Security Services & Forensics Analysis
Orange - Jordan
Total years of experience :33 years, 8 Months
Work in Network & Information Security Dept/Security operations center to conduct network and IT systems Vulnerability Assessment and Penetration Testing to identify vulnerabilities and to propose relevant remediation recommendations. Provide SOC services for enterprises and monitor their perimeters. Administrate, configure and implement SIEM solution and work as last security layer response, build use-case and conduct security analysis over whole Orange infrastructure.
Responsibilities:
• Conduct security Assessments for networks, systems and applications.
• Implement, configure and administrate SIEM solution (IBM QRadar, EiQ SecureVue)
• Develop and define detailed processes and procedures to manage the response to cyber security events of SOC (Security Operations Center)
• Provide SOC services for external customers, study, evaluate and implement SOC services.
• Build SOC Use cases and processes to adapt customer’s environment and protection perimeter.
• Design the SOC services architecture as needed inside customer premises
• In Depth knowledge in security Technology solutions, low level design & delivery
• In-depth knowledge of implementations from multiple vendors and different types.
• Support the Identification, development and implementation of new incident detection (Use cases)
• Perform technical and forensic investigations into cyber security events, identification of cyber-threats and respond accordingly
• Perform and conduct compliance assessment like CIS, PCI DSS, ISO 27001, DISA STING and provide full reports and remediation recommendations
• Perform forensic services for the collection, processing, preservation, analysis, and presentation of evidence in support of vulnerability mitigation and information security incident investigations
• Create monitors and dashboards, as well as reports according to need
• Be part of incident response team as well as APT detection and analysis
• Develop and implement risk responses to ensure that risk factors and events are addressed in a cost-effective manner, design methodology to integrate IOCs for effective Security Analysis
• Directly contributing to the continued technical enhancement of the security platforms
• Part of DDoS response team to mitigate all types of DDoS attacks
• Being L2/L3 incident response for SIEM and security cases incidents
• Conduct vulnerability assessment and Penetration testing to identify security threats and remediation actions, Perform cyber threat hunting for the detection of advanced threats
• Experience with Linux/Unix and Windows servers
Work in Network & Information Security Dept/Security operations center to conduct network and IT systems Vulnerability Assessment and Penetration Testing to identify vulnerabilities and to propose relevant remediation recommendations. Develop applications relevant to security projects and missions
Responsibilities:
• Conduct Security Assessments for networks, systems and applications.
• Conduct vulnerability assessment and Penetration testing to identify security threats and remediation actions, Perform cyber threat hunting for the detection of advanced threats
• Perform technical and forensic investigations into cyber security events, identification of cyber-threats and respond accordingly
• Perform forensic services for the collection, processing, preservation, analysis, and presentation of evidence in support of vulnerability mitigation and information security incident investigations
• Directly contribute to the continued technical enhancement of the security platforms
• Part of DDoS response team to mitigate all types of DDoS attacks
• Testing web applications for common web application security vulnerabilities as defined by OWASP including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues.
• Develop and implement risk responses to ensure that risk factors and events are addressed in a cost-effective manner
• In Depth knowledge in security Technology solutions, low level design & delivery
• In-depth knowledge of implementations from multiple vendors and different types.
• Experience with Linux/Unix and Windows servers
• Experience in networking infrastructure
Security Operation Center (SOC) is an entity within Jordan Telecom Group that holds those most professionals in IT Security field with high level of certificates, it provides security managed services for corporate internally and externally.
Responsibilities:
• Perform technical and forensic investigations into cyber security events, identification of cyber-threats and respond accordingly
• Conduct vulnerability assessment and Penetration testing to identify security threats and remediation actions
• Directly contribute to the continued technical enhancement of the security platforms
• Part of DDoS response team to mitigate all types of DDoS attacks
• Deploy, maintain and administer Security Platform inside SOC Data Center.
• Install, maintain all SOC Data Center servers.
• Maintain and administer Blades systems and related Enclosures.
• Build Servers and clustered solutions as needed (SQL Clusters, FTP Cluster, SIEM clusters).
• Deploy, maintain and administer virtualized platform (VMWare, Hyper-V)
• Deploy and administer Antivirus platforms, malware detection and IPS use case.
• Administer and deploy SAN storage and NAS
• Develop methodologies and infrastructure to host in-house solutions.
• Install, maintain all SOC Security products: SIEM (Security Information and Incident Management) system, VA (Vulnerability Assessment), DDOS solution.
• RD (research and Development) on all Security products, propose most convenient needed ones.
• Participate and provide all needed security assessment as well as Pen testing and VA.
• Security and risk assessment in physical security sites.
• Propose, supervise and work in CCTV projects.
• Develop, participate and install MVS (Managed video surveillance) projects.
• Maintain and administer Environmental sensors inside SOC DC.
• Provide Security advice to all internal external entities on related domain
Security Operation Center (SOC) is an entity within Jordan Telecom Group that holds those most professionals in IT Security field with high level of certificates, it provides security managed services for corporate internally and externally.
Responsibilities:
• Provide Security and risk analysis for security projects, identify security wholes and propose remediation.
• Conduct Vulnerability assessment for security projects
• Participate building policies and procedures to address customers SOC needs.
• Maintain and Administer VMS (Vulnerability Management System).
• Liaison and reflect Security teams technical needs inside SOC, deep restricted technical information are mapped into easy legitimate info to other teams.
• Manage all projects logistic support and technical transactions within SOC teams.
• Assist on security projects budget allocation, invoices processing, PRs, POs and follow-up…etc.
Commissioned Officer/ Lt. Col.
Confidential
Regular study for four years, stood 3rd with V.Good GPA, all materials were in English, Mu'tah University is a military university where student study his degree side by side with military training, eventually graduates as Lieutenant in Army, as well as a Diploma in military sciences.