-
๐ Hi, Iโm jamal hussain shah
-
๐ฑ Experience as a Cyber Security Consultant
-
Initiated and led a project to improve the existing Information Security Management System (ISMS) as per the guidelines outlined in cybersecurity standards such as ISO 27001 and 27002 and IEC 62443
-
Building secure and compliant networks in line with CIS v8, ISO 27001, SOC 1 type II, IEC 62443, and other key standards.
-
Configuring the GCP and AWS cloud architecture in line with ISO 27001, ISO 27017 and ISO 27018 requirements.
-
Effectively perform different cyber security assessments including elaborative Risk Assessments basedon IEC62443, NIST or equivalent, dedicated towards Operational Technology (OT) engagements.
-
Comfortable in performing Technical Vulnerability Assessment and Penetration Testing on OT environment with tool based and manual methods.
-
Conducting ICS/OT site assessments to identify business critical systems and develop effective risk mitigation measures.
-
Develop cybersecurity architectures for IT/OT integrated environments detailing out component level information.
-
Develop IT/OT Operating model, Governance frameworks including Development of Policies, guidelines,and procedures apt for the specific business environment of clients
-
Large scale design and implementation of OT Visibility and Threat management solutions covering all OT systems and devices across plants considering network performance and security requirements.
-
Design IT/OT Security Operation center (SOC) strategies, implement technical integration solutions, and develop SOC use cases.
-
Developing OT cyber security strategies, developing and implementing transformation programs.
-
Drafting and presenting impactful reports as part of delivery activities suitable for Plant Operation,
-
Maintenance stakeholder as well as management & cybersecurity stakeholders including and up to C-level executives.
-
Support business development by preparing responses to RFI & RFPs by clients including effort estimation.
-
Support innovation by identifying and developing potential accelerators to bring in efficiency in terms of offering and delivering.
-
Building and developing long term relationships with all stakeholders internally and with clients.
-
Extensive knowledge and experience (designing, commissioning, or maintaining) ICS systems e.g.,SCADA, SIS, EMS, DCS or PLC. Experience in supporting or troubleshooting industrial protocols such as Ethernet/IP, OPC, Modbus, Profinet, HART, FF etc.
-
Strong experience in designing and configuring network security devices like next generation/OT firewalls of popular vendors, IDS, IPS etc. and endpoint security solutions apt for OT environments
-
Developed and evaluated technology policies, technical engineering standards and operational procedures in line with ISO 27001, 27017, 27018, and IEC 62443
-
Hands-on skills with Wazuh (SIEM and FIM), Nessus (Vulnerability management), Open Audit (Assetmanagement), NGINX (Web application Firewall), Metasploit, security onion and OSSEC tools.
- CISSP (Prep Completed Exam Schedule December 2022)
- ISO Lead Implementer & Auditor 27001,27002,27017,27018
- CIS Top 20 Controls Implementation
- SIEM a Hands-On Approach In Line With Various Frameworks and Standards
- Ethical Hacking & Incident Response Management
- SCADA / ICS Security & Prevention & Detection
- Vulnerability Assessment In Line With Various Frameworks and Standards
- Web Application Pentesting& Ethical Hacking in line with various frameworks
- Network Pentesting and Ethical Hacking in line with various frameworks
- Machine Learning-Supervised & Unsupervised
- Linux RHEL Intensive Boot Camp
- Programing in Python
- Programing in R
- Data Collection & Data Wrangling
- Exploratory Data Analysis
- Computer Networking & Hardware Solutions
NOTE: ALL CERTIFICATION DETAILS CAN BE FOUND ON MY LINKEDIN ACCOUNT WWW.linkedin.com/in/jamalhussainshah
- ๐ซ How to reach me [email protected]