Pezhman Navab

Iran, Tehran · pezhmannavvab@email.com

A highly skilled Network/Security engineer with more than 10 years of experience in Network/Security & Data Center environment with variety of efficient backgrounds in designing, implementing and supporting advanced Enterprise network and security solutions. Capable of troubleshooting and optimizing new network designs with many experiences in data center services and active infrastructures. Proper interactions with individuals and ability to train motivate and supervise a team.

Experience

Senior Security Specialist and Network Architect

Tehran Securities Exchange Technology Management Co. – TSETMC (Iran, Tehran)

According to company’s registration notification and memorandum, Tehran Securities Exchange Technology Management Company (Corporation) registered on 1st June 1994, number 105299 with former name “Tehran Stock Exchange Service Company” and by Tehran Company Registration Bureau. On 5th June 1994, registration procedures were officially completed and company registration publicly announced in government official journal and widely circulated newspaper. After development of company’s strategic plans in line with strategic plans of Securities and Exchange Organization (SEO), expectations in technology areas increased notably and therefore, company’s mission and responsibility significantly changed. To reflect new approach in all of company’s activities, its name changed on 16th Sep 2006 to “Tehran Securities Exchange Technology Management Company”. TSETMC is an abbreviation for company’s name.

April 2020 - Present

Senior Network and Security Administrator

Securities and Exchange Organization (Iran, Tehran)

Securities and Exchange Organization of Iran (SEO) is the supervisory authority of Iran financial market that regulates activities of Exchanges, Associations and financial institutions.  Worked in information technology department as network/security and data center expert with encompassing and overarching responsibilities. Use of high-tech data center devices and technologies to implement and support operational services: extensive work on Cisco ASR 1K series router and Cisco Nexus 5K and 2K series switches, F5 BIG-IP security, Fortigate, Cisco Firepower Firewalls, et al.  

.Technical member of design + implementation team for Active/Active and Backup/Disaster Data Center based on F5 GTM and DNS redundancy. Personally contributed network design and active configuration.  

.Design + implementation of Cisco Firepower FMC and FTD for managing and controlling Data Center VLANs.

.Technical member of NASDAQ (Smarts) project non-functional and technical team to install and implement Iran financial markets surveillance and transaction foul play detection.

.Generating and providing certificates for all fund markets in Iran, SEO is one of most important Certificate Authorities (CA) in Iran. Significant personal experience with CA and RA infrastructure and concepts.

.Design and implementation of open source comprehensive monitoring system for controlling Data Center devices and live services.

December 2016 - September 2019

Central Bank of Iran Data Centers Expert

ISC (Iran, Tehran)

ISC provides automation and computer applications to banks and financial institutions across Iran including services As software system design + implementation, project management, technical advisory services and training.

.Technical member of Central Bank of Iran data center administration team within Special Banking Services unit. Establishing Nagios monitoring for system of servers and network devices.

April 2016 - January 2017

Network/Security Expert and Internet Data Center Admin

DPI -Ex IBM (Iran, Tehran)

Data Processing of Iran (DPI) is the best graded IT Company in Iran, which was a branch of IBM in Middle East some years ago. My role is to provide solutions, design and implement enterprise technologies and configuring high-end devices such as Nexus series, 6500 switches, 7600 and 12K routers. Also I have participated in different enterprise projects such as:

.Design, Implementation and Supporting Iranian Space Agency Data Center (ISA): Configuration of different Network & Security high-end devices and modules, and implementing related technologies, including Cisco Catalyst 6509 (VSS, FWSM, IDSM), Cisco 7606S Router (IPsec VPN SPA), Juniper ISG2000, Juniper IDP800, Cisco ACE4710, Cisco Nexus 5010 plus Nexus 2148 as FEX

.Provincial Aggregation TIC (Telecommunication Company of Iran): Participation in the feasibility and supervision team at Bushehr and Ahvaz telecommunication centers

.Design and Implementation Public Key Infrastructure Data Central at Central Bank of Iran (PKI/CA): Design, Configuration, Implementation Network/Security high-end Devices Configuration Device Cisco Router 2821, Cisco Switch 3750, Cisco NAM Module, Astaro Firewall 425, 225 and Safenet Luna HSM SA/CA Configuration and Implementation of WAN Network

.Design and Implementation Komite Emdad Imam Khomeini Data Center: Configuration and Implementation Network Devices including Cisco Catalyst 6509 Switch and IBM Servers

.Design, Implementation and Supporting Tebyan Data Center: Member of Internet Data Center and Network/Security supporting Team Design, Implementation and Supporting Sina Bank Data Center: Member of Internet Data Center and Network/Security supporting Team

May 2009 - April 2016

Security Consulting and Services Designer

Persian Golden Media (Iran, Tehran - Germany)

I was as a security consultant to Present security solutions for Application, Hosting and Data Base Servers; moreover, I setting up some Services on Linux infrastructure and implemented some security mechanisms on them.

September 2014 - August 2015

Education

Tehran, Iran, University of Applied Science and Technology

Bachelor of Science
Information Technology - Information Security
2013 - 2015

Iran, Garmsar, Azad University

Associate Degree
Computer Software
2006 - 2008

Skills

  • SOC implementation: OSSIM SIEM.
  • Cisco Security Products: Firepower 4100, FTD, FMC and ASA (Security Engine), ASA 5500, FWSM, IDSM, IPS Module, VPN SPA.
  • Security Skills: DMVPN, IPsec, dot1x, VPN Technologies, IDS, IPS, IOS Firewall, AAA Services.
  • F5: BIG-IP 7255, BIG-IP 5050 (ASM, LTM, AFM and GTM VCMP).
  • Fortigate: Fortigate 1000E, 1500D, 1000D, 600C, 311B, and FortiAnalyzer-1000D.
  • Juniper Security Products: ISG2000, IDP800, SSG140, NSM.
  • Cyberoam: CR 50ing, CR 750i, CR500iNG-XP, CR 1000i.
  • Sophos: ASG UTM 9 Virtual Firewall.
  • Penetration Test: Linux Kali and Backtrack, Nessus, OpenVAS.
  • Cisco Routers:  ASR 1K, 2900, 7600, 12000 Series.
  • Routing Skills: OSPF, OSPFv3, EIGRP, BGP and VRF.
  • Cisco Switches: Nexus 5K, 2K Series and 6500, 4500, 4900, 3850, 3750, 2960.
  • Switching Skills: STP, Vlan and P-Vlan & Dynamic Vlan, Redundancy Policies (Fex, VPC, VSS, Ether-Chanel), Switching Security Mechanisms.
  • Cisco OS: IOS, CatOS, IOS-XE, IOS-XR, NX-OS.
  • QoS Skills: Familiar with QoS Concept and Technology.
  • SAN Storage: EMC VNX 5200, EMC VNX 5400.
  • Cloud Computing Skills: Cloud computing whit VMware Applications.
  • Virtualization Skills: VMware VCSA 6.0, 6.5, VMware vSphere ESX 5.1, 6 VMware VCenter.
  • Microsoft Skills: Windows Server 2K16, 2K12, 2K8, Active Directory, DNS Server, DHCP, FTP Server, IIS, WSUS, Exchange.
  • Monitoring Products: IBM Tivoli Series, Solarwinds, ManageEngine Products, PRTG, Nagios, Cacti, and Opennms.
  • Voice over IP: Familiar with Cisco Voice Technologies. 

Certificates / Trained courses

    Cisco CCNP Route

    Cisco CCNP Switch

    Cisco CCNA ICND2

    Cisco CCNA Security

    CEH (Certified Ethical Hacker)

    Cisco CCNP Collaboration

    Linux LPIC-1

    HP Accelerated San Essentials

    --------------------------------------

    PMBOK (Project Management Body of Knowledge)

    ITIL Foundation v3

    TSO-ISPF/PDF IBM Mainframe

    IBM Mainframe Z/VM Operation

    --

    Languages

    Persian : Native

    English : Fluent

    Germany : intermediate