Najam Shah

Work History

Work History
Aug 2014 - Jan 2015

Security Consultant

Prudential Insurance

Joined Prudential to project manage and implement improved security solutions as part of a large-scale security programme. Initially this covers secure system baselines, vulnerability scanning/management and operational security process definitions. The project was completed successfully and deadlines were all met.

Key Projects:

Security review of systems and producing secure configuration documents and automatic scanning of compliancy

  • Security review of systems ranging from Network routers, switches, Operating Systems including Mainframes, Databases Virtual technologies (Citrix Xen and VMWare VSphere), Middleware (IBM WebSphere, Oracle Weblogic)and Web servers (Apache Tomcat, Apache HTTPD).
  • Write secure configuration baselines based on best practices (CIS, NIST, DISA, ISO 27001).
  • Setup of automatic compliance checking using Tenable Security Center.

Security Process Definitions

  • Review of existing operational security processes and identify any gaps from ISO 27001
  • Document processes and present to operational teams and business units.
2005 - Jul 2014

Technical Security Architect

BNP Paribas, London

Joined the Corporate and Investment Banking UK IT Security Team as a Technical Security Architect.

  • Advanced Persistent Threat Solutions
    • Understanding of APT and whether it is a real threat.
    • Selection of possible APT solution Fireeye and Check Point ThreatCloud.
    • Analysis and fine tuning to meet requirements and to ascertain best solution.
  • Active Code/ Malware threat protection
    • Requirements gathering and selection of best solutions. Shortlisted following: Trustwave SWG, Imperva SecureSphere and F5 ASM.
    • In-depth testing of all solutions and written recommendation report.
  • IDM Project
    • Deployment of BMC Control SA to ensure accountability, auditing and central provisioning.
    • Integration with CA Siteminder Single Sign-On and in-house developed authorisation tool.
  • Hybrid Cloud Solution
    • Study of Cloud solutions and assessment whether it will benefit the business.
    • Requirements gathering for hybrid cloud solution, type of data, governance issues, security in the cloud.
    • Design of private cloud based on VMWare and Cloudstack integrating with future use of public clouds for approved datasets.
  • Security Information and Event Management (SIEM) Project
    • Definition of requirements
    • Implementation of Global SOC (Security Operations Center) using HP Arcsight for SIEM.
  • Intrusion Prevention System (IPS)
    • HP TippingPoint IPS implemented in Inline mode
    • Fine-tuning of IPS policy by applying only selected reviewed digital vaccines (attack signatures) covering as minimum the OWASP top ten attacks.
2003 - 2005


Technical Security Architecture, BNP Paribas, London

Promoted to Team Leader for the Technical Security Architecture team within a newly established Global Security Operations team. Managed a team of 3 security architects while also a hands-on security architect.

Key Projects

  • Implementation of centralized firewall management using Check Point Provider-1.
  • Compliance scanning solutions for enforcing Operating System and application security baselines and Firewall audit.
  • Implementation of ISO 27001 ISMS for the UK and France territories as part of major restructure within the bank.
  • Security architecture of global MPLS network for branch connectivity.

Key Responsibilities

  • Personnel management. Provide guidance and motivation to team members.
  • Defining security standards and security review of new in-house and 3rd party software solutions.
2001 - 2003

Information Security Consultant

BNP Paribas, London & Paris

BNP Paribas is one of the largest retail and investment bank with over 150.000 staff globally. The main headquarter for investment banking is in London. In this role I was working for Global Infrastructure as the UK Information Security Consultant, tasked with setting up a local security presence in London. Review and consult the business and IT teams on security best practices and company security policies. Travelling between London and Paris to cross territory communication.

1999 - 2001

Information Security Consultant

Schroders Investment Management, London(Perm)

Project consultancy on IT security based around BS7799 Information Security Standard. Improving the information security processes and user/system access management.

1998 - 1999

Technical Pre-Sales Consultant

Computeraid Services

Provided a high level of technical expertise for blue-chip clients in the following areas – Pre-Sales, R&D and Transition Projects. Clients included Boots, Clarks Shoes, Woolwich and Thorn EMI. Tendered for complex solutions up to £250k.


1989 - 1994

B.Sc (Hons) Electronics & Computer Science

Syddansk University in Odense, Denmark. 
1986 - 1989

A Levels

Mulernes Legat Skole, Odense, Denmark. Mathematical and Science.