Mir Ali Shahidi

Senior Network & Security Expert Mir Ali Shahidi

Mir Ali Shahidi

1986

Network & Security Expert

Tehran, IR

info@miralishahidi.ir

+989360715710

Technical Skills

CompTIA A+ (90%)

CompTIA Network+ (90%)

CompTIA Security+ (90%)

CCNA (90%)

CCNP (90%)

CCIE (90%)

CCAr (90%)

CEH (Certified Ethical Hacker) (90%)

CISM (90%)

CISA (90%)

CRISC (90%)

CCSP (90%)

Penetration Testing (90%)

Vulnerability Assessment (90%)

Web Application Security (OWASP) (90%)

Wireless Network Security (90%)

Malware Analysis (90%)

Incident Response (90%)

Digital Forensics & Investigation (90%)

SIEM Management (90%)

PKI & Cryptography (90%)

Intrusion Detection/Prevention (IDS/IPS) (90%)

Cloud Security (90%)

Security Policy & Auditing (90%)

Risk Management (90%)

Business Continuity Planning (BCP) (90%)

Disaster Recovery Planning (DRP) (90%)

Advanced Threat Intelligence (90%)

Defense in Depth (DiD) (90%)

Security Frameworks (NIST, CIS, ISMS) (90%)

Python Programming (90%)

Java Programming (85%)

C/C++ (85%)

JavaScript (90%)

PHP (85%)

C# & .NET Core (80%)

Ruby (75%)

Django (Python Web Framework) (90%)

Flask (Python Microframework) (90%)

Spring (Java Framework) (85%)

Laravel (PHP Framework) (85%)

Angular (Frontend Framework) (80%)

React.js (Frontend Library) (80%)

Vue.js (Frontend Framework) (75%)

HTML5/CSS3 (90%)

Web Services (REST/SOAP) (90%)

Network Architecture & Design (90%)

Secure Network Design (90%)

LAN/WAN Design & Implementation (90%)

VLAN, VTP & Inter-VLAN Routing (90%)

NAT, DHCP & QoS (90%)

VPN (IPsec, SSL/TLS, DMVPN) (90%)

MPLS & BGP (85%)

SNMP & Network Monitoring (90%)

NAC (Network Access Control) (90%)

TCP/IP & OSI Model (95%)

DNS & Load Balancing (HAProxy/Nginx) (85%)

Firewall Technologies (90%)

MySQL (Administration & Security) (90%)

PostgreSQL (Administration & Security) (90%)

MongoDB (NoSQL Database Security) (85%)

SQLite (80%)

SQL Server (80%)

Oracle Database Security (80%)

Redis (Key-Value Database) (80%)

Metasploit (95%)

Burp Suite (95%)

Wireshark (95%)

Nmap & Nessus (95%)

Kali Linux & Pen-Testing Suites (95%)

Security Digital Forensics Tools (90%)

Cisco IOS & GNS3/Packet Tracer (90%)

Apache, Nginx, IIS, Tomcat (85%)

Languages

  • Persian – Native
  • English – Professional Proficiency

Work Experience

Senior Information and Network Security Specialist

2010 - Current

I have extensive experience in designing and implementing LAN and WAN networks, configuring VLAN, NAT, DHCP, and security protocols like IPsec and SSL/TLS. My main goal is to enhance information security and organizational networks using modern methods and international standards.

Ethical Hacker & Penetration Tester

2010 - Current

As an Ethical Hacker, I have conducted numerous penetration tests under official contracts, strictly adhering to ethical, legal, and professional principles to ensure no harm is done to the systems. I use tools like Metasploit and Burp Suite for penetration testing and web application security testing (based on OWASP).

Incident Response Team (CERT) Member

2010 - Current

I have served as an Information Security Analyst and a member of the Incident Response Team (CERT) in various projects. This experience has strengthened my ability to identify and combat cyber threats and manage security crises.

Cisco Network Engineer – Rightel

Dec 2016 - Jun 2017

In collaboration with Rightel, I worked as a Cisco Network Engineer and Penetration Testing Specialist. My responsibilities included conducting security analyses, penetration tests, and providing solutions for security optimization under NDA contracts.

Military Service – Navy of the Army of Iran

Dec 2005 - Aug 2007

Completed mandatory military service, where I acquired discipline, commitment, and responsibility. Post-service, I professionally entered the field of networking and information security.

Education

Theoretical Sciences Background

Until 2004

Completed education in Theoretical Sciences, focusing on Mathematics, Physics, and Chemistry. This strong analytical foundation paved the way for my entry into Information Technology and Cybersecurity.

College-Preparatory School

2004 - 2005

Completed advanced preparatory courses in sciences and technology, preparing for a professional career in IT and cybersecurity.

Specialized Certifications & Training

2010 - Current

Holds internationally recognized certifications including Network+, CCNA, CEH, CISM, CISA, and CRISC. Successfully completed training in Python Programming, HTML, CSS, and Network Security in accredited domestic and international institutions, providing a solid foundation in IT and Cybersecurity.

Core Expertise Areas

  • Cybersecurity Management: CISM, CISA, CRISC, Risk Management, Security Policy & Auditing, ISMS/NIST Frameworks.
  • Offensive Security: Penetration Testing, Ethical Hacking, Vulnerability Assessment, Web App Security (OWASP), Metasploit, Burp Suite.
  • Defensive Security & Operations: Incident Response (CERT), Digital Forensics, Malware Analysis, SIEM, IDS/IPS, Advanced Threat Intelligence.
  • Network & Architecture: CCIE-level knowledge, LAN/WAN Design, Cisco Technologies, NAC, MPLS, Secure Network Design.
  • Development & Database Security: Python, Java, C++, Django, Flask, MySQL, PostgreSQL, MongoDB Security.

Key Tools & Technologies

  • Security & Hacking: Metasploit, Burp Suite, Nmap, Nessus, Wireshark, Kali Linux, Digital Forensics Tools.
  • Networking: Cisco IOS, GNS3, Packet Tracer, SNMP, HAProxy, Nginx, VPN Technologies.
  • Development & DB: Python (Django/Flask), Java (Spring), PHP (Laravel), React/Angular, MySQL, PostgreSQL, MongoDB, Oracle.
  • Standards: ISO 27001 (ISMS), NIST, CIS, SANS Guidelines, OWASP.

Top Certifications

  • CompTIA Network+ & Security+
  • Cisco Certified (CCNA, CCNP, CCIE, CCAr, CCSP)
  • Certified Ethical Hacker (CEH)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Offensive Security Certified Professional (OSCP) - *Implicitly covered by Penetration Testing expertise.*

Projects

Enterprise Network Security Overhaul

2020 - 2022

Led a complete redesign of a corporate network for a financial institution, implementing zero-trust architecture, advanced firewalls (Cisco ASA), and intrusion detection systems, reducing vulnerabilities by 85%.

Web Application Security Audit

2019 - 2020

Conducted a comprehensive security audit for a web-based e-commerce platform, identifying and mitigating SQL injection and XSS vulnerabilities using OWASP methodologies, improving application security score to A+.

Automated Threat Detection System

2018 - 2019

Developed a Python-based automated threat detection tool using machine learning to analyze network traffic, integrated with Splunk for real-time monitoring, enhancing incident response time by 60%.