هيثم يوسف

Working as a Senior manage detection and respone MDR (SOC Analyst Tier 2) and Threat Hunter

One of the key consultants for CSC which was responsible for the cyber security of the state of Qatar and FIFA World Cup 2022, MOI Penetration testing technical team lead, and the MOI - Pentest capability building "taking part on drafting policies & procedures; and delivering technical training". MOI Incident Response team member, participated in several incidents concerning several large organizations and entities including Banks, Petroleum and Gas companies, and others.
Conducting large scale Vulnerability Assessment and providing remediation recommendations.
Providing consultation and technical recommendations for other departments, agencies and critical infrastructure operators on special projects and cases with challenging technical difficulties and requirements e.g. systems high/low level design review, assist in establishing enterprise security architectures and cyber- related investigations.
Participated in the operation establishment of the National CSOC Cyber Security Operations Center. Writing reports and preparing presentations on information security topics for both technical and executive level audiences, in Arabic and in English.

Conducting Penetration Testing / Vulnerability Assessment for Alrayyan Media & Marketing Co. and all of its subsidiaries(Alrayyan TV, Alrayyan Magazine, Alrayyan FM).
Establishing Incident handing procedures and conducting Incident Response. Design Security Architecture plans.
Participate in implementing Information Security policies and risk management.
Key role in implementing ISO 27001.
Plan & Supervise all security related tasks done by infrastructure team (Servers Hardening, Firewall & IDS configurationetc).
Member of the Change Advisory Board CAB.

Establish and lead the information security systems section; fully responsible for the infrastructure security and hardening servers and workstations, in addition to conducting assessments (Penetration Testing / Vulnerability Assessment) and Incident Response for ASCOM Geology & Mining and all of its subsidiaries (ASCOM for Calcium Carbonate ACCM, Glass Rock for insulation company ASCOM Glassrock, ASCOM for precious metals ASCOMPM). Established the Information Security department and designed its full process and functions.
Design and deliver full security awareness program. Fully responsible for the design, implementation and management of security systems (IDS/IPS, SIEM, Patch management, Antivirus, Firewall), Security Architecture plans while participating in writing the policies (DRP, Information security policies).

Performed IT administration tasks on hybrid environments including Windows (servers & workstations), Linux (Debian) and Unix (AIX) systems, Messaging system administration (Exchange 2007/2010), SAP Basis Administration, Daily Backup (Symantec BackupExec), Hardware & Software SLAs follow up (IBM & HP), Technical support & Service Desk.
Verifying the integrity and availability of all hardware, server resources, systems and key.