Information Security Specialist
Ministry of information and Communication Technology
Total des années d'expérience :17 years, 6 Mois
- Building capacity among government employees (ISOs) especially in information security via training
- Providing consultation services to government entities related to info security
- Assessing the information security status in various government entities in light of both ISO 27001 standard and the National Policy of Information Security.
- Enforcing information security in the early phases of the project management.
- Awareness sessions for senior management in government entities.
- Participating in the improvement of the current legislative framework.
- Improving the current eGov infrastructure in order to fulfill security demands of to-be implemented electronic services; i.e. PKI.
- Acquiring solutions needed to fulfill and implement the security policies and requirements.
- Planning for and enforcing compliance with ISO27000s standards.
- Risk assessment for all IT assests.
- Conducting risk-based audits.
- Project manager of implementation of Business Continuity and disaster recovery Plans.
- Planning, implementation and enforcing of a comprehensive Information Security Policy.
- A member in the many Project Management Teams.
- Enforcing Incident Handling and Change Management policies and procedures
- Controlling access to Information System assets.
- Monitoring GW security (FW, URL Filter, and Antispam) log files.
- Conducting vulnerability assessment tests.
- Preparing of backup strategies and co-administration of backup procedure/tool.
- Planning and enforcing security controls in network, systems, DBMS and application levels.
- Conduct IT Security awareness training for employees
- Administrator of SIEM solution (Information Security and Event Management solution)
- Implement security audits.
- Manager of service level agreements between IT department as the service provider and the business departments as the customers.
- Administrator of Change management and Service Level modules in HP service Desk (ITIL based)
- Planning, design and implementation of IT Security Policy (systems, network devices, users, data and database systems)
- Derivation of business procedures to comply with the Information security policy.
- Administration of Cisco PIX FW solution; design, planning, development and maintenance.
- Preparing security recommendations for the purchasing committee of Oracle DB systems tender.
- Administration of Cisco IPS and Cisco MARS appliances.
- Administration of URL Filter solution
- Administration of Microsoft ISA FW.
- Administration of Cisco Content Engine.
- Configuring AAA protocols to control access of IT resources.
- Designing educational experiments using robots.
- Training of both end users and instructors.