Amir Jafari

You will never know what can be done until you try to do it.

You will never know what can be done until you try to do it.


Amir Jafari is an experienced cyber security specialist with recognized strength in Network and Data Center security design.
He has an in-depth knowledge of Security solutions, Routing/Switching technologies, Data Center, Smart grid, and Virtualization.
He is Creative, analytical thinker with demonstrated ability to troubleshoot and optimize Security services.


2011: M.Sc. Networking Professional
Sheffield Hallam University(Sheffield, United Kingdom), Distinction
Thesis: "Performance Evaluation of IEEE 802.11p for Vehicular Communication Networks"
Ranked first amongst 14 MSc Networking Professional students during academic year 2010/11
2011:Cisco Networking Academy
Sheffield, United Kingdom
Network Fundamentals, LAN Switching and Wireless, Accessing the WAN, Routing Protocols and Concepts, and CCNA Security
2008: B.Sc. Computer Engineering
Tarbiat Moallem University (Tehran, Iran)
Thesis: "Office Automation"

Certifications & Trainings

2017: Implementing Cisco Data Center Unified Fabric (Cisco Nexus 7000, 5000, 2000 Series, MDS)
2017: F5- BIG-IP Local Traffic Manager (LTM)
2017: The Open Group Architecture Framework (TOGAF)
2015: Leadership Development
2014: ISO/IEC 27001:2013 Information Security Management Systems,QMS Certification
2013: Cisco Certified Internetwork Expert (CCIE) Routing and Switching,CyberTech, Tehran
2013: Cisco Certified Network Professional (CCNP) Route, CyberTech
2012-13: Cisco Certified Network Professional (CCNP) Switch, CyberTech
2012: Cisco Certified Network Associate (CCNA) Voice, CyberTech
2012: Cisco Networking Academy, CCNA Security, Sheffield Hallam University
2010-2011: Cisco Networking Academy, CCNA Exploration, Sheffield Hallam University
2012: SCADA Protocols (IEC 60870-5-101/104, DNP3),IEHT, Tehran
2010: IT Project Management (ITIL, COBIT), Sheffield Hallam University
2006: Developing Microsoft ASP.NET Web Applications, Tehran Institute of Technology

Member of

Back to Top

Work Experience (full-time)

- ICT Security Supervisor in Middle East Bank (MEBank), Tehran, March 2018– Until Now
- Network and Communications Expert in MAPNA Group, Tehran, July 2016– March 2018
- Security Solution Manager in Asan Andish Co., Tehran, May 2013– July 2016
  • Research, design, and oversee implementation of information technology systems and policies for information security in support of clients business needs,
  • Leading, designing, implementing, operating and maintaining the Information Security Management System (ISMS) based on the ISO/IEC 27000 series standards and PCI DSS for the Electronic Payment System,
  • Developing, maintaining, and implementing business continuity and disaster recovery plan (BCP/DRP) based on NIST 800-34 Contingency Planning Guide including business impact analyses, strategy selection, and documentation of business continuity and disaster recovery procedures,
  • Device and operating system hardening, control and management plane protection following the Cisco SAFE security reference architecture,
  • Determining processes and procedures for Security Operation Center (SOC) and SIEM platform based on AlienVault Unified Security Management (USM),
  • Identifying vulnerabilities of networks, systems and web applications by performing penetration tests and assessments and recommending corrective measures and ensure the adequacy of existing information security controls,
  • Installing and deploying Web Application Firewall (WAF) and configuring security policies.
- Network and Communications Expert in Tous Stadt Consulting Engineers Co., Tehran, July 2012– May 2013
  • Designing and deploying security and management solutions required for a Wide Area Network (WAN) architecture model and two Data Centers including Data encryption, Authentication, digital signature and Cyber security standards (NERC CIP, IEEE 1686, IEC 62351 and NISTIR 7628),
  • Analyzing technical goals, characterizing network traffic and logical and physical network design,
  • Designing and deploying Layer 2 Security (Port Security, Dynamic ARP Inspection, DHCP Snooping, IP Source Guard, Dot1x, Storm Control), Device Hardening and AAA,
  • Implementation and troubleshooting of IPSec and IKEv2.v1 network security protocols and issues related to interoperability with DMVPNs,
  • Configuring and maintaining ASA firewalls and Intrusion Detection Systems (IDS),
  • Collecting Logs and event records from devices and applications across network in order to investigate security incidents and mitigate threats.
- Network Security Expert in Rassa Informational Structures Engineering Co., Tehran, September 2008– July 2010
  • Planning security systems by evaluating network and security technologies; developing security requirements for local area networks (LANs), Virtual Private Networks (VPNs), routers, firewalls and related security and network devices,
  • Implementing, optimizing and troubleshooting of policies, rules for traffic control, HA features and NAT for routed and transparent modes on Cisco ASA Firewalls,
  • Implementing and troubleshooting of site to site VPNs using IPsec,
  • Configuring 802.1X Port-Based Authentication for wired and wireless networks,
  • Research, analyze and understand log sources for the purpose of security monitoring, particularly security and networking devices (such as firewalls, routers, and operating systems).
- Information Security Expert in Ehsan Technology Company (ETECH), Tehran, May 2007– September 2008
  • Execution and maintenance of procedures and standards to protect data privacy and integrity,
  • Defining security architecture and executing security strategy,
  • Supervision and execution of information security needs, policies and compliance,
  • Identifying security risks, analyzing those risks, and specifying system requirements and procedural measures to ensure the integrity of network information systems,
  • Assessing the vulnerability of information systems using different security tools, planning and implantation of preventive measures in order to prevent security penetration in the system,
  • Monitoring of logs and other security events to find targeted attacks against network.
Back to Top


- Information Security and Network Solution Consultant in National SCADA/EMS/WAMS project, Iran Grid Management Company, Tehran, January 2015– July 2016
  • Providing technical consultancy for Implementing and deploying 450 Routers and Switches for a WAN architecture model including two Data Centers and 400 remote substations
  • Securing network and control system communications that conforms to cyber security standards such as NERC CIP and IEC 62351
  • Developing Network Security Strategies, Control, Data, and Management plane protection, Device hardening, IEEE 802.1X and AAA implementation
  • Analyzing technical goals, characterizing network traffic, logical and physical network design
  • Implementation and Evaluation of Network Management System (NMS)
- Information Security Consultant in Electronic Card Damavand, Tehran, February 2014 – October 2015
  • Leading the design, implementation, operation and maintenance of the Information Security Management System (ISMS) based on the ISO/IEC 27000 series standards and PCI DSS for the E-payment system
  • Implementing Shaparak information security requirements (Electronic Payment Card Network of Iran)
  • Developing, maintaining, and implementing business continuity and disaster recovery plan (BCP/DRP) based on NIST 800-34 Contingency Planning Guide including business impact analyses, strategy selection, and documentation of business continuity and disaster recovery procedures
  • Device hardening, control and management plane protection, following the Cisco SAFE security reference architecture
  • Determining processes and procedures for the Security operation centre (SOC) and SIEM platform
- Senior Network Solution Sales Manager in Huawei Technologies, Tehran, February 2015 – June 2015
  • Network Solution Sales Manager for Mobile Telecommunication Company of Iran (MCI) and MobinNet projects
- Leading the Information and Communication Technology Division, Smart Microgrid Pilot-Plan Design Studies, Tehran, Iran, November 2012 – December 2013 Providing Iran smart grid roadmap ordered by TAVANIR (Iran Power Generation, Transmission & Distribution Management Co.)
Project Manager: Dr. Abdolreza Sheikholeslami, Scientific Director: Dr. Ali Nabavi
  • Studying various issues and challenges involved in design, deployment, utilization, and maintenance of the smart grid Infrastructure and the communication requirements needed for ensuring performance, flexible operation, and reliability
  • Responsible for the overall security of the WAN edge, and Enterprise Campus
  • Identifying various communication technologies that can be integrated with smart grid
  • Illustrating standards for information exchange in smart grid (standards for smart metering, Modbus, DNP3, IEC 60870-5, IEC 61850)
  • Investigating security and management solutions required for smart grid including Data encryption, Authentication, Digital signatures, and Cyber security standards (IEEE 1686, NERC CIP, IEC 62351, and NISTIR 7628)
  • Reviewing the smart grid main applications and communication requirements
  • Presenting the communication architecture of the current Iran distribution system and propose a heterogeneous communication paradigm for Iran smart grid
  • Studying protection issues, network management system and communication requirements for Microgrid in two modes: (1) grid-connected and (2) standalone
  • Providing smart grid equipment industry report
Back to Top


- Associate Lecturer and Research Associate in Faculty of ACES, Sheffield Hallam University, Sheffield, UK, October 2011- April 2012
  • Teaching Internetworking course for Master programme: Network Simulation (ns-2), Routing, Switching
  • Conducting lab sessions and providing extra assistance to student
  • Doing research on Vehicular networks and studying the architecture of Wireless Access for Vehicular Environment (WAVE)
  • Measuring the performance of IEEE 802.11p standard in ns-2 network simulation environment using realistic vehicular mobility models
  • Proposing "Integration Electricity and Transportation Model for Electric Vehicles"
- Computer Networking Instructor in Amirkabir University of Technology - Tehran Polytechnic, Tehran, November 2014– January 2106

- Keynote Speaker for Smart Grid Training Workshop Energy & power technology incubator, Tehran, Iran, 14th April, 2014

- Keynote Speaker for Future Intelligent Electric Power Grid Workshop Mazandaran University of Science and Technology, Babol, Iran, 25th October, 2014
Back to Top

Technical Competence

  • Network and data centre security design based on global standards and models such as Cisco SAFE security reference architecture and Enterprise Composite Model
  • Configuring, verifying, and troubleshooting security mechanisms:
    Device Hardening, AAA, Layer 2 Security (Port Security, Dynamic ARP Inspection, DHCP Snooping, IP Source Guard, Dot1x, Storm Control), Layer 3 Security (IP ACL, Context-based Access Control, DMVPN)
  • Having a deep understanding of security technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, Log Analysis, and Security Information and Event Management (SIEM)
  • Implementing and troubleshooting network security protocols IPSec and IKEv2, v1 and interoperability issues with VPNs
  • Implementing and troubleshooting switching protocols and mechanisms:
    VLANNIG, VLAN Trunking Protocols (ISL, Dot1q), inter-VLAN Routing, VTP, STP, RSTP, PVST+, CEF, FC, FCoE, FEX, vPC, OTV, VN-Tag, VXLAN
  • Configuring, Implementing and troubleshooting layer 3 protocols and mechanisms:
    Routing Protocols (RIP v1 & 2, IGRP, OSPF, EIGRP, BGP), Route Map, Route Summarization, Route Redistribution, Static Routing, MPLS, TRILL, PIM-SM
  • Configuring, verifying, and troubleshooting IP addressing services including IPv4, IPv6, VLSM, CIDR, Private Addressing, NAT, PAT
  • Configuring and verifying Network Management protocols including SNMP (v1, v2c, v3), Logging, NTP, Syslog, CDP
  • Advanced Quality of Service (QoS) design, implementation and troubleshooting including Classification and Marking, Congestion Management and Avoidance, Shaping and Policing
  • Configuring and verifying WAN connections including PPP,HDLC, Frame Relay, VPN
  • Configuring, verifying, and troubleshooting VOIP solutions and Cisco Unified Communications Manager
  • Implementing AAA using Cisco ACS Servers and TACACS+ and RADIUS protocols
  • Installing and configuring Microsoft Exchange, MDAEMON mail server, Active Directory, Microsoft SQL Server, DNS and DHCP on Windows Server


  • Programming: TCL, SQL, XML, C++, C#,
  • Operating systems: Linux (Red Hat, UBUNTU), Windows Server 2003/2008
  • Tools: VMware,NS-2, SolarWinds, Cisco ACS Servers, Cisco Unified Communications Manager (CUCM), Matlab, Adobe flash
Back to Top


- "Performance Evaluation of IEEE 802.11p for Vehicular Communication Networks"
A. Jafari , S. Al-Khayatt and A. Dogman, 8th IEEE, IET Int. Symposium on Communication Systems, Networks and Digital Signal Processing, 2012, Published

"Performance Evaluation of IEEE 802.11p for Vehicular Communication Networks"[PDF]
A. Jafari ,M.Sc. Thesis, Sheffield Hallam University, 2011,
Back to Top

Get in touch.

Send me a message



Back to Top