CISO
wasl
Total years of experience :29 years, 2 Months
•Provide vision and leadership for developing and supporting security initiatives
•Planning and implementation of enterprise IT system, business operation, and facility defenses
•Planning, Designing & Implementing ISO 27001 International Standard accross organization. Help Organization acheiving ISO27001 certification.
•Auditing security systems to ensure the robustness of the systems
•Overall responsible for the security of IT infrastructure, information systems and data facilities.
•Working incompliance with UAE Regulations & Local Laws.
•Information Security Business Solutions.
•Compliance (PCI:DSS, ISO27K, AML, WPS) & Regulation to Central Bank.
•Security Posture Assessment and Internal IT Audits.
•Penetration Tests, Vulnerability Assessments of web facing applications.
•Risk Assessment of
Business Critical Applications/Infrastructure/Systems/Databases.
Plan / Design / Implement Security Policy throughout Bank using (ISO-17799). Educate Users & IT department on Security Policies & Industry best Procedures. Help IT to develop SOP (Standard Operating Procedures).Plan / Design / implementation IT Projects with adequate level of security meets business requirement. Help business mitigating Risks by identifying Operational Risks & Controls. Playing major part in Internet Banking Project. Taking care of Infrastructure from Network point of view. Perform frequent Audits / Penetration testing to assess current security level & gaps recommend remedies after Risk Analysis. Perform Monthly vulnerability assessment on all devices / systems. Supporting business by giving them access to different network even outside UAE using state of the art technology & solutions in the market.
Managing IT Security Policies, Procedures, Audit & Governance. Educate Users & IT department on Security Policies & Procedures. Plan / Design / implementation IT Projects with adequate level of security meets business requirement. Develop processes like Staff entry & exit, Incident Reporting, Escalation Matrix, BCP/DRP, ADC (ATM, POS, IVR). Perform frequent Audits / Penetration testing to assess current security level & gaps then after Risk Analysis recommend remedies. Perform Monthly vulnerability assessment on all devices / systems. Help other units within IT to develop SOP (Standard Operating Procedures). Implemented SGS (Symantec Gateway Security) & Biometric Access Control devices at head office. Monitoring & logging Juniper NetScreen Firewalls, Symantec Gateway Security (IDS / IPS), Microsoft ISA, Cisco Routers, & Switches.
Working as Team leader in IS/IT function.
Responsibilities:-
•Ensure all IT services are delivered according to vendor SLA and company requirements.
•Leading Regional Telecommunication Security / PABX related projects.
•Security of clients / servers / LAN & WAN devices / data centers.
•Penetration testing & system audits using Qualys Guard.
•Looking after countrywide LAN/WAN, Access Routers, Voice (PABX).
•Vendor/Contract management.
•Update senior management with new development & business need in respect to information technology.
Looks after all LAN / WAN products, especially Unix & Windows NT servers
Have strong knowledge of HP OpenView Network Management Products used for LAN / WAN monitoring / managment.
Deploy & maintained Novell Netware servers for one year at Unilever Pakistan headoffice, resident engineer by IOP.
B.Sc. - Computer Engineering
H.S.S.C. - (Pre-Engineering)
S.S.C. - (Science)