Section Head in IT Security : Access Control & Key Management
Banque Saudi Fransi
Total years of experience :23 years, 0 Months
IT security: Access control & Key Management Section.
Managing two units of access control and key management.
By setting up the goals and plans to derive the bank into most security mode.
• Managing access control
• Identity management
• Automating access request provision
• Implementing Role Based System
• Security access review
• Security Assessment
• Desktop & Servers security
• Privileged access repository (PAR)
• Single sign on (SSO)
• Key Management System
• PCI DSS & Pin security management
Head of Key Management and PIN Security
• Generation, Loading, Transferring, Renewal and Destruction of issuer public key (IPK) with card scheme.
• Reviewing EMV keys (inventory, key life cycle and activity).
• Preparing self audit assessment and questioners for PIN security life cycle structure to meet the PCI compliance.
• Reviewing and studying the best approach to comply with PCI requirements and completing the gap analysis.
• Defining best practice process to structure Keys life cycle, that includes generate, convey, load and destroy the encryption key.
• Maintaining Thales HSM7000, 8000, 9000.
• Managing and exchanging the keys with VISA, MasterCard and SAMA.
Team Leader of Identity Management and End Point Security
• Setting up the objectives, time lines and projects plans.
• Initiating risk assessment report for BSF applications.
• Designing review process that includes (users, groups, profiles and share drives for BSF systems and servers).
• Managing and automating the systems requests (Rest password, Add, Modify and Delete User) using IMS (Identity Management System).
• Building IMS workflow and fixing application integration.
• Renewing SARIE Private Key and Id certification.
• Maintaining applications user access control.
• Maintaining SARIE workstations user access
• Review SARIE users access control, card inventory and user workstation.
• Applying workstation restriction & Local Admin Removal.
• Creating and designing systems profiles groups, and templates.
• About a three years experience of systems security administration. Unlocking, disabling, creating, modifying and deleting of user Ids as well as changing access rights, designing the systems security templates and users support.
• Keeping track of all terminated / transferring staff and revoke all their previews Ids, upon HR request.
• Granting/revoking Lotus Notes databases and groups to the users.
• Keeping track of all open root passwords and change them immediately by coordination with another systems security officer.
• Designing / writing user profile maintenance and accountability forms to comply with the security policy.
• Updating department consoles and servers with latest service pack and Norton Anti Virus Definition.
• As of quarterly updates, we are keeping track of all systems users with coordination with the system owner and users line manager.
• Managing "Centralize Finger Scan" project, arranging meetings with the QA, vender, IT Audits and Network engineer. Scheduling time frame of the finger scan project.
• Archiving SARIE Sybase audit trail.
• Periodically upon SAMA instruction we change private and public keys of SARIE HSM
• Upon SAMA contingency exercise we applied SARIE switch exercise from primary to SAMA.
• Developing and designing Doha computers web page.
• Giving training courses of operating systems, Microsoft windows and office.
• Troubleshooting and fixing computer software and hardware.
• Leading a team in project of Najed Pharmacy System. • Developing Sales Management System for Computer Shop by Visual Basic. • Expert in programming at C++, Pascal, Visual Basic and COBOL. • Having presentation of Home/ LAN Wireless Network. • Installing and configuring Linux.
• Senior level as completing 100 hours of the major courses.