Chief Information Security Officer
Perfect Presentation
Total years of experience :5 years, 6 Months
Administrate and Maintain (Vulnerability Assessment, SOC, Email Protection, EDR, and EPP).
• Review the implementation of the Organization’s Policy in (Mail Security, Firewalls, WAF, APIs, RADIUS, VPN connection, Access Management, and Logs).
• Review, Enhance and obtain approval of both ISMS & Cyber Security policies, procedures, processes, and forms.
• Develop and communicate awareness content.
• Review Vendor Security Questionnaires and/or Vendor Onsite Security Reviews and guide the business in the development of an action plan, while reporting and tracking to closure all information security GAPs resulting from Self-Assessment, Audit, Risk Assessment, Compromise Assessment, Pen Testing, Governmental’s Circular (NCA, SAMA, NIST, SAUDI CERT … etc) Alerts, and Source Code Review.
• Review Technical Proposal based on a proper matrix.
• Coordinate the mitigation of security threats, vulnerabilities, and risks to include preventative measures, disaster recovery (DR), and business continuity planning (BCP).
• Work with senior management, business partners, and auditors in the development and implementation of compliance with applicable laws & standards e.g., ISO 27001, ISO 20000-1, ISO 22301, SAMA's Cyber Security Framework, and NCA Essential Framework.
• SDLC Compliance Check.
• Projects:
o The Organization Recertification of ISO 22301.
o Handover process of a Critical Function.
o Assessment & Evaluation of IS, IT, and Business Continuity Infrastructures.
VMware: Create, specify quota, backup, and upgrade machines.
• Push patches through (Wsus, Sccm) into Servers. Install monitoring tools & security agents in servers. Respond to VA Scan Reports and act accordingly.
• Respond & resolve assigned tickets (Remedy). Creating & updating share folder quotas & permissions.
• Coordinate in the performing DR Failover rehearsal Operation, and participate in the DR Drill
• Maintain Datacenter physically & raise a case with vendors if needed.
• Cooperate with NOC & SOC teams to better task accomplishment.
Administrating SaaS (Social Engineering Tool)
• Onboarding Clients
• System Trainer
• Document/Article Translator AR-EN and EN-AR
Install & administrate security appliance systems (Linux)
• Scan, update, upgrade, format, and Backup systems.
• Administrating SharePoint (following up Data Governance Policy and Procedure).
• VERITAS Backup Systems
• Respond & resolve assigned tickets (eTouch).
• Areas Covered: Dammam, Khobar, and Jubail Remotely and Physically.
Install Linux (Desktop Version) in 100 PCs. Also, prepare and provide documentation to the users to use the new system.