Senior Manager - IT Infrastructure / IT Security
Bahri
Total years of experience :21 years, 2 Months
Highlights:
• Enhanced, designed and implemented Riyadh office Network
• Designed and established new data centers at Dubai and Riyadh and transferred to the new location.
• Reviewed and enhanced Vessels Infrastructure as well as centralized the Ship Information System in the organization.
• Designed and implemented IT Infrastructure at the US/Huston new office
• Transferred India/Mumbai office to a new location with new standards.
• Restructured IT Infrastructure at the US/Baltimore office.
• Established cloud IT infrastructure and migrated business applications to cloud infrastructure
• Efficiently managing Data Centers at Dubai and Riyadh along with three backup Data Centers.
• Successfully established and operated Security Operation Center; established the security section and security standard.
• Led and managed IT Strategy 2018 project as well as built Cyber Security and Cloud Strategy for 2020.
• Actively participated in Digital Transformation project in 2020.
• Achieved ISO 27001 Certificate and ISO 27001 Security Standard for the organization.
• Evaluated and re-designed the security protection system for critical business applications and services.
• Established employee-centric cybersecurity awareness platform to improve user experience with IT Security.
• Efficiently conducted 45 Cybersecurity Awareness sessions spanning over 100 hours.
• Innovated BYOD and implemented on the organization.
• Led the security function of the organization to achieve 96% compliance with NCA standard.
• Integrated MS Teams with IP-Telephone System.
• Worked as an Analyst and Programmer for developing Telephone Billing System.
Current Responsibilities:
• Manage and administer the complete IT infrastructure of the company, monitor the infrastructure health & performance; evaluate architectural attributes of the infrastructure for reliability, availability and maintainability.
• Responsible for the overall system and infrastructure availability and develop a resilient infrastructure to reduce failures; work with Service Desk team to set SLA criteria for the availability and performance of the IT infrastructure.
• Manage systems, network and security across 7 offices and 95vessels; ensure that the performance and availability of the server and network infrastructure are maintained to the highest standard with maximum productivity and efficiency.
• Manage IT Cloud infrastructure and migration to cloud strategy.
• Assess different infrastructure components (network, servers, storage, systems, security, etc.) and propose improvements and solutions to optimize their costs, performance, management and security.
• Check systems and equipment for substandard performance or malfunctioning, fix systems and equipment problems; perform regular and on-demand infrastructure backups and recoveries.
• Ensure that the backup systems and disaster recovery system are reliable as well as ensure reliability, availability and security of IT systems through adequate systems and controls.
• Lead and manage different IT security-related projects to protect the company’s networks and data against threats, such as security breaches, computer viruses, or attacks by cyber-criminals.
• Organize social engineering campaign to assess employee cybersecurity awareness; conduct user feedback campaign to evaluate and formulate effective IT security strategy.
• Assess current technology architecture for vulnerabilities, weaknesses, and possible upgrades or improvements.
• Develop and implement information security strategies to detect and prevent security incidents arising from the threats, whilst ensuring the confidentiality, integrity and availability of the company data.
• Build and develop a strong relationship with the security team to ensure smooth infrastructure service operations; maintain proper documentation on technical aspects related to the project/system/network security.
• Conduct face-to-face cybersecurity awareness sessions based on current trends within the Security domain.
• Supervised and governed the organization’s Emergency Response Team and Security Operation Center in 24/7 capacity.
• Reviewed, evaluated and developed the organization’s ISMS strategy based on ISO 27001:2013.
• Conducted penetration tests and code review for new and current applications to find vulnerabilities that may harm the organization’s interests or customers and reported them.
• Managed the IT budget, oversaw the procurement of IT hardware, software, and maintenance products & services, evaluated tenders for all bids received, and submitted report and recommendation(s).
• Supported, configured, maintained and upgraded the company’s networks, servers, routers and switches.
• Diagnose and fix network/system faults, oversee the security of all systems and install anti-virus protection; administer and manage network security, email security and antivirus.
• Maximized network performance by monitoring performance, troubleshooting network problems and outages, scheduling upgrades and collaborating with network architects on network optimization.
• Performed technical research on network upgrades and components to determine feasibility, cost, the time required and compatibility with the current system.
• Delivered various effective security solutions across the IT department, supported implementation of new and emerging technologies and coordinated with vendors for evaluation of new technologies suitable for the company.
• Facilitated mitigation of information security risks, ensuring compliance with regulatory requirements.
• Designed and implemented disaster recovery and business continuity plans, procedures, audits, and enhancements.
• Rendered training to information security personnel during onboarding; provided information security awareness training to ensure consistently high levels of compliance with enterprise security policies.
• Maintained updated knowledge of the latest trends in the information security industry, including current and emerging technologies, accordingly identified requirements for skills enhancement (technical/soft) and designed training plans.