Hello, my name is

Masham Khalid

Risk Manager

About me

Diverse industry experience of more than 15 years, with a strong focus on network security and risk management. Proven ability to navigate critical & complex situations. Independent and fast learner with an analytical approach to problem solving. A proactive leader and effective team player, dedicated to fostering a culture of security and resilience.

"Navigating the Complexities of the Digital Realm with a Focus on Security and Risk Management."

I bring a diverse background across various technical roles, combining expertise in network security with strong problem-solving skills. My experience enables me to navigate complex challenges and foster collaboration within teams. I am dedicated to enhancing operational resilience and maintaining high standards of security and compliance throughout every project I undertake.

Throughout my career, I have developed a comprehensive background in various roles, starting from Technical Support Engineer to my current position as a Risk Manager at Ericsson’s Public Key Infrastructure (EPPKI) team. I have a proven track record of managing and mitigating security risks, conducting thorough vulnerability assessments, and leading internal and external audits. My technical expertise spans areas such as VMware Hypervisor, Linux systems, hardware security modules (HSMs), and public key infrastructure (PKI), along with experience in network design, data communications, and customer support. My roles at companies like Forcepoint and Huawei Technologies have equipped me with the ability to troubleshoot complex issues, manage projects, and implement effective security measures. With a strong commitment to continuous learning and improvement, I am dedicated to delivering high-quality solutions that protect and empower organizations in today’s digital landscape.

My Experience

2024-Present

Ericsson, Finland

Risk Manager

As a Risk Manager within Ericsson’s Public Key Infrastructure (EPPKI) team, I am responsible for overseeing and managing the security risks associated with Ericsson’s PKI services. My role involves conducting comprehensive risk assessments, driving the Information Security Risk Assessment (ISRA) process, and ensuring that identified risks are effectively addressed and mitigated. I work closely with cross-functional teams, including IT, Group Supply, and various security organizations, to ensure seamless cooperation and communication on security initiatives. In addition to risk planning, I lead internal and external audits and assessments, oversee vulnerability and penetration testing, and manage EPPKI’s Business Continuity processes. I am also responsible for driving the development of security monitoring systems and representing EPPKI’s security posture to key stakeholders. My work spans Ericsson’s global operations, ensuring that security improvements are implemented to safeguard both product and information security.

2020-2024

Ericsson, Finland

Senior Platform Operations Engineer

In my role as a Senior Platform Operations Engineer, I was responsible for maintaining VMware Hypervisor and Linux systems, managing bare metal servers and troubleshooting network devices such as switches and firewalls. I worked with hardware security modules (HSMs), public key infrastructure (PKI), EJBCA, and certificate management to ensure the security of Ericsson's product offerings.
I established an IPsec tunnel between two geolocations, developed staging environments for secure deployments and led efforts in patching servers and network devices to mitigate vulnerabilities. My responsibilities included conducting vulnerability assessments and spearheading security audits to ensure compliance with Ericsson's stringent security requirements. Additionally, I deployed Identity Management (IDM) and mail servers and performed packet capture analysis to determine traffic patterns within the network infrastructure. With limited exposure to Ansible for automation, I also contributed to version control processes using GitLab, enhancing the efficiency and security of our operational environments.

2017-2020

Forcepoint, Finland

Technical Support Engineer III - Network Security

During my time at Forcepoint, I had the privilege of serving as a Technical Support Engineer III, providing global level 2 support for their network security products. I collaborated with R&D teams to troubleshoot and resolve complex issues, ensuring the success of customers worldwide. Additionally, I was responsible for handling emergency cases, deploying and configuring network security products, and creating knowledge base articles to assist customers in understanding known issues and workarounds.

Education

2015

Finland

Aalto university

Master in Communications Engineering.

Major in Networking Technology.

2009

Pakistan

The University of Faisalabad

Bachelor of Electrical Engineering.

Silver Medal Holder.

Key Risk Management Skills

These core competencies highlight my expertise in risk management and security. Each skill has been developed through a commitment to excellence, enabling me to deliver effective security solutions and mitigate potential threats. From conducting thorough risk assessments to overseeing business continuity planning and ensuring compliance, these capabilities support my dedication to enhancing operational resilience across various environments.

Security Audits & Compliance
Business Continuity Planning
Risk Assessment
Risk Mitigation
Vulnerability Management