CISA: Certified Information System Auditor
Freelancer
Total years of experience :20 years, 10 Months
Highlights:
• Provided clients appropriate, often leading edge, approaches and technology, to secure their critical assets, buildings and facilities worldwide.
Key Responsibilities:
• Providing a suite of advisory services to clients across the public and private sectors, with focus in assisting clients in the areas including operational strategy, their operating model design, organization design and development, process efficiency and financial capability.
• Analyzing clients’ business challenges, designing innovative IT-based solutions and leading the technical aspects of their delivery.
• Working with executive teams to support them in developing and implementing robust process, people and organizational transformation aligned to business priorities and goals.
• Applying knowledge of hardware/software/ networking/ communications and online management and installing hardware and software according to the pre planed architecture and the infrastructure setup.
• Formulating, streamlining long term IT development and application strategies to align technology for project roll outs, management systems and computerizing a range of business tasks
• Developing and providing customized solutions to clients and lead application projects that deliver the required business benefits; to the agreed cost, quality and timings.
• Supporting a multitude of clients and their varied needs, implementing projects through various phases in view of increased profitability, control, better information and efficient resource management.
• Demonstrating strong customer facing skills and the ability to understand customers' requirements and translate those into a compelling technical solution.
• Actively partnered in client engagements, assuming responsibility for the successful implementation and delivery of project work and contributing to client management and engagement and to wider business development of the practice.
• Keeping abreast of latest technological advancements and using the potentials of the same to respond to the distinctive and special needs of the diverse clients.
I am an effective member in Tech & Sys Audit Team carrying audit missions,
• I was to ensure successful achievement of the Technology & Systems Audit plan through effective planning and monitoring of audit assignments to ensure that they are executed in an economic, effective, efficient and timely manner.
• I had prepared system documentation describing the flow of data through computerized systems.
• I had carried out assigned audits and produce working papers that document evidential data obtained during the course of the audit fieldwork.
• After finishing the Audit field work we had to agree with auditee management the about actions to be taken in response to audit recommendations, ensuring that they are both appropriate and realistic.
• Working in assisting the Automation effort through analyzing the required specification of system and the development, testing and documentation of audit interrogation programs.
• I was to contribute to the development of the audit approach / techniques to ensure that they focus upon risk based Audit and provide a reasonable assurance that business objectives will be attained.
• Also I was requested to perform ad hoc audit follow up of external auditor and also non-audit related assignments as directed by the Technology & Systems Audit Manager.
Highlights:
• Served the company handling several responsibilities including IT management, Operation management and Administrative duties encompassing human resources programs and employment policies.
• Created the company's first Data-Center right from inception to completion stage as per the requirement of the regulatory body, CMA.
• Proposed/ deployed a unified telephone system and secured internet connectivity to serve 4 companies in the same building, resulting in cost reduction and savings.
• Handled the full project management life-cycle; defined and documented project scope, goals and deliverables that support business goals as well as reported to CEO and MD about the General HR plans pertinent to BMK’s benefits program like GOSI, Medical insurance, life insurance, and address employees training budgeting issues.
Key Responsibilities:
• Evaluated project requirements for secured datacenter - prepared test plans for new and modified systems including UPS, Firefighting system, Access Control, Aircon, CCTV, Network Patch Panel, cabling between various rooms, Automated Climate Control, etc.
• Designed/managed entire infrastructure for BMK, Al Tameer Companies in Dammam & Jubail, and Saudi joint company, assuring updates and maintenance are performed on current systems to keep up with changing organizational needs.
• Directed firewalls building, supporting user applications, monitoring network capacity, performance, usage and security, auditing performance reports, verified the usernames & passwords, to tender the most cost-effective and efficient use of servers to users.
• Guided and motivated work force, imparted continuous on-the-job training in areas of PCs & laptops, Printers, Computer -related software, Fingerprint software, etc.
• Provided technical support for different systems available in the computer lab pertinent to e-mail systems, fingerprint system for HR department, safety/ protection equipment and other IT- related devices.
• Partnered with IT market leaders and outsourcing companies to conduct IT -related tasks and responsibilities to enable customers to benefit from knowledgeable.
• Supported training of technical support staff and maintenance of UPS 75 KV, Fire Alarm FM200, temperature and humidity monitoring system and card access system for door security.
• Recommended new technical approaches and oversaw the requirement of Software licensing, upgrade and maintenance services such as Antivirus software, firewall system, Backup Program, etc.
• Managed web hosting services, through E-Box Solution which edits website content, applied changes to AVAYA IP Office 500 and provided call services via"0" for local calls, and "00" for long distance calls.
• Conducted financial and technical feasibility of the preliminary infrastructure design by multiple IT solutions vendors as well as supervised the power and networking and ventilation layout, as required.
• Identified the most efficient structure of IT Services to meet the banks developing business and operating model and also deployed 2nd layer of Infrastructure, by providing external links to Tadawul & Mubasher and the clearing Bank with 2 different service providers for redundancy.
• Coordinated with various departments, liaised and negotiated with vendors, suppliers and external outsourcing agents pertaining to pricing, deadlines, and timely execution of day to day operations.
• Spearheaded the conceptualization, and implementation of key network infrastructure encompassing secured internet zone, supporting other 3 companies on the same building with a feature where each company had their own security level.
• Evaluated and identified organizational requirements, to establish operating procedural standards, concurrently recommended IT infrastructure requirements and up gradations, to ensure acceptable levels of security, disaster management and designed the backup solution for entire company.
Highlights:
• Managed end to end project delivery right from inception to completion, and contributed effectively in branch development initiatives.
• Actively participated in all phases of Saudi Arabian Riyal Interbank Express (SARIE) tasks, ensuring smooth functioning and reduction in vulnerability to IT Risk.
• Mediated with Bahrain Telecom team and the local Service provider (STC)to upgrade the Existing links between RUH-BAH and setup a new link of KWT.
• Transformed processes for SAMA, and streamlined IT Audit functionality across KSA as well as standardized procedures for the banking activities integrating SAMA) & BNPP.
• Detailed project plans and followed implementation, of the IT infrastructure for the BNPP new company PNPP capital in liaison with regional IT team.
• Focused on process improvements creating operational efficiencies and controlling cost through agreed action plan on the IT Fundamental Monitoring Points (FMPs) for the branch.
• Implemented departmental and system controls, for local IT projects placed by Central Bank (SAMA)such as E check, ERMS 2, IBAN and telecom upgrade on time and within budget; Participated and assisted in the implementation of regional IT projects for KSA.
• Spearheaded the setup of implementation plan of Jeddah Branch and instrumental in establishing Capital Authority Market (CMA) project from IT point of view.
• Identified the most efficient structure of IT Services to meet the banks developing business and operating model in accordance with Central Bank requirements & Banks strategic initiatives & plans.
Key Responsibilities:
• Designed the overall solution architecture and provided complete project management throughout the lifecycle of the implementation.
• Performed more complex product design, system analysis and programming activities on application software to ensure that company technology needs are met.
• Coordinated evaluation, deployment and management of current and future IT infrastructure encompassing areas of IT Infrastructure, System Production and Maintenance, IT support, Projects realization, Recruitment and IT Budget Follow Up.
• Ensured appropriate communication of service quality, for deployment of SARIE Joint Network (SJN) as per SAMA requirements, leading by example, providing practical advice to resolve IT-related issues and implement of (SARIE) Gateway with different vendors with in accordance with SAMA.
• Embedded bank's values at all levels in the business and aligned them with the GCC regional Office to build the IT infrastructure for the treasury services (Routers (H/W & S/W) and Bloomberg (S/W) and the setup other bank applications like kondor for the business users.
• Audited projects in planning, execution and post-implementation life cycle to ensure all standards and best practices are being followed.
• Rendered strategies to eliminate current operational inefficiencies and implemented technology leading to enhanced productivity of customers, partners, and employees.
• Oversaw treasury system related projects within budgeted time and cost, to manage communications channels with Regional Treasury IT group, acting as a single accountability for Treasury IT activities.
• Provided accessible, scalable, redundant, fault-tolerant, manageable and maintainable solutions for mission critical environments of Banking system.
Key Responsibilities:
• Organized requirements definition for, and selection of, productivity enhancing technologies and their application for business process optimization in terms of systems and Hardware requirement Servers and environment setup and configuration.
• Formulated complete testing plans including functionality testing network/infrastructure testing to facilitate user-acceptance testing to maximize client/stakeholder satisfaction.
• Analyzed existing security measures and deployed Symantec Norton Antivirus and replacing the old Anti Virus across the whole Kingdom, by utilizing the local resource instead of outsourcing the full project to the 3rd party vendor.
• Installed, tuned, monitored and maintained E-Tadawul monitoring tool for the Tadawul system, evaluated and installed BSF Intranet update aligned to departments requests and implemented antivirus in the bank to ensure security of systems.
• Examined and resolved issues related to servers, networks, hardware and application software in addition to managing new and existing user's accounts, trouble shooting problems with the server services.
• Prepared all management reports for performance monitoring, capacity planning & quality bench-marking, forecasting, resource planning, capacity requirement and purchase planning to aid management in optimizing resources.
Other Professional Experiences:
•Sept 1999 - Oct 2002: Software Quality Assurance Officer/ LAN Support Engineer, National Commercial Bank-NCB
• Jun 1998 - Dec 1998: Systems Analyst, Cooperative Training Program in NCB
• 1993 - 1998: King Fahad University of Petroleum and Minerals (KFUPM), Dhahran, SA
Other Professional Trainings & Certifications: • CME1 • ITIL 2011 Foundation Certificate • UNIX (AIX 5, SYBASE DATABASE, Stilink Interface with SARIE, SARIE Security • Managing People • IT Project Management • Network Management and Design • Information Security • IT and security trends for the banking sectors in Saudi - Seminar Technical Competencies: • Administrating Network with various Network Operating Systems like Windows 2000 and 2003 • Configuring Windows 2000 Server as a Domain Controller, Member, ISA server, DHCP and DNS Server • Configuring clients’ systems with Operating Systems like Windows 2000 Pro and XP, Vista, win7 Pro • Creating user accounts, maintain and support Security for users • Planning for an effective recovery and back up strategy in case of Server failures and contingencies • Demonstrating sound knowledge of all IBM / HP Compatible systems based on Intel P4, Xeon and Itanium Servers and UNIX BOX AIX 5 Basic administration • Installing and configuring HP/IBM/Dell PCs, Laptops etc • Working with Rack mount servers based on high configuration with Dual Xeon and Itanium Processor as HP, Dell servers and IBM • Operating Systems: Windows 98, ME, 2000 pro, XP, Win7 pro, Win vista, Windows 2000 server, Windows 2003/2008 server, UNIX AIX 5L
