KAMRAN NAHIDI

4513 Tipton Lane * Alexandria, Virginia 22310 * (571)226-0549 * knd83b70@westpos

t.net

QUALIFICATIONS SUMMARY
Highly creative and client-focused Information Technology Professional with over
seven years of industry experience spanning every aspect of the design, implem
entation, configuration, management and support of complex, mission-critical LAN
/WAN network security solutions for a virtual who's-who of Fortune 100 companies
across the United States. Capabilities include an extremely broad knowledge bas
e and familiarity with the latest cutting-edge technologies, including firewalls
, VPN, IDS, and IPS. In-depth knowledge of TCP/IP, high availability, load balan
cing, and remote management complements outstanding relationship management, ana
lysis, and problem resolution skills as well as outstanding organizational, mult
itasking, and team building skills at all levels. Proven ability as a resourcef
ul coordinator, quick to learn new skills in fast-paced IT environments. Speak F
arsi and Portuguese.

TECHNICAL SKILLS
Firewalls: Checkpoint, Cisco Firewall Service Module, Cisco PIX, Cisco ASA, Nets
creen
Intrusion Detection & Prevention: Enterasys Dragon NIDS, Snort, Cisco Secure NID
S, ISS Proventia Series, McAfee IntruShield, TippingPoint, Juniper IDP
Network Security Tools: Nmap, Nessus, ISS InternetScanner
Security Management & Log Retention Management: Netscreen Security Manager, Ente
rasys Dragon Manager, Site Protector, ISS Internet Scanner Console, Cisco Works,
Cisco Security Manager, IntruShield Manager, Cisco MARS, LogLogic, SkyBox
Platforms: Microsoft Windows XP/2000/NT, Red Hat Linux, Sun Solaris UNIX, FreeBS
D, & Nokia IPSO

CERTIFICATION & TRAINING

Checkpoint Certified Security Administrator (CCSA)
Checkpoint Certified Security Expert (CCSE)
McAfee IntruShield Technical Certification
ISS Product Line Certification
SkyBox Technical Certification

PROFESSIONAL EXPERIENCE
NETWORK SECURITY ENGINEERING TEAM LEAD
JUNE 2010 - PRESENT
BT COUNTERPANE - CHANTILLY, VA
* Currently managing a team of eight security engineers who were responsible for
building/deploying security devices in customer networks and for the full manag
ement/maintenance of those devices
* Responsible for playing a strategic roll by developing the team into a group
of highly technical engineers, in parallel implementing procedures and actions w
hich will act as proactive measures in providing value to our customers
* In the process of creating the team SOP covering all operational and organizat
ions policies and procedures
* Provide Tier-3 troubleshoot support on all managed devices and supported techn
ologies
* Responsible for handling customer escalation issues and putting together after
 action reports when necessary
* Migrated the team to a central email inbox so work inquiries become visible to
the entire group
* Putting auditable procedures in place to ensure work orders are addressed in a
timely fashion
* Building a formal Tier2-3 hands-on training program which will cover the opera
tion, navigation, and troubleshooting for all managed devices and supported tech
nologies
* Project lead for migrating all customer terminating VPNs from Juniper technolo
gy to Cisco technology
* Created a central knowledge base on an internal wiki server and filled it with
popular KBs. Motivating team members to produce KBs in an effort to continue gr
owing the information wealth on the server
* Responsible for taking part in the design and implementation of the "follow th
e sun" model between the BT SOCs in the Americas, Europe, and Asia Pac. Currentl
y working on linking procedures and work orders between the Chantilly SOC and Ne
w Jersey SOC.
SECURITY ANALYST TEAM LEAD OCTOBER 2
009 - AUGUST 2010
BT COUNTERPANE - CHANTILLY, VA
* Managed a team of ten security analysts who provide a security event analysis
roll, level-one network security engineering support, and a switchboard function
for the SOC
* Created a 100+ page SOP covering all operational and organizations policies an
d procedures
* Empowered the team to be capable in providing level-one support for the Networ
k Security Engineering team by providing formal hands-on training and by impleme
nting step-by-step procedures
* Ensured all team members understand and are onboard with the SOC mission state
ment and goals
* Ensured the team has quarterly/annual objectives and goals
* Ensured the team performs quality analysis of security events via routine audi
ts/coaching
* Ensured the team provides customers accurate and insightful analysis of securi
ty events in a timely manner
* Ensured all team members providing top notch customer service via routine audi
ts/coaching
* Ensured all work within team is being recorded in a work order, copiously nota
ted, and ensuring the requests are addressed in timely fashion
* Ensured SOP processes and procedures are accurate, efficient, update-to-date,
and scalable
* Ensured Tier-1 team members stay motivated and always feel job satisfaction by
providing incentives for excellent performance, training to keep the them chall
enged, an advancement path for career growth, etc.
* Created and instructed intensive internal technical/procedural training progra
m(s) in place to continue raising the bar for technical/procedural knowledge wit
hin the team
* Ensuring sufficient coverage is in place for all three shifts 24/7

NETWORK SECURITY ENGINEER OCTOBER 20

06 - OCTOBER 2009
BT COUNTERPANE - CHANTILLY, VA
* Provide 24/7 technical support for managed security services, security enginee
ring, infrastructure, management, and sales groups. Manage and monitor client se
curity devices worldwide.
* Perform installs, configure and troubleshooting on stateful inspection firewal
ls and inline/passive IPS/IDS sensors.
* Perform firewall migration projects between different technologies.
* Serve as lead on configuration and troubleshooting VPN's on all vendor firewal
l devices.
* Serve as Subject Matter Expert on global operations projects and architect net
work security solutions for customers utilizing a variety of cutting edge techno
logies (firewall solutions, IDS, and IPS).
* Perform Q/A testing on new network security technologies and appliances.
* Provided technical expertise in pre and post sales engagements.
* Maintain and develop content for the organization's internal technical knowled
ge base as well as technical documentation and best practice procedures for the
Managed Device Team.
* Develop business processes and improvement procedures for the Managed Device T
eam.
* Developed a technical training curriculum and serving as the technical trainer
/mentor for new and existing hires.
* Provide advanced training seminars for the Managed Device team on managed secu
rity platforms.
* Provide high level support for FW/IPS platforms.
* Uphold positions in providing 24/7 on-call support rotation for our managed cu
stomer base.

INFORMATION SECURITY ENGINEER MAY 2006 - OCTOBER 2006 (G

OV. CONTRACT)
LOCKHEED MARTIN - WASHINGTON, D.C.
* Daily analyzed network traffic looking for trends and or malicious activities,
created vulnerability report with action plans.
* Briefed senior operations managers on quality assurance concerns, security imp
lementations, and hardware inventories.
* Teamed with partners and management to implement improved operational procedur
es and advise customers on IT security best practices.
* Defined/tracked 'how to' documents for supported FW/IPS platforms.
* Configure and troubleshoot VPN's on infrastructure VPN devices.
* Provided support for infrastructure FW/IPS platforms.

INFRASTRUCTURE SECURITY ENGINEER FEBRUARY 2006 - MAY 2006 (GOV. C

ONTRACT)
APOGEN TECHNOLOGIES - WASHINGTON, D.C.
* Defined, tracked, and maintained standard baselines and configuration sets for
NOC managed and monitored security devices, as well as technical expertise and
operational knowledge standards for the organization.
* Performed network security equipment repairs, installs, removals and upgrades.
* Performed audits on all vulnerable aspects of the Infrastructure and create vu
lnerability reports with patch recommendations.
* Provided support to end-users, performed troubleshooting, and resolved network
and software issues.
* Interfaced with vendors and service providers ensuring that hardware or softwa
re problems were dealt with efficiently and effectively, with minimal downtime.

NETWORK SECURITY ENGINEER May 2005 - December 2005

SYMANTEC CORPORATION - Alexandria, Virginia
* Administered industry best practices in flagship security operations center (S
OC). Direct organizational projects to timely completion and spearhead network s
ecurity audits/modifications for clients.
* Implemented and integrated new security solutions into existing customer netwo
rk infrastructures and coordinate network security audits and changes with clien
ts.
* Configured site-to-site and client VPNs and identify and resolve firewall and
VPN connectivity issues.
* Defined/tracked standard baselines and configuration sets for all SOC managed
and monitored security devices, as well as technical expertise and operational k
nowledge standards for organization.
* Served on Technical Team that oversees every phase of highly complex global op
erations projects. Architect network security solutions utilizing a variety of c
utting edge technologies.
* Ensured alignment of client requirements with operational capabilities. Deploy
improved SOC operational procedures and advise customers on IT security best pr
actices.
* Developed technical documentation and content for the internal technical knowl
edge base.
* Mentored new security engineers for the Managed Security Services group.
NETWORK ENGINEER January 2001 - May 2005
MAN ENVIRONMENTAL SERVICES - Alexandria, Virginia
* Set up and administered servers for development and production environments. M
onitored and maintained aspects of information technology infrastructure and sys
tems.
* Maintained Local Area Network connectivity including switches, routers, wiring
closets, and drops to the desktops.
* Responded to emergency outages, disaster recovery, and the corporate firewall.
* Analyzed and developed improved security procedures to increase productivity a
nd profitability. Performed security audits and patch development on production
servers.
* Provided support for internal network and system related trouble tickets.
* Managed corporate Checkpoint Firewall implementing security rules and mitigati
ng network attacks.
* Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/
VPN-1
* Migrated previous corporate Checkpoint 4.0 Firewall-1/VPN-1 on Windows NT to N
okia IPSO appliance for increased performance and stability.

FORMAL EDUCATION
Finishing Bachelor of Science, Business Administration (MIS concentration)
George Mason University - Fairfax, VA
IT & Network Engineering Studies, Northern Virginia Community College

REFERENCES
Available upon request