IT Security Manager
Samba Financial Group
مجموع سنوات الخبرة :14 years, 5 أشهر
- Managing variety of Information security technologies such as Firewalls, ATP, Endpoints, etc.
- Preparing cost benefit and return-on-investment analysis to help management decide if the new system is feasible.
- Participating on developing and maintaining cyber security strategy, cyber security policy, cyber security architecture and cyber security risk management process.
- Ensuring that detailed security standards and procedures are implemented.
- Developing the cyber security staff to deliver cyber security solutions in a business context.
- Managing cyber security activities across the organization, including monitoring of the cyber security activities, monitoring of compliance with cyber security regulations, policies, standards and procedures, participating on cyber security incidents investigation, participating in performing cyber security reviews.
- Developing and maintaining a main IT security architecture in light of business requirements.
- Developing specific technical guidelines and standards based on overall IT security requirements (e.g., policies and procedures).
- Coordinating with all stakeholders to ensure that proper cyber security technologies are in place and that new initiatives are executed to further develop the information security landscape.
- Making or preparing decisions on the best control strategy (e.g., disconnecting rogue devices from the network, locking fraudulent user accounts, implementing firewall blocks, etc.).
- Develop cyber security policies and procedures.
- Defining the information security incident response process, including process stages and roles and responsibilities, as well as proactive response planning and resilience initiatives.
- Work with internal and external audit to identify and close all cyber security observations and findings.
- Triggering required protection processes for risk mitigation (e.g., patch management), and making risks transparent and manageable (e.g., formal risk acceptances), as well as performing support during and after information security incidents.
- Ensuring implementation of cyber security guidelines and standards across all projects.
- Confirming compliance with cyber security requirements (e.g., sign-off required at defined check points and quality gates).
- Playing an active main stakeholder role in project steering committees.
- Vendor management.
- Coordinate and maintain comprehensive Business Continuity and Disaster Recovery Programs, strategies, plans and procedures.
- Coordinate and manage activities related to the Business Continuity Plan (BCP) including the Disaster Recovery Plan (DRP).
Leading many Information security projects.
Key achievements:
Infrastructure Security systems such as DLP, Data classification & Labeling, Firewalls, ATP, etc.
The objective of the Master of Information Systems Management program is to provide students with the opportunity to advance their skills and broaden their knowledge base by undertaking extensive study in the information systems discipline. With changing business requirements due to globalization, technology and improved business practices, it has become desirable for graduates to acquire skills not only in their discipline but to also have some basic knowledge of other related disciplines. MISM aims to address this requirement by providing graduates that are highly competent in the information systems discipline with a working knowledge of related skills from complimentary disciplines.
NON.