Work Experiences

Chavoosh Rayaneh Sepahan, Islamic Republic of Iran, Esfahan
Network Technical Staff:  Network Administration in Cisco & Microsoft Windows environment, Active Directory infrastructure and Linux OS systems. (2001-2002)

Ansari GmbH, Germany, Hamburg
Network Technical Manager: Security Administration for Watchgaurd and Netscreen devices and IPSec / VPN protocols.  Network Administration in Microsoft Windows 2000/2003 environment, Administration for SMC Network and  Enterprise Network Administration in SMC and Cisco networks. (2002-2003)

Yasa Data Processing and Communication, Iran, Esfahan
CEO – BS7799 Lead Auditor: Information Security Consultancy Based on ISO 17799 and Cobit 4. Penetration Testing, Information Security Auditing and Gap Analysing.  Information Security Risk Management and IT Security Infrastructure Designing. ( 2004-2006)

Technitrust Ltd, United Kingdom, London
Information Security Adviser:  Information Security Consultancy Based on ISO 17799:2002 and ISO 13335 TR, Network Security Designing for Microsoft Windows 2000 / 2003 environments and Cisco SME networks. (2006-2008)

Yasa Data Processing and Communication, Iran, Esfahan
CTO – ISO 27001 Lead Auditor: Information Security Consultancy Based on ISO 27000 Series and Cobit 4. Penetration Testing, Information Security Auditing and Gap Analysing. ISMS Implementation Based on ISO 27001:2005.  Information Security Risk Management, IT Security Infrastructure Designing and BCP Creation. (2008-Present)

Outstanding Projects

Metropolitan Total WiMAX Network Topology and Security Infrastructure Design. Esfahan Municipality, Esfahan (2005)

Enterprise IT Infrastructure, Information Security and IT Services Design Based on ITIL v.2. Esfahan Mobile Private Company, Esfahan (2005)

Network and Computer Using Policies and Procedures Design based on BS7799:2002 and Cobit 4. A Research Institute, Tehran (2005)

ISMS Consultancy and Information Security Infrastructure Design Based on BS7799:2002, Penetration Testing, Information Security Risk Management Based on BSI PD3002, Security Training and Awareness Material Creation.  Mobarakeh Steel Company, Esfahan (2006)

ISMS Consultancy and Information Security Infrastructure Design Based on ISO/IEC 27001:2005, Penetration Testing, Information Security Risk Management Based on BSI PD3002, Security Training and Awareness Material Creation.  State Welfare Organization of East Azarbayejan, Tabriz (2006)

ISMS Implementation and Information Security Infrastructure Design Based on ISO/IEC 27001:2005, Penetration Testing, Information Security Risk Management Based on BSI PD3002.  ICT Department of Esfahan Municipality, Esfahan (2008)

ISMS Implementation and Establishment Based on ISO/IEC 27001:2005, Penetration Testing, Information Security Risk Management Based on ISO 27005:2006, Security Training and Awareness Material Creation, BCP Creation and Internal Auditing. Khoozestan Steel Company, Ahvaz (Certified by DNV) (2009)