Director of Technology
SSCL
Total years of experience :19 years, 11 Months
Develop technical aspects of the company’s strategy to ensure alignment with its business goals, and manage a team of 30 IT employees for 20, 000 employees:
Digital transformation strategy and implementation.
Digital transformation status, quarterly reported.
Starting from scratch, Implement the strategy for over 20K employee, using Oracle Fusion HCM, ERP, EPM
Plan the phases and milestones for each business function.
Implement Oracle HCM - Core, Payroll, Self Service, Absences, OTL, recruiting and Talent.
Implement Oracle Fusion ERP - Finance: Core, Cash management, Profitability/Costing and Budgeting and Planning
Implement Oracle Fusion Project Professional Management and Project Financials.
Maintaining Oracle EBS application.
Maintaining Maximo application.
Oracle Infrastructure OCI implementation
Take the initiative in thought leadership, innovation and creativity
Work closely with Marketing, Business Development and Operations.
Define a business-enabling technology strategy leverages technologies to deliver empowering business solutions and process improvement.
Deliver a fully automated seamless technology-based customer journey.
Deliver technology innovation and actionable data intelligence to enable digital transformation for the organization to optimize its overall performance.
Cyber Security:
Founded the cyber security department from scratch.
Build the cyber security strategy, plan and initiatives.
Implement the cyber security strategy for Defence, Governance/Risk/Compliance and Resilience
Leading the IT transformation at NHIC to implement the information security strategy and model for Cyber Security defense, governance, Risk and Compliance:
Governance:
Strategy:
Build and define the cybersecurity strategy (vision, current/desired state, objectives, GAP analysis, initiatives, roadmap and budget)
Policies and procedures
Documented, communicated and compiled cybersecurity requirements
Departments involved (IT, HR, Legal, Purchasing and Auditing)
Create a workshop and raise the awareness of the policies and procedures
Create the standard so that all parties involved would know what exactly to do
Roles and responsibilities
Define roles and responsibilities for all parties participating in implementing the cybersecurity controls..
Parties are all employee, IT, HR, Legal, Purchasing, auditing and services and CEO.
Risk management
Managing cybersecurity risks in a methodological approach in order to protect the organization’s information and technology assets.
Define, document and approve Cybersecurity risk management methodology and procedures as per confidentiality, integrity and availability considerations of information and technology assets.
Implement cybersecurity risk management methodology and procedures by the cybersecurity function.
Technology and Project Management:
protect the confidentiality, integrity and availability of information and technology assets.
Compliance with cyber security standard, laws and regulations:
Comply the organization’s cybersecurity program with related laws and regulation.
Comply with National Cybersecurity Authority, and with related national laws and regulation
Comply with any regulation nationally-approved international agreements and commitments.
Periodical review and audit
Run by independent parties outside the cybersecurity function (e.g., Internal Audit function) to assess the compliance with the cybersecurity controls.
Ensure this does not result in a conflict of interest, as per the Generally Accepted Auditing Standards (GAAS).
Human Resources in Cyber Security:
Manage cybersecurity risks and requirements related to personnel (employees and contractors) efficiently.
Awareness and training program
Raise the awareness of personnel of their cybersecurity responsibilities and have the essential cybersecurity awareness. Also, ensure personnel are provided with the required cybersecurity training, skills and credentials needed to accomplish their cybersecurity
Security Operations Center (SOC) - Security Defense:
Security Defence, including all Security Operations Center (SOC) - Asset Management, IAM Identity and Access Management, Email protection, Network Security Management, Mobile device security and BYOD, Cryptography
Penetration Test, Vulnerability Assessment, Next Generation Firewall, Backup and Recovery Management and SIEM..
DevOps and DevSecOps
Plan and maintain Development Security Operations followings DevOps model
Define security architectures and patterns.
Design development processes combining flexibility and security.
Implement and automate Cloud security solutions and services.
Automate security: penetration tests and audits, and finally train teams and create DevSecOps communities within organizations.
My role is to support Account Manager maximizing customer relationships and loyalty, and supporting closing deals:
Assist customers in resolving their technical challenges including provision of infrastructure installation, upgrade planning and oversight
Act as a technical advisor to customers while performing code reviews and infrastructure scaling guidance.
Helping to develop broad and deep client relationships
Engaging with the account teams in the field to support on their most important pursuits
Focus on driving value for the client, while maximizing competitive share, revenue, and margin
Understand a client’s critical business priorities and supporting IT challenges and requirements
Assist in technical support for customers to support pre-sales and post-sales processes
Address all product-related queries on time
Hold educational and informational training sessions to enable our clients to use products effectively
Proactively analyze customers’ needs and suggest upgrades or additional features to meet their requirements
Collaborate cross departmentally within the company to establish and communicate best practices
Lead and manage a group of sales professionals and serve as business sales lead for an account or several accounts
Be responsible for representing vendor’s portfolio of products and services in a concise, relevant way that resonates with customers and highlights vendors key
Project achievements:
Ministry of Interior.
Saudi Bank Saving and Credit.
Derayah, Halal and SaudiEnaya
Dallah Hospital, Ministry of Health, IMC and others
TheOffice
Makkah Valley
Director of Cloud & Cyber Security:
As a team leader, I manage the IT operations, applications, support, MPLS, cyber security in three data centers.
also, supporting Sales and Account manager in closing deals, such as communication with the customers and presales:
Projects and Achievements:
Working closely with the account managers in closing many deals, such as Medical services department, Ministry of labor, HRDf and others.
Cloud Computing IAAS (Infrastructure as a Service) and SAAS (Software as a Service).
Migrate the entire data center to Private Cloud Computing.
Public Cloud (on-going).
Microsoft System Center 2012.
VMWare and vCenter.
MPLS/VPN connectivity and a complete Infrastructure services based on Cloud services.
ISO 27001:2005 - Information Security Management System (ISMS)
Support center and high customer satisfaction.
Microsoft Exchange 2010, Multi-tenant and Infrastructure.
Implement, Optimize and Troubleshoot Core IP Technologies (MPLS, BGP, OSPF, VPNv4 and QoS)
Migrate to a new wireless microwave technology.
Management:
After sales services and achieving high customer satisfaction.
Identifying opportunities for further sales and new areas for development.
Understand business processes and business problems, technical requirements, data relationships and how data can be used to solve business problems.
Coordinate with the sales team to come up with IT-Total Cost of Ownership (TCO) and Return of Investment (ROI).
Cloud Computing:
I’ve attended Cloud Confex in GITEX 2011 to examine the most current and important trends and issues facing the increasingly pervasive Cloud and Virtualization landscape for IBM, HP, McAfee, INTEL, EMC, Red Hat and others.
Start from scratch, I’ve prepared a completed cloud computing solution that covers IaaS (Infrastructure as a Service) and SaaS (Software as a service) using Microsoft Exchange, SharePoint and DynamicCRM as SaaS.
I’ve attended a Certificate of Cloud Security Knowledge course: Cloud Security Alliance.
I’ve migrated customers successfully to complete Infrastructure services and email based on MeduNet Backbone/Cloud services.
ISO 27001:2005 - Information Security Management System (ISMS) standard:
Manage the overall information systems security program in the Organization.
Responsible for developing the Information System Security Policies, Standards and guidelines for use throughout the Organization.
Assist business units in the development of specific procedures or guidelines that meet the information security policies for specific products within the business unit.
Understand the business processes of the Organization so as to provide appropriate security protection.
Apply management and organizational skills and knowledge of the business in the execution of their duties.
Review audit and examination reports dealing with the information security issues.
Co-ordinate or assist in the investigation of security threats or other attacks on the information assets.
Assist in the recovery of information and information assets from such attacks
First member of Information Technology department. Started from scratch as a team leader, I have involved and participated in IT operation projects in all phases (Design, install, configure, operation and support), and in Application as a team member.
Management:
• As a team leader, I manage the IT operations under Information Technology Department.
• The IT operations covers network, security and systems with two engineers, two systems administrators and a technician.
• Network covers network infrastructure (Data and Voice).
• Security covers IT security related to data, voice and systems.
• Systems covers Microsoft, Linux and AIX systems.
• IT project management and decision support.
• Review and implement Network Security proposals.
• Evaluate server’s technologies and participate in Request For Proposal (RFP).
Projects:
A) Network:
• Two core switches and 91 Layer3 switches.
• High availability.
• Network Management System.
• 802.1p Quality of Service.
• Wireless: 113 access port and 4 Wireless Controller Switch using Adaptive Solution and Wireless Management System.
• 802.3af (Power over Ethernet (PoE)).
• Integrated Data and Voice.
B) Voice:
• Size: Hybrid IP based and non-IP based with 1500 node.
• IP Phone over wireless, SoftPhone and Unified Messaging System (eFax and Voice Mail).
• IDVR for recording and Billing system.
C) Security:
• Total Threat Protection for desktops and servers:
• Network Intrusion Detection and Prevention System.
• Wireless Security:
a. Firewall and Intrusion Detection and Prevention System.
b. 802.1x with RADIUS, Certificate Authority and MAC Address Filtering.
c. Rogue Detection.
• Vulnerability Assessment.
D) Systems:
• Size:
2 IBM AIX and 9 HP Servers Proliant G4.
2 IBM BladeCenter.
SAN Storage with 2 TB.
TSM for Disaster Recovery.
Windows 2003 Standard/Enterprise and Red Hat Linux.
• Load Balance.
• Virtual Machine Technology.