Cybersecurity Manager
Confidential
Total des années d'expérience :11 years, 8 Mois
- Develop and maintains cybersecurity policies and procedures based on KSA and international regulations.
- Develop Cybersecurity strategy and plans.
- Provide technical advisory for information technology projects and initiatives.
- Manage, evaluate, and adopt Cybersecurity solutions.
- Identify threats and risks that are relevant to organisation's operations and systems.
- Preform security vulnerability assessment and remediation plans.
- Preform security risk assessment, gap analysis, and risk remediation plans.
- Document information related to Cybersecurity attacks, threats, risks and controls.
- Develop and maintains information security policy and procedure program based on adoptive frameworks such as ISO and NCA controls.
- Develop information security strategy.
- Preform security risk assessment, gap analysis and risk remediation plan.
- Preform security vulnerability assessment and remediation plan follow up.
- Perform internal penetration testing for IT application.
- Provide advisory for any information technology project.
- Analyze incidents resolution findings and take appropriate actions.
- Maintain and operate infrastructure security products.
1) Access Management
•Develop and maintains the access and Risk Management program
•Perform investigations of access violations
•Carry out Risk Assessments
•Provide periodic reporting on access issues and identify access issues and violations.
•Participate in the review of new systems designs and major modifications for access
implications during design and implementation phases.
•Review & measure the access level and make suggestions for potential
•Assist in ensuring that Departments have fulfilled their security responsibilities
•Assists with the documentation of information security incidents as well as the analysis of
the circumstances enabling or permitting these same incidents to take place.
•Participates in the Security Incident Handling Team
2) Incident Management
•Manage the process of diagnosing and resolving the escalated incidents within his
responsibility
•Define the incident resolution plan
•Analyze the incident resolution findings and take appropriate actions.
3) People Management
•Manage staffing, including recruitment, supervision,
•Evoke creative and innovative thinking
4) Information Security Obligations
•Comply with the corporate information security policies & procedures relevant to his role.
•Preserve the: Confidentiality of information by promising that data should only be accessed
by authorized people; Integrity of the information by safeguarding the accuracy and
completeness of information and processing methods; Availability of information, by
ensuring that users under his control has access to information and associated assets when
required.
- Review project technical specification with all IT infrastructure and IT operation project managers to ensure to fulfill all
required documentation.
- Supervises juniors in monitoring the performance of internal and external contractors, ensuring the documented scope
of work is executed and all relevant procedures are followed.
- Assists in assessing the health of select running technical projects against schedules, budgets and objectives, reporting
status to immediate seniors on a regular basis and highlighting variations from schedule or budget, if any.
- Participates in identifying project scope changes and assists in planning changes, as guided by immediate senior
- Supervise periodic Quality Assurance audit inspect STC’s technical projects from a project management point of view and
reports audit results to relevant departments for articulating effective action plans.
IT Access Control & Risk Management Analyst:
- Improve access control policies.
- Project implementation & integration through the IT infrastructure.
- Manage identity management project.
- Manage new business requirements.
Projects:
- IBM Identity & Access Management.
- Project technical advising.
- Project development.
- Project implementation.
The main object is to deliver a high quality solution to the client.
My job was to setup switches, routers and access points. Also i worked in the network security department for a while. There was additional duties such as writing reports about the network behavior and updating requirements. The basic aspect of the job was to achieve the goals of my training program which getting filmier to work environment .
In my major i have studied two different programming languages C and Java. Also studied logic design and the basic electrical and electronics knowledge and i got deep in networks and networks programming using Cisco iOS. I toke some courses regarding long term evaluation (4G LTE) technology , broadband and high speed networks.