Shabbir Sadiq

Shabbir Sadiq – IT Professional Currently working as Information Security Consultant at Crowe Horwath audit firm Email:- Phone: - Skype: shabbirhussain52 Career Objective Motivated achiever with over 1 3 years of significant, progressive experience in IT and Telecom, focusing on systems administration, database administration, software development, client/server -based applications, custom development projects, IT Security Management as well as customizati on of packaged products, Experienced project manager who has successfully led multiple large project teams from requirements -gathering through to implementation and support. 2+ years of experience handling PWC (Price Waterhouse and Coopers) auditing end to end systems and processes. Extensive experience in conducting IT application audits as well as technology infrastructure audits. This includes conducting effective risk -based planning, designing and executing effective audit testing . 3 years of Professional Experience in Information Security Management Crowe Horwath (Feb-2018 to Present) Responsible for handling penetration testing, vulnerability assessments and security audits on clients. Developed and conducted Security Awareness Programs. Responsible for Information security audit at Pakistan stock exchange (PSX) brokers. Provide consultancy services to build necessary security platform in small and medium size business (SMB). Penetration Testing & Vulnerability Assessment Conducted penetration testing and vulnerability assessment of Pakistan Stock Exchange (PSX) brokers as per the PSX regulations. Information Security Consultant Vulnerability Management Penetration Testing   kali Linux, zenmap, Zap scanner       Up work Freelance (June 2017 to Present Established a successful freelance consultancy that provided Software Development, Database Administration, VoIP and Information security services. Handled projects from Small Office Home Office (SOHO) companies . Huawei Technologies(East Africa) (Nov-2015 to May-2017) Planned and implemented security measures to protect the IT Operations Platform of MTN Africa. Enforced MTN group information security vision and the information security management system (ISMS). Assisted in external audits by researching and resolving issues identified by PriceWaterHouse Coopers (PWC). Conducted vulnerability assessments using Qualysguard on a regular basis and working with teams for constant improvements. Using HP ArcSight Enterprise Security Manager (ESM) to identify and prioritize security threats, organize and track incident response activities, and simplify audit and compliance activities Access Control Connectivity Devices Security Devices Server Controls Central logs Security Monitoring Segregation of duties Configuration Mgmt Conducted White Box penetration testing of Karachi stock exchange brokers for Internet based trading system (IBTS) Independent IT Consultant Tools and Technologies Java, C#, VB.NET, Visual Basic, Java Servlets, ASP, ASP.NET, PHP, PERL , Oracle, MS SQL, MySQL , Asterisk-maintenance and support, Linux, Sun Solaris, Ubuntu, Red Hat, Centos . Security Management Qualysguard HP ArcSight Conn, Logger, ESM IT Audit Scripts for Operating system and Databases Analyzes different threats within a database and correlates the vulnerabilities based on risk level Page 1 13 years of Professional Experience in Software Development, Voice Over IP (VOIP) & Systems administration Sr. Linux & DBA Consultant Huawei Technologies(East Africa) (APR -2015 to OCT-2015) The Huawei Technologies managed services, managed networks, operations, network performance management to MTN Group a largest mobile operator in Africa. Huawei will continue to operate, optimize, transform and improve MTN’s operations and services with Huawei’s Managed Services Unified Platform and support from its global expertise in MAI (Measure, Analyze, Improve), to ensure greater efficiency and business value can be achieved at MTN. ISP Billing Consultant Ebone Network (Private) Limited (Nov-2011 to APR-2015) Responsible for design and implement ISP Billing system solution for managing large dealer’s network. Billing system was based on Linux and Oracle using Radius protocol connected via MikroTik. Separate radius servers installed for load balancing which was connected with centralized database server. Separate ledgers are maintained for each dealer with their users recharging. Each dealer having the credit limit and whenever the credit limit expires, dealer cannot recharge their users unless authorize or clear payment by central office. Sr. Software Consultant Tight Security (East Africa) (Dec -2011 to AUG-2013) One year contract to develop, implement and support the desktop application for security guards recruitment process. The application is based on .net framework 3.5, SQL server 2005, and using crystal reports 2012. Comprehensive database management and migration from Access to SQL Server. Call Center IT Manager OutSource Systems & Solutions (Jan 2012 to June 2012 6 Months Contract to manage the IT Infrastructure and Predictive Dialer Servers. Effective strategic IT planning and oversight of IT performance. Telecom / ISP Billing Manager Gerry’s Information Technology (Oct 2004 to Jan 2012) ISP Billing Manager VOIP Manager Responsible for configuration, development and management of ISP billing system, which was based on Linux, ORACLE, Java platform. Managing the DSL/Dial -up customers prepaid and postpaid billing by ensuring their monthly invoices are properly generated. IP PABX System administration for Karachi and Lahore based on opensource Asterisk & MySQL database which was implemented on Linux platform. THK Solutions (PVT) Limited (Jan 2000 to Sep 2004) Software Engineer Opportunity to participate as software engineer in Habib Bank Secure Message Exchange Project called (SIMEX). The project was develope d in C#, MS Access. The system was designed to perform daily routine data entry work in branches and in the evening automated dialer dials and connects the internet connection and connect to head office to send the branch XML data. My role is to develop data entry screens for various banking C# modules like remittance and design the crystal reports for branches. Also participated in the implementation of the software modules in branches to face real time situations and fix the errors. Skills Qualysguard, HP ArcSight Conn, Logger, ESM, Java, C#, VB.NET, Visual Basic, Java Servlets, ASP, ASP.NET, PHP, PERL, Oracle, MS SQL, MySQL, MS Access, Linux, Sun Solaris, Centos, Ubuntu, Asterisk-maintenance and support, incident and problem handling, Asterisk dial-plan syntax and constructs, Digital telephony using T1s and E1s, SIP and IAX protocols, Using AGI (Asterisk Gateway Interface) to execute external scripts , Predictive Dialer Education   MCS, Software Engineering, 2000 – 2002 from Central Pasific University Bachelor of Commerce (B.Com.), Commerce, 1998 from Karachi University Languages  English  Urdu  Gujrati Page 2