Breaking the Kubernetes Kill Chain: Host Path Mount
Irfan Ur Rehman
1. Irfan Ur Rehman
Email: irfan_cisco@yahoo.com
+92(345)-8555580
PERSONAL STATEMENT
To work as a Key Management Professional in the field of Information Technology with an urge to explore current market that would
suffice IT needs of organization, ideally, in an Information technology/Information Security and business development capacity with an
emphasis on strategic planning & risk management. Solutions-oriented specialist with notable success leading a broad range of corpo-
rate IT initiatives while participating in development and implementation of high availability/information-security solutions in direct
support of business objectives. Over ten years of experience in the areas of network security, high-availability, LAN/WAN, TCP/IP pro-
tocols, telecom, enterprise environments, UNIX and RDBMS environments, Sun servers and Disk Arrays, and Cisco equipments. Skilled
in designing large-scale infrastructure, capacity planning, implementing technology solutions, leading multi-large projects, and manag-
ing IT budget of over millions dollars in technical lead. Each position that I have served has added a broad range of skills to my corpo-
rate profile. Every company that I have worked with has exposed me to a new type of work environment and organizational culture.
Each employer has given me confidence by expressing their satisfaction with how I accepted responsibility and effectively utilized the
authority that I was allocated. In addition to my broad technical expertise, I have significant technical sales, field, and management
experience. I believe my ability to build strong relationships with internal and external customers, and the high level of technical exper-
tise I posses, provides an organization with a dual resource / asset.
KEY SKILLS
• Ability to meet deadlines - Time Management
• MPLS (Traffic Engineering), Layer 2 VPN, Layer 3 VPN, Quality of service (QOS), PPP (Dial on Demand Routing)
• Cisco/Juniper Firewalls ASA, Net screen, SSG, GRE tunnels,
TACACS and Radius Servers, IPSec, DES, 3DES
• OSPF, ISIS, EIGRP, IGRP, RIP, BGP and RIP V2
• Risk Categorization (People, Process & Technology), Assessing risk based on matrices, defining risk quadrant based on
impact and likelihood of risk.
• Achievement of Marketing Targets
• Resource Handling and Team Building
• Proposing technical and commercial dynamic strategic plans.
• Ability to support mission critical network / system environment on 24X7 operations
• Design, deployment and management of IP Networks
• Linux , Sun Solaris Operating Systems and Servers
• Designed, engineered and administered enterprise sized Network Security Firewalls and Virtual Private Networks
(VPNs)
• Comprehensive knowledge of VOIP Network/Operations, Wired, Wireless & WAN Network setup.
• Development of Security Policy & procedures in alignment with Business needs.
• Development of cost effective risk management framework mapping identified risk and security Policy.
• Conducting business Impact Analysis, Identify controls, Develop recovery strategy, plan testing, training and user
awareness, and plan review and maintenance for development of business continuity and disaster recovery plans
(BCP / DRP)
• Frameworks / Standards used: ISO 27001, ISMS (Information Security Management System), Reserve State Bank of
Pakistan Audit Policy Framework/Guidelines for the Banking and Financial Sector.
• Concepts: PKI & Cryptography, Access Control & Identity Management, Network Security & Ethical Hacking
• Knowledge sharing, training, motivating and development of team members
Network hardware
J6300, M10i, M7i, SRX, SSG, Cisco 7609, 7206Vxr, 3600, 2500 and 1600, 1700 Series Cisco/Juniper routers/firewalls, Catalyst 6500,
2900, 1900, 2900XL, 3500XL, 3550 series Cisco Switches.
Page 1 of 6
2. Academic Qualifications
B.SC (COMPUTER SC)
Professional Certifications
CCNA, CCNP, JNCIA(ER), JNCIS(ER), CCIE-SP (written), CISSP (In progress)
Professional Trainings
EMC (DLP, BACKUP/ARCHIVE, DISK ARRAYS, GATEWAYS), SAGAM (SIMMENS) WIMAX PRODUCTS
PROFESSIONAL EXPERIENCE
Access Communication Solutions 1st Mar 2010 - Current
ACS has a solid foundation and over 6 years of Technology Solution, Support and Service, ACS has evolved alongside technolo-
gy. Focusing on Telecom Operators, Enterprise and small to medium sized businesses since 2003. ACS is a part of Qasmia Fero-
zia Group. The Group acquired the company from Emitac Bukhatir Group in December 2009. Qasmia Ferozia Group of compa-
nies was established in 1935, has a custom of brilliance in commodity and services business in Pakistan
Solution Architect (Head Juniper Solutions)
I am serving as the juniper project owner for all ongoing and upcoming Juniper projects. I am responsible for design, build,
configuration, monitoring, support and maintenance for an enterprise/service provider LAN/WAN that consists of Juniper
technologies.
Core Roles:
• Presents and translates the design to customers to ensure the design will meet the customers' requirements
• Describing the strategy and design to a broad spectrum of stakeholders and engage with delivery teams at strategic level.
• Designing complex and cost effective infrastructure solutions which include performance assurance, scalability, availability
etc.
• Coordinate with Product Marketing teams to incorporate product messaging into aggregate solutions.
• Accountable for proactive customer/partner support, including formal presentations and informal discussions of Juniper so-
lutions.
• Responsible for technical aspects of end-to-end solutions delivery, deployment, system integration, and customer accep-
tance of the project
• Act as a prime point of contact with the customer for all technical issues during the all post- sales phases including system in-
tegration and customer acceptance
• Support project/program manager for project planning, scheduling, technical risk assessment and mitigation
• Prepare technical training material, and deliver training programs towards external customers
• Interface with external third party vendors and internal cross functional teams (engineering and R&D) to ensure on-time de-
livery of technical solutions, and compliance for product specifications and accuracy as per RFP response.
• Possible Research and Development Strategies
• Develop a plan to kick-start the sales cycle.
• Exploring the principles of successful objection handling.
Page 2 of 6
3. Tameer Microfinance Bank Limited (Information Security Division) Oct 2009 – March 2010
TAMEER is a Microfinance bank managed by a group of highly experienced bankers committed to go where no (commercial)
bank has gone before. It is a private commercial Microfinance bank licensed by the State Bank of Pakistan under the
Microfinance Ordnance 2001.
Tameer in November 2008 entered into an agreement with Telenor Pakistan who acquired 51 per cent of the shares in Tameer
Microfinance Bank. Telenor Pakistan (TP) and TMFB are jointly working on a ‘Mobile Banking’. The acquisition of 51 per cent of
the shares in Tameer Microfinance Bank is part of strategy to offer financial services in Pakistan
Sr. Manager Information Security (Consultant)
I am serving as the process owner for all ongoing activities that provide for the confidentiality, availability and integrity of Ta-
meer Bank employees, and business information in compliance with applicable laws, regulations, and organizational policies,
the principal point of contact for information assurance activities. I am responsible for ensuring that management; operational
and technical policies and controls for securing systems are in place and are followed. This includes ensuring that appropriate
steps are taken to implement information security requirements for IT systems throughout their life cycle, from the require-
ments definition phase through disposal. This also includes collaboration with business process owners to ensure that opera-
tional and IT processes work together to maximize information security.
Core Roles:
• Information Security team responsible to ensure adherence to technology standards.
• Security Incidents investigations.
• Conduct vulnerability assessment / threat assessment of applications/Networks/systems etc.
• Responsible for developing IS policies, Procedures and management to comply with ISO/Telenor Pakistan Information
Security Standards.
• Review systems development and maintenance projects for adequacy and effectiveness of security controls.
• Conduct or liaise with other teams for system security planning, developing and auditing security policies across multiple
platforms through automated or manual means.
• With Management and Counsel, defines, documents and implements information security policies and procedures.
• Monitors compliance with the organization's information security policies and procedures among employees, contractors, al-
liances, and other third parties.
• Performs security risk assessments and application-level vulnerability testing and reviews.
• Leads security projects including requirements definition, task planning, research, testing, implementation, and manage-
ment.
• Leads the internal Information Security Committee.
• Leads the development and delivery of security awareness materials, security presentations, and information security train-
ing sessions that foster information security awareness within the organization
• Working with Management, prepares and maintains the organization's disaster recovery and business continuity plans for in-
formation systems.
• Monitors advancements in information security technologies.
• Monitors changes in legislation and accreditation standards that affect information security. Serves as the information secu-
rity liaison for all internal and external information security reviews and information security audits.
• Reviews all information security plans throughout the organization's network.
• Prepares and maintains the organization's incident response plans for information security incidents. In coordination with
Counsel, tracks and investigates breaches in security.
• Supervises the design and execution of vulnerability assessments, penetration tests and security audits. EDUCATION and EX-
PERIENCE.
• Core Network Design.
Page 3 of 6
4. Askari Bank Ltd (Electronic Technology Division) JAN’2007 – OCT 2009
Electronic Technology Division is working as a Division of Askari Bank (Ltd) one of the pioneer in Pakistan’s banking industry.
ETD is responsible to serve IT and Telecom to all Pakistan 10 organizations working under ACBL and Army Welfare trust.
Sr. Information Security Officer
After design & implementation of Country wide & core network I am designated to perform Information security management
system tasks with aspect to standards of ISMS & ISO27001 standards. Askari Bank includes a significant focus on information
and network security performing many risk and security assessments as well as technical remediation
Core Roles:
• Information security policies, procedures, and security awareness program for Data protection
• Conducted comprehensive evaluations of security controls and analyzed risk of system operations
• Conducted the Ongoing reviews of all vulnerabilities for key systems belonging to Bank - Review security patches for all af-
fected systems.
• Performed periodic vulnerability scanning of internal & External network/systems
• Implemented centralized documentation system to enforce structured development and provide recovery
• Lead for incident response -- handled isolation, determination, correction, and communication
• Developed and implemented auditing processes and procedures to insure systems are network compliant
• Performed assessments and investigated potential security incidents and exposures for organization. Reported findings and
recommendations to Senior Management
Asst. Manager Networks
Currently positioned as an Asst Manager Networks which requires a combination of technical, managerial & administrative
expertise. The main goal is to REVAMP the whole Askari Commercial Bank Ltd Network Infrastructure and implement High Se-
curity on 168 locations that includes the revamp of Data Center with the implementation of DRS as per the State Bank of Pakis-
tan Policy, based on BASEL II (policy document)
Core Roles:
• Designing of Country wide Network Infrastructure
• Designing and Implementation of IT Security Policy
• Standardizing and Finalizing Network Equipments and technologies
• Designing Enterprise VOIP and Branch Network of 168 Country Wide locations
• Heading a team of 200 Operational Engineers Country wide
• Presenting Project reports (Presentations) to Management and Executive Committee
• Strong coordination with other departments (Finance, HR, Procurement, Consumer banking)
Braintree Group JAN’06 – NOV’2006
Braintree Group is a boutique BPO service provider that is catering to small and medium sized companies around the world
enabling them to leverage our process expertise, global infrastructure and passionate eye for quality. Braintree Group business
is based on three unique and independent verticals; Customer Contact Center, Agents Training and BPO Captives. The company
runs its operations in New York, Florida, Islamabad, with partner sites in Chicago, Ottawa and Toronto.
Manager IT & Operations
This position demands a combination of technical, commercial and managerial abilities.
Core Roles:
• Liaison with all team members of the operation department for the smooth workflow
• Coordination with Manager Marketing and Manager Business Development of Promero & NovaTel ASP for Support & Maintenance
policies
• Formulation of Service Levels, overall Business policies, Task procedures and Work flow for the Approved Vendors.
• Assurance of Customer registration & Complaint Escalation with the help of CRM.
• Videocon & TeleCon Meetings with International customers for briefing and project scheduling.
• Floor Management & Supervision of Customer Help Desk, Direct Sales Team performance and Technical Assistance Center (TAC)
• Prompt escalation of Network outage to Centralized NOC for restoration of connectivity.
• Possible Research and Development Strategies
• Expanding methods of gathering leads and generating new business via telemarketing.
• Develop a plan to kick-start the sales cycle.
• Exploring the principles of successful objection handling.
• Investigating alternative marketing call approaches.
Page 4 of 6
5. Cyber House (Pvt) Ltd. FEB, 2004 –Jan 2006
Cyber House (Pvt) Ltd is one of the top Network Solution Provider in the country with a multitude of IT Solutions in its arsenal.
Established in 1999, Cyber house has earned a reputation for its quality and diversity. With Sub projects like Software Houses,
Call Center, ISP, Fax store and forward services and Cyber House Consulting, Cyber House has provided a diverse exposure in
different Fields of IT over the period of employment.
Deputy Manager Operations (Call Center Cyber BPO & Excel Net ISP)
Independently responsible for call center, ISP, management recruitment and administration. This position demands a combina-
tion of technical, commercial and managerial abilities.
Core Roles:
• Induction of Business oriented licensed software’s for organization productivity, manageability and Resource Planning.
• Preparing reports , field work such as meeting clients and participating in International projects
• To develop and implement marketing plan in conjunction with sales department, which details activities to follow during the fiscal
year, which will focus on meeting organizational objectives.
• To manage the Marketing Department Budget. Delivery of all marketing activity within agreed budget. Direction of marketing
staff where budgets are devolved.
• To manage the entire product line life cycle from strategic planning, pricing and forecasting to tactical activities.
• Specifying market requirements for current and future products by conducting market research and competitive analysis in a very
hands-on manner.
• Possible Production & Operations Management Strategies
Dewan Mushtaq Group JAN’2001 – Jan’2004
Dewan Mushtaq Group has an annual turnover exceeding Pak Rupees 30 billion. The main fields of business include textiles,
sugar, polyester and acrylic staple fiber, assembly-cum-progressive manufacture of automobiles and equity participation in a
private bank. Other allied businesses include a polypropylene sacks making and particle board manufacturing plants as down-
stream industries of sugar industry and automotive parts manufacturing as backward integration of its automobile industry.
Network Engineer
This position demands a combination of Network and systems abilities.
Core Roles:
• Coordination with all team members of the IT department for the smooth Network operations
• Coordination with Remote Offices (Hattar, Lahore, Faisalabad, Taxila, Karachi) staff for the smooth running of data replication in
the Remote Offices
• Coordination with ITI, & FLAG (Backbones in Pakistan) for the problems in communication links
• System Administration and Configuration of UNIX based servers including Mail, Proxy, Web server, IP Firewall, DNS, and Lotus
Domino.
OFFICIAL ASSIGNMENTS & CORPORATE PROJECTS
National Telecommunication Corporation Project (Catalyst Communication)
Core Role: Project Manager
I was a consultant management of network and VoIP security Infrastructure, and was hired to design and configure National
Telecommunication corporation VOIP network. The project includes Sale Lead, Configuration & Implementation. Major role
includes strong coordination with NTC technical leads and directors for the project. Provided PIX 520 Firewall for filtering un-
known traffic of H.323 from VoIP careers, Deployed CISCO 3550 EMI Switch for Bandwidth Management on each port. Confi-
gured CISCO 3550 EMI Multilayer switch As a Router for Local LAN, Meera Soft Switch, Cisco AS5200 and AS5400 for interna-
tional traffic termination, NMS for network equipment and Services monitoring.
Page 5 of 6
6. Askari Bank Project (Terrestrial Network Deployment)
Core Role: Project Manager
Team Building at three regions, project Plan, 200 members team management, tasks assignments and project reports. The con-
nectivity project refers to selection of communication media that corresponds to upgraded routing and security equipment. I
have considered few vendors and technologies for our R&D, based on their availability in Pakistan and offered services and
solutions. Based on research and development work and analysis of different available terrestrial mediums, Askari Bank has
finalized to redesign the country wide terrestrial network infrastructure with high availability of inter branch communications.
Terrestrial Media Selection
After going through detailed network analysis and series of performance tests of different available terrestrial service provider
it was finalized to upgrade existing links with stable and secure communication links with increased bandwidth.
Network Connectivity
In order to develop stability and performance in existing communication network the bank has planned to bring its branches on
fiber network. Initially, incorporate all branches in major cities and regional offices under this network. In addition to this, I also
carried analysis work at branch level. Keeping a standard branch network setup I planned to compose a network solution that
will enable us to incorporate state-of-the-art next generation applications.
In order to have optimum Communication Stability and Manageability I have considered next generation Wimax technology for
communication network as a secondary link of branch. We carried out research analysis for selection of access technology for
TERRESTRIAL network according to the SBP requirements with scalability and complete control from centralized Network Oper-
ation Center (NOC) ETD.
VoIP over Wimax
Askari bank is intended to provide VoIP and video conferencing services over Wimax access technology. We have evaluated the
performance of Wimax access method for VoIP. We have used licensed band with frequency of 3.5 GHz spectrum range that
enables to deliver less expensive and high-speed wireless infrastructure.
References
Mr. Nouman Bashir Khan Mr.Azhar Sahib Zada
Country Head (Technology Infrastructure) Chief Information Security Officer
Electronic Technology division Information Security Division
Askari Bank Islamabad Askari Bank Islamabad
Cell # 92-334-5000123 Cell # 92-332-5359887
Page 6 of 6