Total des années d'expérience: 23 Années, 8 Mois
juin 2022
A À présent
IT Auditor
à American University of Beirut AUB
Lieu :
Liban - Beyrouth
Developing a flexible annual IT audit plan using an appropriate risk-based methodology.
Plan and execute assignments in compliance with the applied auditing standards.
Prepare the Audit Programs and Update them continuously based on the new internal policies and procedures.
Identify areas of greatest IT risk exposure to focus audit resources.
Evaluate the adequacy of operating processes and internal controls.
Determine the adequacy of enterprise wide compliance efforts related to IT policies and internal control procedures.
Require appropriate corrective action to address deficient internal controls and follow up to ensure that management promptly and effectively implements the required actions.
Plan and execute assignments in compliance with the applied auditing standards.
Prepare the Audit Programs and Update them continuously based on the new internal policies and procedures.
Identify areas of greatest IT risk exposure to focus audit resources.
Evaluate the adequacy of operating processes and internal controls.
Determine the adequacy of enterprise wide compliance efforts related to IT policies and internal control procedures.
Require appropriate corrective action to address deficient internal controls and follow up to ensure that management promptly and effectively implements the required actions.
mars 2015
A mai 2022
Head of IT Audit
à Banque Misr Liban BML
Lieu :
Liban - Beyrouth
General Duties
Developing a flexible annual IT audit plan using an appropriate risk-based methodology.
Plan and execute assignments in compliance with the applied auditing standards.
Prepare the Audit Programs and Update them continuously based on the new internal policies
and procedures.
Identify areas of greatest IT risk exposure to focus audit resources.
Evaluate the adequacy of operating processes and internal controls.
Determine the adequacy of enterprise wide compliance efforts related to IT policies and internal
control procedures.
Require appropriate corrective action to address deficient internal controls and follow up to
ensure that management promptly and effectively implements the required actions.
Developing a flexible annual IT audit plan using an appropriate risk-based methodology.
Plan and execute assignments in compliance with the applied auditing standards.
Prepare the Audit Programs and Update them continuously based on the new internal policies
and procedures.
Identify areas of greatest IT risk exposure to focus audit resources.
Evaluate the adequacy of operating processes and internal controls.
Determine the adequacy of enterprise wide compliance efforts related to IT policies and internal
control procedures.
Require appropriate corrective action to address deficient internal controls and follow up to
ensure that management promptly and effectively implements the required actions.
décembre 2012
A février 2016
Head of IT Security
à Bank Misr Leban s.a.l
Lieu :
Liban - Beyrouth
Being held responsible on information governance as a whole by issuing the IT Security Policy
manual and by providing the overall strategic direction, support and review necessary to ensure that information assets are identified and suitably protected throughout the Bank;
Leading and strategically directing the function, ranging from planning and budgeting to
motivational and promotional activities clarifying the value of information security;
Being the secretary and a voting member in the IT Security Committee of the Bank;
Coordinating with the External Auditor in all issues subject to the safe implementation of
fundamental IT security rules as required by IT security standards (BCC222, ISO 27k);
Monitoring the IT operational risk in conjunction with the Risk Management department and
developing a formal policy for the IT operational risk.
Planning, executing, maintaining, monitoring IT security plans, and implementing applied
standards to make sure that authorities are properly distributed as required.
Monitoring and formalizing the users access and profiles based on formal policies.
Monitoring the planning phases of all the IT activities to ensure its compliance with the security
standards of the Bank;
Testing the IT activities, projects, and plans during execution, in the testing phases, and after
implementation to monitor its compliance with the security standards of the Bank;
Conducting regular audits of IT security methodologies, rules and contingency plans.
Preparing regular evaluation reports to general manager and the IT Security Committee.
Addressing IT security incidents and ensuring the measures taken to prevent reoccurrence;
Participation in the planning and testing of contingency planning, business continuity
management & IT disaster recovery in conjunction with relevant functions and third parties;
Providing IT security awareness programs and trainings for employees;
Recommending steps to be taken and participating in the investigation and remediation of
information security incidents or any violations to procedures established.
Providing certain mechanisms for immediate monitoring of sudden incidents.
Monitoring the Bank’s classified information.
Monitoring and auditing all log files, processes, and transactions on the systems;
manual and by providing the overall strategic direction, support and review necessary to ensure that information assets are identified and suitably protected throughout the Bank;
Leading and strategically directing the function, ranging from planning and budgeting to
motivational and promotional activities clarifying the value of information security;
Being the secretary and a voting member in the IT Security Committee of the Bank;
Coordinating with the External Auditor in all issues subject to the safe implementation of
fundamental IT security rules as required by IT security standards (BCC222, ISO 27k);
Monitoring the IT operational risk in conjunction with the Risk Management department and
developing a formal policy for the IT operational risk.
Planning, executing, maintaining, monitoring IT security plans, and implementing applied
standards to make sure that authorities are properly distributed as required.
Monitoring and formalizing the users access and profiles based on formal policies.
Monitoring the planning phases of all the IT activities to ensure its compliance with the security
standards of the Bank;
Testing the IT activities, projects, and plans during execution, in the testing phases, and after
implementation to monitor its compliance with the security standards of the Bank;
Conducting regular audits of IT security methodologies, rules and contingency plans.
Preparing regular evaluation reports to general manager and the IT Security Committee.
Addressing IT security incidents and ensuring the measures taken to prevent reoccurrence;
Participation in the planning and testing of contingency planning, business continuity
management & IT disaster recovery in conjunction with relevant functions and third parties;
Providing IT security awareness programs and trainings for employees;
Recommending steps to be taken and participating in the investigation and remediation of
information security incidents or any violations to procedures established.
Providing certain mechanisms for immediate monitoring of sudden incidents.
Monitoring the Bank’s classified information.
Monitoring and auditing all log files, processes, and transactions on the systems;
mars 2008
A novembre 2012
Senior Information System Auditor (IT Audit Section Head)
à Arab Finance House S.A.L (Islamic Bank)
Lieu :
Liban - Beyrouth
Identify areas of greatest IT risk exposure to focus audit resources. Promote the confidentiality, integrity and availability of information systes. Determine the effectiveness of management’s planning and oversight of IT activities.
• Evaluate the adequacy of operating processes and internal controls. Determine the adequacy of enterprise wide compliance efforts related to IT policies and internal control procedures.
• Require appropriate corrective action to address deficient internal controls and follow up to ensure that management promptly and effectively implements the required actions.
• Execute the weekly and monthly schedules for the different assignments. Assist in developing a flexible annual audit plan using an appropriate risk-based methodology.
• Execute the weekly and monthly schedules for the different assignments.
• Review compliance with the Bank’s guidelines for ethical business conduct and ensure that the highest standards of individual and professional performance are met.
• Identify areas of IT risk and appraise their significance in relationship to operational factors of costs and quality.
• Ensure that Management has defined an IT strategy to satisfy the bank’s business objectives taking into account all related risks.
• Ensure that IT Committee monitors IT investments which should be documented in line with established budget and approved by Senior Management.
• Ensure that an adequate Project Management process is developed to achieve the best cost/time/quality delivery of IT projec.
• Ensure that the Bank acquires the technology infrastructure that best supports the business applications in accordance with the IT strategy and regulatory requirements.
• Ensure that physical access controls are in place for defined locations within the IT Department.
• Ensure that contingency plans are developed and regularly tested.
• Evaluate the adequacy of operating processes and internal controls. Determine the adequacy of enterprise wide compliance efforts related to IT policies and internal control procedures.
• Require appropriate corrective action to address deficient internal controls and follow up to ensure that management promptly and effectively implements the required actions.
• Execute the weekly and monthly schedules for the different assignments. Assist in developing a flexible annual audit plan using an appropriate risk-based methodology.
• Execute the weekly and monthly schedules for the different assignments.
• Review compliance with the Bank’s guidelines for ethical business conduct and ensure that the highest standards of individual and professional performance are met.
• Identify areas of IT risk and appraise their significance in relationship to operational factors of costs and quality.
• Ensure that Management has defined an IT strategy to satisfy the bank’s business objectives taking into account all related risks.
• Ensure that IT Committee monitors IT investments which should be documented in line with established budget and approved by Senior Management.
• Ensure that an adequate Project Management process is developed to achieve the best cost/time/quality delivery of IT projec.
• Ensure that the Bank acquires the technology infrastructure that best supports the business applications in accordance with the IT strategy and regulatory requirements.
• Ensure that physical access controls are in place for defined locations within the IT Department.
• Ensure that contingency plans are developed and regularly tested.
août 2005
A février 2008
Systems Engineer
à BMPS
Lieu :
Liban - Beyrouth
Citrix Certified Administrator; Deploy and manage a centralized and secure architecture using
Citrix Presentation Server. Centrally administering line of business applications while providing
secure, rapid access to resources anywhere, on any device and any network.
Install, administer AD and perform security administration functions, including creating users’
profiles, secure AD infrastructure, GP objects and access management.
Manage and troubleshooting AD replication, DNS, DHCP, user and computer authentication
problems.
Deploy and administrator Exchange Server, responsible for the administration, implementation
and development of Exchange server systems.
Served on technical team that supports Exchange Server operations on a 24/7 schedule.
Maintained several types of communication equipment, including Windows Server, AD, and
Microsoft Exchange.
Hold complex responsibilities for configuring, installing and administering Windows servers
and telecommunications systems.
Complete administration of Windows servers including Servers backup, security, Patch
management, service monitoring and automated recovery actions.
Implement, configure, troubleshoot and maintain corporate Windows in users’ environment.
Provide server level support for Exchange servers, AD Servers, Windows and ISA Servers.
Manage, support and monitor infrastructure systems such as switches, routers, firewalls at
headquarters and local sites.
Citrix Presentation Server. Centrally administering line of business applications while providing
secure, rapid access to resources anywhere, on any device and any network.
Install, administer AD and perform security administration functions, including creating users’
profiles, secure AD infrastructure, GP objects and access management.
Manage and troubleshooting AD replication, DNS, DHCP, user and computer authentication
problems.
Deploy and administrator Exchange Server, responsible for the administration, implementation
and development of Exchange server systems.
Served on technical team that supports Exchange Server operations on a 24/7 schedule.
Maintained several types of communication equipment, including Windows Server, AD, and
Microsoft Exchange.
Hold complex responsibilities for configuring, installing and administering Windows servers
and telecommunications systems.
Complete administration of Windows servers including Servers backup, security, Patch
management, service monitoring and automated recovery actions.
Implement, configure, troubleshoot and maintain corporate Windows in users’ environment.
Provide server level support for Exchange servers, AD Servers, Windows and ISA Servers.
Manage, support and monitor infrastructure systems such as switches, routers, firewalls at
headquarters and local sites.
octobre 2004
A juillet 2005
IT - Support Engineer.
à Anzima S.A.L
Lieu :
Liban - Beyrouth
Provide service desk-based troubleshooting, support, problem and incident resolution and
ticketing documentation in timely manner.
Complete administration of Windows servers including backup, security, Patch management.
Install, administer AD and perform system security administration functions, including creating
users’ profiles, secure AD infrastructure, GP objects and access management.
Manage and solving AD replication, DNS, DHCP and computer authentication problems.
Administering of Windows servers including backup, security and Patch management.
Implement, configure and maintain corporate Windows in users’ environment.
Provide server level support for Exchange, AD, Windows and ISA Servers.
Fulfilled administrative responsibility's including the maintenance, restoration and
troubleshooting of server class systems specifically Dell and HP.
Install, repair the physical components of computers and assemble computers according to a
predetermined design and ensure that each component is fully powered and compatible.
ticketing documentation in timely manner.
Complete administration of Windows servers including backup, security, Patch management.
Install, administer AD and perform system security administration functions, including creating
users’ profiles, secure AD infrastructure, GP objects and access management.
Manage and solving AD replication, DNS, DHCP and computer authentication problems.
Administering of Windows servers including backup, security and Patch management.
Implement, configure and maintain corporate Windows in users’ environment.
Provide server level support for Exchange, AD, Windows and ISA Servers.
Fulfilled administrative responsibility's including the maintenance, restoration and
troubleshooting of server class systems specifically Dell and HP.
Install, repair the physical components of computers and assemble computers according to a
predetermined design and ensure that each component is fully powered and compatible.
août 2003
A octobre 2004
Technical Support Engineer
à Gezairi Transport-COMPTOIR ALGERIEN DU LEVANT S.A.L
Lieu :
Liban
Performed infrastructure maintenance and support of AD, Network Infrastructure, and
monitoring infrastructure.
Work with groups within IT Infrastructure and IT Applications in resolving technical issues.
Implement, configure, troubleshoot and maintain corporate Windows in users’ environment.
Install, repair the physical components of computers and assemble computers according to a
predetermined design or create custom models and ensure that each component is fully powered
and compatible with every other component.
monitoring infrastructure.
Work with groups within IT Infrastructure and IT Applications in resolving technical issues.
Implement, configure, troubleshoot and maintain corporate Windows in users’ environment.
Install, repair the physical components of computers and assemble computers according to a
predetermined design or create custom models and ensure that each component is fully powered
and compatible with every other component.
juillet 2000
A juillet 2003
IT Support Engineer
à Saudi Micro Tech
Lieu :
Liban
Provide service desk-based troubleshooting, support, problem and incident resolution and
ticketing documentation in timely manner.
Managed User Accounts on Windows environment (Creation, Deletion, and Permissions).
Install, repair the physical components of computers and assemble computers according to a
predetermined design or create custom models and ensure that each component is fully powered
and compatible with every other component.
ticketing documentation in timely manner.
Managed User Accounts on Windows environment (Creation, Deletion, and Permissions).
Install, repair the physical components of computers and assemble computers according to a
predetermined design or create custom models and ensure that each component is fully powered
and compatible with every other component.
Partager sur Facebook
Partager sur Twitter
Partager via Email