues
Network Designer
Ericsson UK, UK MBNL
London
01.2009 - 01.2012
- T-Mobile, Orange & H3G) IP/ETHERNET PROJECT
Team LEAD
British Telecom UK
06.2006 - 12.2008
- Reuters BT-MPLS | PROJECT, IP-MPLS (Service Delivery) Team, Awarded 2nd employee of the year 2008
Education
MSc - Mobile Computing and Communication
03.2008
Training and Certification Certified Chief Information Security Officer (CCISO) in progress Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker Certified Information (CEH) Certified Information Security Auditor (CISA) ISO 27K Lead Implementer Crowd strike EDR administration. Splunk Enterprise Prince 2 practitioner CCIE Security Written Juniper Networks Certified Internet Associate Check Point Certified Security Administrator Certified Big IP Administrator F5 (101, 201) Fortinet Certified Network Security Administrator AWS Certified Solutions Architect – Associate Microsoft AZ-900 - undefined
Skills
- AREAS OF EXPERTISE & TECHNICAL SKILLS
- IT Governance, Risk Management
- Cyber Security,Network Security
- Application Security
- SDLC Management
- Budget management
- Stakeholder Communication
- Process Improvements
- Information Security Awareness
- Data Migration
- GDRP Compliance, PCI DSS Compliance
- Data center technologies
- Firewall deployment and Management
- Cloud security, Azure, AWS
- Here are some technical skills related to network and security operations and management:
- NOC and SOC operation and management
- Troubleshooting and upgrading
- Security tools: NMAP, Nessus, Wireshark, John The Ripper, Nagios, Cacti, NET Stumbler, Metasploit, and more
- Security/Firewalls Technology: IPSec, VPNs, Cryptography, AAA Model, Access Lists, IOS Firewall, DDoS and common threats prevention, and IAM
- App Security: LDAP injection, SQL injection, XSS injection, AJAX Spider, Dynamic SSL cert, Forced browsing
Accomplishments
- Security compliance, audit and assessment
- Internal and external compliance against best practices ISO27001 Security compliance, audit and assessment
- Internal and external compliance against best practices
- Assessment against ISO27K, ISO31K, PCI-DSS, PSR, NZISM, SWIFT (CSP), NIST, SANS, CIS, OWASP, SOC2
- Risk Management :
- Create policies, procedure, guidelines and standards Risk and control framework development
- Risk assessment
- Cyber maturity assessments
- Third part risk assessments
- Business Continuity/ Disaster Recovery:
- BCP/DRP Plan development and enablement
- BIA and RA creation
- BIA/DRC maturity assessment
- Cyber Security:
- SOC, SIEM (QRadar), IBM IDPS (XGS), Riverbed Steel Central Application performance monitoring (APM) Packet Analyser, NetShark, Web Analyser, NetProfiler, HP Arc sight, OWASP, and ISO27001
References
Reference
Reference: will be provided upon request.
Timeline
Cyber Security Architect - Euronet Solutions Ltd
01.2022 - Current
Information Security Consultant - BARCLAYS BANK
09.2020 - 05.2022
Cyber Security Specialist - ABN-AMRO
07.2020 - 10.2020
Subject Matter Expert - RBS
10.2019 - 07.2020
Information Security Consultant - LFAB
08.2019 - 10.2019
Information Security CONSULTANT - HSBC
04.2017 - 08.2019
Cybersecurity Specialist - IBM
08.2016 - 12.2016
Application Design Consultant - Hewlett-Packard
08.2014 - 03.2017
Network/Firewall Infra Design Consultant - Barclays Bank Plc
01.2012 - 07.2014
Network Designer - Ericsson UK, UK MBNL
01.2009 - 01.2012
Team LEAD - British Telecom UK
06.2006 - 12.2008
University of Greenwich - MSc, Mobile Computing and Communication
- Training and Certification
Certified Chief Information Security Officer (CCISO) in progress
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker Certified Information (CEH)
Certified Information Security Auditor (CISA)
ISO 27K Lead Implementer
Crowd strike EDR administration.
Splunk Enterprise
Prince 2 practitioner
CCIE Security Written
Juniper Networks Certified Internet
Associate Check Point Certified Security Administrator
Certified Big IP Administrator F5 (101, 201)
Fortinet Certified Network Security Administrator
AWS Certified Solutions Architect – Associate Microsoft AZ-900,