مجموع سنوات الخبرة: 17 سنوات, 3 أشهر
نوفمبر 2017
إلى حتى الآن
Senior Information Security Analyst
في ZAMIL INDUSTRIAL
البلد :
المملكة العربية السعودية
AREAS OF EXPERTISE:
• PCI DSS • Information Security Policies
• Policy Planning / Implementation • Risk Assessment
• Quality Management • ISO 27001
• Compliance • Customer Service Expertise
• Team and Project Leadership • Litigation
• IS Awareness Sessions • Mobile Application Assessment
• Incident Management • Reporting
• Information/ Cyber Security Compliance Management
• PCI DSS • Information Security Policies
• Policy Planning / Implementation • Risk Assessment
• Quality Management • ISO 27001
• Compliance • Customer Service Expertise
• Team and Project Leadership • Litigation
• IS Awareness Sessions • Mobile Application Assessment
• Incident Management • Reporting
• Information/ Cyber Security Compliance Management
يوليو 2013
إلى أكتوبر 2017
Team Lead
في ENDURANCE INDIA
البلد :
الهند
- Compliance and Abuse Mitigation
•Lead team of Security Analysts
•Work on Information security incidents and events
•Work with various stakeholders to streamline Information Security Risk Management Framework
•Successfully drafted & implemented Information Security policies
•Responsible for Compliance of business platform
•Audit of registrar platform
•Managing and ensuring information security including data security, and network security
•Involved in PCI-DSS implementation
•Involved in SOX compliance implementation
•Working with Product, Program, and Development team
•Managing Compliance consultancy for Registrars on platform
•Managing Accreditation Consultancy
•Lead team of Security Analysts
•Work on Information security incidents and events
•Work with various stakeholders to streamline Information Security Risk Management Framework
•Successfully drafted & implemented Information Security policies
•Responsible for Compliance of business platform
•Audit of registrar platform
•Managing and ensuring information security including data security, and network security
•Involved in PCI-DSS implementation
•Involved in SOX compliance implementation
•Working with Product, Program, and Development team
•Managing Compliance consultancy for Registrars on platform
•Managing Accreditation Consultancy
يوليو 2011
إلى يونيو 2013
Cyber Security Expert
في DIRECTI WEB TECHNOLOGIES PVT. LTD
البلد :
الهند
Hiring Cyber Security Analysts and Operational assistants
•Handling Team of Cyber Security Analysts
•Involved preplanning of audits, designing audit plan with scope and calendar deliverables
•Assessing and monitoring safeguards
•Work on BCP/DR plan
•Working on the projects assigned by the Manager
•Report writing and presentations
•Conducted Security Training & Awareness for teammates
•Handling Team of Cyber Security Analysts
•Involved preplanning of audits, designing audit plan with scope and calendar deliverables
•Assessing and monitoring safeguards
•Work on BCP/DR plan
•Working on the projects assigned by the Manager
•Report writing and presentations
•Conducted Security Training & Awareness for teammates
يوليو 2008
إلى يونيو 2011
Cyber Security Analyst
في DIRECTI INTERNET SOLUTIONS PVT. LTD
البلد :
الهند
Expertly resolved Compliance and Support issue while protecting company policies and retaining clients
•Trained and supervised new recruits in operations and client support
•Restructured and tweaked processes and policies
•Handled compliance complaints from ICANN, Domain registries, Resellers and Customers
•Supervised Risk Monitoring System
•Communicated with the end clients for issue resolution
•Defined processes to aggressively resolve security issues
•Initiated and set up feedback loop with different anti-malware organization to proactively share & report details about the abusive domains and different malwares
•Functional training of new recruits
•Trained and supervised new recruits in operations and client support
•Restructured and tweaked processes and policies
•Handled compliance complaints from ICANN, Domain registries, Resellers and Customers
•Supervised Risk Monitoring System
•Communicated with the end clients for issue resolution
•Defined processes to aggressively resolve security issues
•Initiated and set up feedback loop with different anti-malware organization to proactively share & report details about the abusive domains and different malwares
•Functional training of new recruits
يونيو 2007
إلى يونيو 2008
Operations Assistant
في DIRECTI INTERNET SOLUTIONS PVT. LTD
البلد :
الهند
Tech Support (L1)
•Phone and Ticketing interface support
•Handled queries related to domain names, DNS, Web & Email hosting
•Issue follow-up with the development and system administration team
•Won award for topping the process knowledge test
MAJOR PROJECTS
1. auDA INFORMATION SECURITY AUDIT: Worked on auDA (https://www.auda.org.au/) audit from start to finish. Discussing with all stakeholders, highlighting requirements, collecting data, drafting all Information Security policies from scratch and coordinating with auDA auditor responsibilities handled. Entire project was completed with 1 year with 100% compliant certification.
2. SETUP INFORMATION SECURITY FOR ZAMIL INDUSTRIAL: Setup and established Information Security Team of Zamil Industrial from scratch. This included creating all Information Security policies, Security Assessment, Security Audits, POC for external auditors, Network assessment, AD deployment assessment and Access Control.
3. INFORMATION SECURITY AWARENESS CAMPAIGN: Conducted Information Security Awareness session for Zamil Industrial employees on Information Security, Social Engineering, Email Security, Web Security, Mobile Device Security, Phishing, Malware and Passwords. This initiative was proposed, initiated and completed on my own.
4. ANDROID/iOS APPLICATION SECURITY TESTING: Tested Zamil Industrial customer and vendor applications for both Android and iOS. All vulnerabilities discovered were presented to the management and application developers for improvements.
5. COMPLIANCE CONSULTANCY: Full ownership of compliance consultancy for all registrars on domain management platform containing more than 14 million domain names. Assisted all registrars to be compliant with rules and regulations set by Internet Corporation for Assigned Names and Numbers (ICANN).
6. ACCREDITATION CONSULTANCY: Full ownership of accreditation consultancy service provided by Logicboxes (https://www.logicboxes.com/) platform. Helped more than 20 applicants to become ICANN Accredited Registrar.
7. PROCESS DOCUMENTATION: Started initiative to transform Zamil Industrial IT Department from people dependent to Process oriented by creating a documentation culture and making sure all the programs are documented with up to date information. Created a central repository for document storage and access. This initiative helped reduce over dependency on people.
•Phone and Ticketing interface support
•Handled queries related to domain names, DNS, Web & Email hosting
•Issue follow-up with the development and system administration team
•Won award for topping the process knowledge test
MAJOR PROJECTS
1. auDA INFORMATION SECURITY AUDIT: Worked on auDA (https://www.auda.org.au/) audit from start to finish. Discussing with all stakeholders, highlighting requirements, collecting data, drafting all Information Security policies from scratch and coordinating with auDA auditor responsibilities handled. Entire project was completed with 1 year with 100% compliant certification.
2. SETUP INFORMATION SECURITY FOR ZAMIL INDUSTRIAL: Setup and established Information Security Team of Zamil Industrial from scratch. This included creating all Information Security policies, Security Assessment, Security Audits, POC for external auditors, Network assessment, AD deployment assessment and Access Control.
3. INFORMATION SECURITY AWARENESS CAMPAIGN: Conducted Information Security Awareness session for Zamil Industrial employees on Information Security, Social Engineering, Email Security, Web Security, Mobile Device Security, Phishing, Malware and Passwords. This initiative was proposed, initiated and completed on my own.
4. ANDROID/iOS APPLICATION SECURITY TESTING: Tested Zamil Industrial customer and vendor applications for both Android and iOS. All vulnerabilities discovered were presented to the management and application developers for improvements.
5. COMPLIANCE CONSULTANCY: Full ownership of compliance consultancy for all registrars on domain management platform containing more than 14 million domain names. Assisted all registrars to be compliant with rules and regulations set by Internet Corporation for Assigned Names and Numbers (ICANN).
6. ACCREDITATION CONSULTANCY: Full ownership of accreditation consultancy service provided by Logicboxes (https://www.logicboxes.com/) platform. Helped more than 20 applicants to become ICANN Accredited Registrar.
7. PROCESS DOCUMENTATION: Started initiative to transform Zamil Industrial IT Department from people dependent to Process oriented by creating a documentation culture and making sure all the programs are documented with up to date information. Created a central repository for document storage and access. This initiative helped reduce over dependency on people.
انشر على فيسبوك
انشر على تويتر
مشاركة عبر البريد الإلكتروني