Cyber Security Analyst
KIPIC
Total des années d'expérience :13 years, 5 Mois
• Worked as Analyst Cyber Security and Risk Analyst to prepare execute ISO/IEC 27001 internal audits for Symantec business units.
• Plan to remediates IT security risks and vulnerabilities.
• Create Risk Assessment Report and provide a feedback to senior team members and management.
• Leading the process of governance administration and maintenance; ensuring compliance with Symantec Information Security policies, standards, procedures and best practices.
• Security Awareness and vulnerability assessment.
• Planning and Conducting ISO 27001 Compliance assessments for Iaas, Paas and Saas.
• Conducting vulnerability assessment and remediation plan
• Supporting in a project with (15M K.D) in 5 Years contracts for Kuwait Airways (KAC).
• Supervised 9 staff across 3 divisions: Security Operations Centres (SOCs), IA and Compliance, and Information Security.
• Worked closely with CEO in the development of ERM balance scorecards, IT Security Governance, and executive dashboards for key security metrics.
• Partnered with organization management and administration, Privacy Oversight Committee, and legal counsel to design, implement, and update privacy policies/procedures. Confirmed ongoing compliance with all contractual security requirements and applicable government regulations.
• Continually monitored security metrics of logical/physical systems for controlling building and system access. Architected remediation controls to neutralize system vulnerabilities.
• Conducted reviews and oversaw enterprise security training for users and IT administrators. Directed small security team charged with implementing for many clients some Cybersecurity solutions and more.
• Provided expert consultation to external customers on security and security-related integration projects within medium and large commercial and government organizations. Completed risk assessments and gap analyses on clients’ architecting solutions to identify/mitigate vulnerabilities.
• Conducted network, security, compliance and risk management assessments for corporate infrastructure and mentor organizations to implement improved processes and technologies. Referenced ISO 27001/27002, ITIL as benchmarking tools to support clients in operating within industry best practices.
Page 2 of 6
Major Achievements
• Improving the availability, integrity and confidentiality of internal business as well as for the clients.
• Work closely with security operations centre & drive through service improvements for ASC customers & Business Maintain security policies & compliance, adhere to ISO 27001 and 27005 compliance, planning and implementing, and raise security awareness and manage a security risk register.
• Develop all security documents are maintained and chair & manage Security meetings & maintain minutes.
• Build a Cyber Security Incident Response Analyst, Digital media forensic, Vulnerability assessment and pentest, and Cyber intelligence analysis
Computer repair;
Making backup copies;
Ensuring the protection of the network and computers;
Formatting computers;
Protecting the networks Installation;
Management of anti-virus software;
Training the staff on how to produce invoices, the client database software, Microsoft Word and Excel;
Dealing with customers and organising car shows.
Writing articles for the Science and Technology section with the focus on hazard materials in computers, software, technology, communication solutions, securing data against infections and intrusions from the Internet.
Synthesizing available information from English scientific journals, the Internet, science websites and IT forums.
معرفة بعمل المشاريع وتسويقها , عمل شبكات , مواقع انترنت , صيانة كمبيوترات , والتقنيات الاخرى