I am pleased to inform you that I’ve successfully PASSED the CISA (Certified Information Systems Auditor) Exam with ID: 09591027. As you know that its a Four Hours Proctored Written ANSI Accredited Exam and was held in December 12, 2009.

US Department of Defense (DoD) 8570.01-M “Information Assurance Workforce Improvement Program” manual names ISACA’s Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) certifications among those approved for DoD information assurance (IA) professionals.

For More Details : Visit

• Data Center services secure design for SOA and SDN
• DNSsec implementation
• Risk Management
• Network & Systems Security
• ISO 27001 Standardization and Compliance
• Eliptic Curve Cryptography Archtiect, NSA Suit-B Cryptographic Services Architect
• FCAPS: ITU standard model for enterprise network management
• Tivoli/Netcool Enterprise Services Management solutions architect
• Nerve Centers, SOC and NOC designs and implementations based on Open source and IBM/ISS products
• Information security organization development
• Information security policies, procedures and guid lines.
• Up to 3-Tier Public Key Infrastructures design, development and management
• Data Center services design with HA,LB ,SSO, session portability (Hot Desking) and session resumability
• Vendor management  (IBM and nShield)
• Secure/KIOSK systems design and architect for higly confidential / classified data networks
• Emerging secure technology development  including RSA Secure ID, PKI, Smart Cards, etc
• Project management
• ITIL for process and flow management
• Extensive administration of Operating Systems and Network Operating Systems
• Virtualization for Data Centers with HA components
• NAS and SAN technologies and protocols

• Security Design of Data Center services for Govt, of PAKISTAN.
• FCAPS/SOC design of services with IBM Tivoli/Netcool products and Implementation for Govt, of PAKISTAN.
• Security Design of Data Center distributed services with country wide roaming Sessions for PROMIS.
• ECC based PKI design and demonstration for Govt, of PAKISTAN.
• Single Smart Cards for Dual Factor Authentication and Encrytion/Digital Signing
• Linux Based App servers design for Thin Clients (SunRay) with iSCSI based roaming profiles and storage and session management.
• WANRay design and implementation with Vendor Specific DHCP Coding and Juniper DHCP Options for Pakistan Police –PROMIS Project.
• SunRay Thin Clients – Server computings monitoring system with AWK and Shell scripting to centralised Monitoring.
• RAC – Replacement of CITRIX and SUN SGD with HA,LB, SSO and session management for PROMIS and Govt, of PAKISTAN.

Energetic, creative, and analytical contributor with highly developed technical/engineering skills and a track record of progressive success in secure ICT infrastructure projects, hands-on experience in managing and troubleshooting in live environments, research and implementation leading to solutions for Secure Enterprise Level Data Centers. Adept at identifying the core issues and requirements. Known for professionalism as well as being an ambitious, dedicated individual who demonstrates strong ethics, excellent technology management skills along with excellent vendor/customer relation and knowledge transfer skills.

I seek to constantly challenge myself, and fill the ICT architecture with emerging information security trends and technologies.

A little history: I’ve been working in IT since about 2001, mostly working in server side of things, enterprise services, information security as well as some special projects work. Like most people I kind of fell into doing some security work while working at my previous employer. After diving into vulnerability scanning and some cryptographic work the technical side of security really began to interest me. I’d always been security conscious (that’s how I got the unfortunate nickname – Fence) and after a while doing security on the side, I decided to re-focus my career away from data center server side of technologies with a side-helping of Cryptography/Vulnerability testing, and to full-time security. Not an easy transition, but worth every hour spent learning.

After attending some courses (of varying quality) and get some nice shiny security qualifications (MCSE – Security and CISSP) I moved back into the 9-9 life here in Pakistan. I’m currently working as a Sr. Manager Systems (FCAPS, ISMS) and spend most of my time doing information security testing of internal systems, or for external clients. I’m studying various things currently, No point listening them all, it seems to change on a weekly basis. There’s always something new to learn after all.

I’ve been lucky enough to gather vast experience in building secure data center services over the last 4 years in the industry. I’m the first Pakistani who demonstrated his ECC based cryptographic skills to the Govt, of Pakistan.

Kashif Sohail  (CISSP, CISA, PCI-QSA, PMP)

Information Security Consultant
Gaming Associates – Malta
Cell : +356 99512004

Fahd Ali Zahid

Lead North Territory
IBM – PAKISTAN
2nd Floor, Savoy Arcade, Plot No.25, F-11 Markaz, Islamabad
Cell: +92 321-537122