IT Security Professional
DAR AL HANDASAH
Total des années d'expérience :17 years, 9 Mois
- Implementing IT security in Dar Al Handasah, in a very distributed and challenging environment (more than 30 offices across the globe).
- Coordinating between IT infrastructure department and IT operations department for proper implementation of IT security controls
- Implementing SANS Top 20 Critical Security Controls
- Design and lead SIEM implementation (LogRhythm), a full study was made for more than 30 site to audit the solution, I was responsible for implementing advanced correlation rules to detect the unseen behaviors of applications, and I succeeded in passing the knowledge to the SOC team in different sites for monitoring and detection.
- Managing the implementation of two factor authentication for different services across the company.
- Working on Nexthink (Endpoint Security) and developing many security scripts to check processes with VirusTotal and detect user behavioral anomalies.
- Performing internal penetration testing exercises against various IT assets.
- Developed many security tools like trimming office macros from Symantec Messaging gateway before reaching the user mailbox, endpoint monitor to detect virus’s behaviors.
- Creating many kind of viruses that bypass antiviruses and load in memory to bypass application whitelisting.
- Reverse engineering malwares and viruses. Handling various types of security incidents.
- Experience with many IT security products (IPS, IDS, Firewall, Web Filter, Antivirus, Sandboxing Solutions, EPP, SIEM …)
- Develop a number of software and web applications for: E-Commerce websites, E-Learning applications, CMS websites, Document Management System, Auditing Management System, and Convicts Management System and also supervise and execute various client projects for the above
- Develop intranet tools to assess and automate different tasks
- Design and lead complete Project Management whereby meet customers, assess needs, well web-link services, analyze the entire project, design the interface, design the applications involved.
- Execute the project in question, test it for bugs and hacks, integrate with parent systems, deploy necessary firewalls, train client for long-term run and provide extensive maintenance and support.
- Manage a telecom company whereby I am undertake total risk responsibility for the project in question;
- Respond appropriately to the risks, based on that assessment.
- Monitor and report on the current status of risks and the effectiveness of their controls.
- Design and create value added services (VAS) including: Consumer VAS, Network VAS and Enterprise VAS.
- Find customers worldwide and augment retainer clients.
- Implement VOIP soft switch, assess its potency and monitor its resilience.
- Buy exclusive terminations and also interconnect with tier1 carriers.
- Implement web applications based on the universal platform under C#.net 2005
- Develop and implement e-Commerce web applications
- Develop and implement DMS web applications and open source management system
I used to make the discovery workshop, Implementing BPM (Business Process management) Solutions for different kinds of companies (www.ultimus.com), integrating with sql and .net 2005. Provides technical support to end users .
Received one honor for originating a military robot with motion detection and target locking, artificial intelligence mode (full control over internet) .... etc. i was from the first 5 in my class, but my projects took the first awards in all courses over the 2 last years