About AbuNasser Badrudduza
-
Academic Level Master’s Degree
-
Age 48 - 52 Years
-
Industry Management
-
Viewed 24
About me
ICT Practitioner
Education
- 2014 - 2015
-
2019 - 2021
Ontario Tech University
Master of Information Technology Security
Master of Information Technology Security in Artificial Intelligence
Experience
-
2019 - Present
ClusterVillage Corp.
Technical Consultant (Advisor)
Project Description
• Server Migration: Involved in this project to migrate RHEL 4/5.x/6.x to 7.x (ESX 5.5, 6.x), AIX 5.x/6.x to 7.2, Solaris Legacy server to Solaris 11.x (LDOM/Zones), HP–UX to RHEL as per P2V project requirements. Build to configure, migrate, and support. These projects involved many functional department, PM, and stockholders.
• Configuration Management: Optimization/Orchestration and automation services using Ansible/ Puppet/Docker-Kubernetes: Build, configure deploy VM server for Ansible-Tower/ Puppet/Docker-Kubernetes automation projects. Task included building and configuring and deploying servers as per requests from DevOpps engineers (Developers) and Ansible Tower of automation.• DevSecOps Automation: Working in projects to simplify the task of building, deploying, and maintaining distributed systems using Kubernetes, Docker, Jira, Git, etc. includes scanning repositories for security vulnerabilities, early threat modeling, OWASP security design reviews, static code analysis, and code reviews.
• Threat Analysis, Access Control and Privacy Policy: Build a model for automobile companies regarding the Connected and Automated Vehicle (CAV) projects, including five levels of automation: from automation level zero (no automation) to automation level five (full automation). Existing bugs that need to be fixed based on ISO/IEC 27002. Built a strong access control XACML (eXtensible Access Control Markup Language) policy and a privacy policy using XACML.net, IBM P3P (Platform for Privacy Preferences Project) Policy Editor, and Microsoft Threat Modelling Tool. Build an illustrative access control scenario with some subjects, permissions, and objects, respectively, for 30 to 100 ECU (Electrical Control Unit).
• Cyber Security
o Risk Assessment: Conducted vulnerability assessments using tools like Qualys and Metasploit
o Strategic Consulting: Advised on the implementation of security best practices, including ISO 27001 and NIST frameworks, OWASP Top 10. Providing security step recommendations according to the NIST cybersecurity risk assessment control matrix; involvement in time-to-time cybersecurity assessment/conformity according to NIST CSF (Cybersecurity Framework).
o Intrusion Detection: Managed IDS/IPS systems, utilizing Snort and Wireshark for real-time network monitoring.
o Threat Modeling: Utilized Microsoft Threat Modeling Tool and OWASP Threat Dragon to assess potential security risks in software architectures.
o Firewall Management: Configured and maintained firewalls using Cisco ASA and pfSense.• Artificial Intelligence
o Machine Learning: Developed predictive models for threat detection, improving system response time by 30% and implemented machine learning algorithms to detect fraudulent activities in network traffic for predictive analysis using TensorFlow and Scikit-learn.
o Played roles that required a deep understanding of IT systems and software development, which are integral to AI and ML application development.
o Developed software and database applications for Life Science researchers using AI and ML.
o Steering the creation of cloud computing and software applications through the analysis of requirements, design of system architectures, and execution of solutions utilizing AI and ML technologies
o Data Analytics: Utilized Python libraries like Pandas and NumPy for data manipulation and analysis and to identify patterns in network traffic and insights related to cyber threats, aiding in the detection of potential security incidents.• System Analysis
o Requirement Gathering: Conducted interviews and surveys to collect system requirements.
o Performance Tuning: Optimized system performance for high-traffic web services, reducing latency by 25%.
o System Design: Utilized UML diagrams and ER models for system architecture design.
o System Architecture: Designed and implemented scalable, secure, and robust system architectures for multiple projects using AWS Cloud Formation, GCP• Security Assessment:
o Conducted a comprehensive security assessment, including vulnerability scanning, penetration testing, and threat modeling, to identify weaknesses in the client’s infrastructure and applications.
o Collaborated with the client’s internal security team to analyze the findings, prioritize risks, and determine the required security measures.
o Involved addressing complex compliance requirements, such as PCI-DSS (Payment Card Industry Data Security Standard) and GDPR (General Data Protection Regulation).• Security Architecture Design:
o Developed an advanced security architecture that included network segmentation, secure remote access, encryption protocols, intrusion detection and prevention systems (IDPS), data loss prevention (DLP) systems, and security information and event management (SIEM) solutions.
o Designed a multi-layered defense strategy to protect against external threats, insider attacks, and data exfiltration attempts.
o Collaborated with the client’s IT and development teams to ensure security requirements were integrated into the software development lifecycle (SDLC).• Cloud Security Implementation:
o Assisted the client in migrating their infrastructure and applications to a cloud environment, implementing robust security measures specific to cloud environments.
o Utilized cloud-native security tools and services, such as identity and access management (IAM), two-factor authentication (2FA), encryption, and security monitoring, to ensure the confidentiality, integrity, and availability of their cloud resources.• Security Incident Response and Governance:
o Established incident response procedures, including incident detection, containment, eradication, and recovery processes.
o Conducted security awareness training sessions for employees, emphasizing best practices and addressing potential social engineering threats.
o Assisted the client in developing and implementing security policies, standards, and procedures to maintain a strong security posture in the long term.Tasks and Responsibilities:
• Design and implement IM/IT systems while focusing on compute, storage, networking, security, and integration aspects;
• Develop, deploy, upgrade, and maintain containerized applications and infrastructure as code automation;
• Configure and manage Incident Management, Vulnerability Management, Endpoint Security Management, Identity and Access Management (IAM) including Security Groups, Access Control Lists, Network Security Groups, Firewalls, and Authentication and Authorization Components;
• Analyze security tools’ blocks and monitor node and cloud SQL metrics; assess computer systems, networks, and software for vulnerabilities using Qualys scanner;
• Upgrading all Red Hat 6 servers to Red Hat 8 version to refrain attacker to execute arbitrary code by sending crafted log messages for the CVE vulnerability in Apache logging package log4j RCE also known as “log4shell.
• Monitor the security alert by doing a daily health check and analysis of the report using Google Cloud Platform, Google Analytic and SIEM tools Splunk;
• Build company’s CAD (Cloud Architecture Diagram) to describe the cloud environment for the organization’s documentation, make plans for updates, or troubleshoot issues;
• Analyzed the client’s existing infrastructure, including their application architecture, data storage, and networking setup. We also discussed the client’s future growth plans and scalability requirements to ensure the cloud-based solution would meet their needs.
• Providing security step recommendations according to the NIST cybersecurity risk assessment control matrix; involvement in time-to-time cybersecurity assessment/conformity according to NIST CSF (Cybersecurity Framework) for the tender document;
• Provided support in designing and implementing the AWS infrastructure, including the virtual private cloud (VPC), subnets, security groups, and network Access Control Lists (ACLs).
• Designed a scalable architecture to handle the client’s increasing workload requirements.
• Had to handle a high volume of data, real-time updates, and support concurrent users from different departments. Utilized Agile methodologies like Scrum to manage the project, ensuring frequent communication, transparency, and adaptability to changing requirements.
• Conducted daily stand-up meetings, sprint planning, and retrospective sessions to keep the team aligned, address any challenges, and improve the development process.
• Implemented a user-centered design approach, involving end-users in the feedback loop through user acceptance testing and regular demonstrations of the system’s functionality.
• Employed Agile project management tools like Jira to track progress, manage tasks, and visualize the project’s status
• Work with work with business analysts, architects, project managers, developers, and clients/stakeholders to create, implement, maintain, and improve IM/IT systems;
• Monitored and evaluated the efficiency of system usage and made recommendations to management to improve performance;
• Created documentation and reports on system architecture, performance, and utilization, as well as clear, concise installation and configuration procedures and other documentation as needed to maintain and achieve operational standards and compliance. Apply problem solving skills to troubleshoot and resolve technical problems;
• Develop and test reliable system administration procedures;
• Implement and test system backups and recovery methods; and analyze system performance and recommend improvements;
• Computer engineers and software developers were recruited, supervised, coordinated, and conducted training and mentoring sessions for the staff, contributing to their professional growth and helping to establish the reputations of key team members. Evaluated client needs during a system development process.
• Defined the project scope, objectives, and deliverables in collaboration with stakeholders and project sponsors, outlining the project plan and timeline.
• Developed a detailed work breakdown structure (WBS) that identified all project activities, dependencies, and resources required, as well as the budget and timeline for each activity.
• Employed agile project management practices, including daily stand-up meetings, sprints, and frequent feedback loops, to ensure the project stayed on track and aligned with the business requirements.
• Utilized project management tools like JIRA to manage the project schedule, track progress, and communicate with stakeholders and team members.
• Conducted regular risk assessments and risk management strategies to mitigate potential project risks.
• Implemented Agile methodologies, such as Scrum to manage the project in an iterative and incremental manner.
• Conducted regular sprint planning, daily stand-up meetings, and retrospective sessions to foster collaboration, track progress, and address any issues or bottlenecks.
• Utilized project management tools like Jira to track tasks, monitor progress, and communicate project status with stakeholders. -
2012 - 2018
Department of Immigration & Passports, Bangladesh Government
Senior System Analyst (Software)
Project Description
• As a Senior System Analyst, I was responsible for overseeing the different projects like security and integrity of critical machine-readable passports and machine-readable visas (MRP and MRV) systems in the Bangladesh government. My role involved risk assessments, system design, application development, DB management, project management and team leadership.Responsibilities
• System Design: Architected secure and scalable systems for immigration control.
• Data Security: Implemented strong encryption algorithms for sensitive data.
• Compliance: Ensured systems were compliant with government security standards.MRP and MRV System
• Objective: To create a secure and efficient system for passport and Visa issuance.
• Tools Used: Oracle .C#, .Net, NIST Security Framework
• Achievements:
o Reduced processing time by 20%.
o Improved system security, passing all penetration tests.Immigration Database Encryption
• Objective: To encrypt sensitive data in the immigration database.
• Tools Used: Oracle Transparent Data Encryption, RSA
• Achievements:
o Successfully encrypted all sensitive data.
o Passed all compliance audits with zero issues.Application Development: In the project of machine-readable passports and machine-readable visas (MRP and MRV) in the Bangladesh government lead the software development and database and data administration team in the following areas:
• Prepared business cases, presenting the value proposition and cost-benefit analysis of proposed IT initiatives, showcasing their alignment with organizational goals.
• Developed plans, guidelines, and policies to implement the system and control the budget and expenditures of projects. System research, analysis, and design using UML, the Model-View-Controller framework, and Web 2.0 with agile methodology; database design and maintenance; data backup and recovery; and controlling users’ roles and access (Oracle PL/SQL);
• Made prototypes, screen mock-ups, wireframes, or samples of functions or features that were shown to stakeholders during interviews, discussion meetings, workshops, and structured walkthrough sessions for business analysis to give stakeholders an early user experience of how an IT system looks and works. Use of encryption algorithms to secure the data transmitted between the front-end and back-end systems
• Conducted a performance analysis, which included analyzing system logs, running performance tests, and profiling the application code.
• Identified the bottleneck in the application’s database queries that caused delays in processing visa and passport applications.
• Implemented optimized database queries by using indexes, rewriting inefficient queries, and tuning the database configuration and caching mechanisms to reduce the number of queries to the database.
• Improved application architecture, including scalability and performance, with a distributed architecture and load balancing to distribute the workload across multiple servers.
• Adopted an agile framework and used a modular design to break down the software into smaller, more manageable components such as use case diagrams, class diagrams, and sequence diagrams. Implemented a TDD (test-driven development) approach.
• Defined the project scope, objectives, and deliverables in collaboration with stakeholders and project sponsors, outlining the project plan and timeline.
• Developed a detailed work breakdown structure (WBS) that identified all project activities, dependencies, and resources required, as well as the budget and timeline for each activity.
• Employed agile project management practices, including daily stand-up meetings, sprints, and frequent feedback loops, to ensure the project stayed on track and aligned with the business requirements.
• Utilized project management tools like JIRA to manage the project schedule, track progress, and communicate with stakeholders and team members.
• Conducted regular risk assessments and risk management strategies to mitigate potential project risks.
• Implemented agile methodologies, such as Scrum, to manage the project in an iterative and incremental manner.
• Conducted regular sprint planning, daily stand-up meetings, and retrospective sessions to foster collaboration, track progress, and address any issues or bottlenecks.
• Utilized project management tools like Jira to track tasks, monitor progress, and communicate project status with stakeholders.Database Management, Modelling and Administration
• In the field of the data warehouse (DW), context diagrams, use cases, process/system/data flow diagrams (DFD), and other charts, tables, and diagrams were used to find and create models (conceptual, logical, and physical) during transformation.
• Advised on the design and implementation of a disaster recovery strategy for the MRP and MRV systems.
• Developed a plan to ensure that the systems are resilient to disasters such as hardware failures, software errors, and natural disasters and can quickly recover and resume normal operations.
• Develop a plan to protect and recover them in the event of a disaster by identifying suitable backup and recovery solutions, testing the disaster recovery plan regularly, and ensuring that the plan is updated to reflect any changes in the systems’ architecture or data assets.
• Worked closely with the development team and other stakeholders to identify the critical components and data assets to identify all the data sources, such as biographical and biometric data, required for the MRP and MRV systems.
• Defined the data structures, relationships, and constraints required to support the system’s functionality and business processes, using best practices in data modelling and design designed to be scalable, flexible, and adaptable to accommodate future changes and updates. Developed a comprehensive data model that accurately captures all the relevant information required for the MRP and MRV systems.
• Normalization and formatting were used, and the source data was made better and outliers were removed. A data mart was created for analysis to separate blacklisted and/or fraudulent passport and visa applicant data from the data warehouse.
• Applied recommended rules for extracting, transforming, and loading (ETL) the existing MRP-MRV applicant’s source data mapping while migrating to new e-passport and e-visa targeting database management systems and integration into the target data warehouse.
• To build ETL pipelines using Jenkins for continuous integration and continuous deployment (CI/CD) on an automation server by performing basic transformations such as cleaning, deduplication, format revision, and so on.
• Designed dimensional data models by conducting a thorough analysis of the data requirements, business processes, and user needs to identify the dimensions and measures necessary for the data model.
• Utilized best practices and methodologies like Kimball’s dimensional modelling to design the data model, ensuring flexibility, simplicity, and performance.
• Collaborated with stakeholders to prioritize the measures and dimensions and validate the data model’s accuracy and completeness.
• Implemented the data model in Oracle Database using SQL and PL/SQL, ensuring data integrity, security, and performance.
• Utilized ETL tools like Oracle Data Integrator (ODI) to extract, transform, and load the data into the data warehouse.
• Provided advanced backup and recovery solutions such as point-in-time recovery and standby databases.
• Implemented a disaster recovery solution that includes regular backups of critical data assets, testing the recovery plan, and ensuring that the plan is updated to reflect changes in the systems’ architecture or data assets.Project Management
• Agile Methodology: Led cross-functional Scrum teams in Agile development cycles, successfully delivering multiple high-stakes projects utilizing Jira for sprint planning and tracking.
• Resource Allocation: Managed project resources effectively using Microsoft Project; oversaw project budgets up to $2M, ensuring optimal allocation of resources.Security hardening:
• Enable the anacron daemon. Set the owner and permissions for the user/group on /etc/anacrontab and /etc/crontab and /etc/cron.d, at/cron to Authorized Users, preventing users from entering single-user mode. Verify Package Integrity Using RPM, install Advanced Intrusion Detection Environment (AIDE), Implement Periodic Execution of File Integrate, and enable SELinux in /etc/grub.conf, then remove telnet-server and rsh-server.
• Resolve incident and fulfilled request in timely manner coming through ServiceNow and provides L3 (advanced) troubleshooting support; with accountability for resolution of outages, service level issues, and user support needs requiring collaboration.Responsibilities (Main):
• Provided technical guidance and support for the project “Introduction of Machine-Readable Passport and Machine-Readable Visa (MRP and MRV) in Bangladesh” with the Bangladesh Military at the Department of Immigration and Passports (DIP), under the Ministry of Home Affairs, Bangladesh, as a contribution to the e-government to improve public service.
• Monitored computer networking systems between Data Center and Disaster Recovery Center and among 69 regional passport offices, 70 SB office of Bangladesh Police and 33 Immigration Check Point (ICP) countrywide,` 71 Foreign Mission of Bangladesh Embassy worldwide to function smoothly and inform the authority about the status of their functions timely.
• Oversee data storing of applicant’s biometric feature and making matching reports in order to send personalization. Monitor and supervise issuing information of passport and visa applicants storing appropriately in Data Center with securities ensure on data and provide a report on demand.
• Provide training to the officers of DIP, SB, and Ministry of Foreign Affairs of Bangladesh for operating the MRP & MRV system.
• Provide plans, guidelines, and policies to implement the system with study, analysis & design. Re-design test script and conduct user acceptance test (UAT) of MRP & MRV with software consultant to satisfy high official user demand.
• Oversee installation, back up, recovery, control user’s role and access; Work as a technical member of Tender Evaluation Committee (TEC); evaluate and select hardware (Juniper) and software equipment and communicate with the vendor for purchasing.
• Monitor official website www.dip.gov.bd, www.passport.gov.bd, www.visa.gov.bd and MRP & MRV Database server, Application Server, and maintenance other MIS software.
• Contributed to new projects as a technical member of the project committee by preparing Terms of Reference (ToR) and communicating with vendors to purchase hardware and software accessories in a cost-effective manner.
• Responding to questions and concerns from the senior audience, providing explanations and clarifications in a manner that was accessible and relatable. Prepared detailed project reports, including executive summaries, outlining the progress, achievements, challenges, and future plans of the machine-readable passport and visa systems.
• Developed presentations that presented key technical aspects of the project, such as infrastructure and operations, security solutions, application development, and database administration, in a manner that senior stakeholders could understand and make informed decisions.
• Creating technical documentation, such as system architecture diagrams, process flowcharts, and data flow diagrams (DFD), explaining the underlying technology and its impact on business operations.
• Ensuring that the materials were well-structured, using a logical flow and concise language to convey complex technical concepts in a clear and accessible manner.
• Employing data visualization techniques, such as infographics, charts, graphs, and diagrams, to present key performance indicators, project metrics, and other relevant information effectively.
• Preparing detailed project reports, including executive summaries, outlining the progress, achievements, challenges, and future plans of the machine-readable passport and visa systems (e-passport and e-visa).
• Preparing a training manual and train government officers and staff on a regular basis. Manage an IM/IT functional team consisting of 11 individual officers from the government’s technical official’s side for seven complete performance cycles. Supervise and coordinate the work of computer programmers, assistant system analysts, maintenance engineers, assistant maintenance engineers, and other IT staff.
• Assign job roles to the technical officer of the data centre (DC) and disaster recovery centres (DRC) and make periodic annual confidential report (ACR) or performance management assessments or appraisals (PMAs) of assistance system analysts, programmers, maintenance engineers, assistant maintenance engineers, and sub-assistant maintenance engineers, and countersign on the ACR of other officers and staff.
Portfolio
Honors & awards
-
2020
CIBC Graduate Award
CIBC Graduate Bursary Award; Issued by Ontario Tech University, · Nov 2020
-
2012
Life Member
Life Member of Bangladesh Government ICT Officers Forum (Member No: gICT-0074); Associated with Ministry of Home Affairs, Bangladesh
-
2006
Fellow
Fellow of Bangladesh Computer Society (Fellow No: F00162)