Faisal Muneer Awan, Manager IT Security

Faisal Muneer Awan

Manager IT Security

MCB Bank Limited

Location
Oman - Muscat
Education
Diploma, ISO 27001 Lead Auditor
Experience
21 years, 1 month

Share My Profile

Block User


Work Experience

Total years of experience :21 years, 1 month

Manager IT Security at MCB Bank Limited
  • Pakistan - Lahore
  • My current job since October 2011

As a Manager IT Security, my job responsibilities includes but not limited to the following:

* Development and refinement of policies and procedures
* Ensure the enforcement of Information Security Policy
* Lead Implementer in PCI-DSS Project with consultancy from Trustwave
* Conducting vulnerability scanning and coordinating in remediation
* Coordinating the BCP/DR plans and DR drills for the information systems
* Coordinating the activities of the IT/IS auditors
* Serving as an internal information security consultant to the organization
* DB & Network monitoring through IBM InfoSphere & Cisco ACS
* Security assessments of applications and projects
* Facilitating external auditors for conducting the annual audits
* Manage the compliance operations regarding the statutory and regulatory compliance
* Facilitating and promoting activities to create information security awareness within the bank
* Monitoring the internal control systems to ensure their adequacy and appropriateness

ICT Security Specialist at Oman Airports Management Company (OAMC)
  • Oman - Muscat
  • My current job since May 2014

* Managing SIEM (LogRhythm) and fine tuning as per organization need and security use cases
* Defining and configuring Data Leakage policies within the DLP solution (Device Lock DLP).
* Providing internal development team guidelines on secure coding best practices
* Conducting periodic Vulnerability assessments for information systems (Tenable & Acunetix)
* Providing consultancy to internal teams for remediation of security risks
* Building security configuration baselines for ICT systems based on industry benchmarks
* Handling security incidents and providing reports to the management
* Facilitating third party penetration testing and security assessment
* Selection of suitable security solutions to protect the information assets of OAMC
* Contributing in annual risk assessment exercise for ISMS project

Assistant IT Manager at Avari Hotels International
  • Pakistan - Lahore
  • February 2011 to October 2011

As an Assistant IT Manager, I was responsible for:

*Leading the IT Operations team.
*Management of IT projects and keeping higher management informed of project progress and issues.
*Plan and manage allocation of IT resources including budget, personnel and equipment.
*Anticipate future IT needs and identify proactive solutions to meet organization’s needs.
*Making Backup Schedules & Disaster Recovery Plans.
*Compliance testing of internal IT controls.
*Updating documents relating the Change Management Process, Technical Manuals.
*Information Security awareness trainings for the staff.

System Administrator at Avari International Hotels
  • Pakistan - Lahore
  • April 2006 to January 2011

*Managing and troubleshooting the network of over 400 nodes.
*Administrating Wi-Fi Network available throughout the hotel with Cisco's Aironet 1100 Access Points managed through WLSE (Wireless LAN Solution Engine)
*Squid on RedHat Linux as proxy server with DSL connectivity.
*ISA Server 2004/2006, VPOP3 Mail Relay Agent
*Attendance Management System using Biomatrics
*Electronic Door Locks (Onity) & Electronic Safes and their computerized management.
*Hotel Management System (Micros Fidelio/Opera)
*Micros Point of Sales Restaurant Management System.
*Sun Accounting Systems and Stocks/Inventory Management System.
*End point security management.
*Backups and recovery operations

System Administrator at Avari Dubai Hotel
  • United Arab Emirates
  • March 2009 to June 2009

During my visit to Avari Dubai Hotel, I was responsible to manage the IT Department and to roll-out of following projects:
*Implementation of Interactive TV Project.
*Opera (Hospitality Management System) in Multi Property Setup.
*BCP/DR

System Support Engineer at Computer World
  • Pakistan - Karachi
  • February 2003 to March 2006

* Administration of Active Directory
* Configuration of DHCP, DNS, IIS, FTP, NTP
* Symantec Corporate Edition (Managed Antivirus)
* Installation & troubleshooting of packages and OS

Education

Diploma, ISO 27001 Lead Auditor
  • at Moody International / IRCA
  • April 2011

Certificate Number: 100727

Diploma, ITIL v3 Foundation
  • at OGC / EXIN
  • March 2011
Diploma, Certified Information Systems Auditor
  • at ISACA
  • February 2011

Certificate Number: 1191430

Master's degree, Computer Networks & Data Communications
  • at Superior College
  • July 2004

Specialties & Skills

Vulnerability
Awareness
PCI DSS
IT/IS Audit Compliance
Information Security Management
PCI-DSS
Regulatory Compliance
Information Security Policy

Languages

English
Intermediate
Urdu
Expert

Training and Certifications

Certified Information Systems Security Professional (Certificate)
Date Attended:
December 2011
Valid Until:
December 2011
ISO 27001 Lead Implementer (Certificate)
Date Attended:
November 2011
Valid Until:
November 2011
Introduction to COBIT (v4.1) (Certificate)
Date Attended:
January 2012
Valid Until:
January 2012
PCI DSS Training - Technical Track (Certificate)
Date Attended:
October 2011
Valid Until:
October 2011