Infrastructure and Security Operation Manager
STC Specialized
مجموع سنوات الخبرة :18 years, 2 أشهر
o Build and align the information technology strategy with STC Group and STCsc Corporate strategy.
o Develop and build and implement information technology operation excellent framework.
o Preparing the department budgets (OpEx) and achieve successfully the saving cost of information technology (OpEx) budget by 10% as result of implementation an effective cost optimization plans.
o Develop and prepare information technology operation KPI.
o Develop and implement of Information Security framework, policies and procedures based on (ISO27001) and obtain successfully the ISO27001 certificate.
o Conduct Cybersecurity risk assessment projects using ISO27001 frameworks, The CIS Critical Security Controls and The Forrester Information Security Maturity Model.
o Lead the Security Incident Handling Team to detect, analysis, investigate, reporting and containment of cybersecurity attacks.
o Manage and handling the Cybersecurity, applications, infrastructure and network operation services, requests and incidents for multiple platforms “Cisco, Huawei, F5, Oracle ERP & DBMS, Microsoft, Commvault, Symantec” to maintain the availability, of STCsc information technology external and internal services.
o Establish and develop the Security, Infrastructure, Network operation processes and procedures.
o Develop and implement of Information technology management system including: policies and procedures based on (ISO20000) and obtain successfully the ISO20000 certificate
o Working with internal and external audit representatives to ensure the compliance of internal policies and telecommunication industry best practices.
o Manage and participate in different Infrastructure, Network, Cybersecurity, Telecom projects either in business requirements gathering and analysis, designing or implementation.
o Serve as Change Advisory Board for information technology and Telecom Services.
o Member of STC Group Cybersecurity and Operation Excellent Synergy committee.
Develop and review IT strategy and map it with business strategy.
o Reviews, and creates when needed IT policies, standards, procedures, and guidelines.
o Work closely with IT teams to decrease the IT Opex budget to 10%.
o Develop and prepare IT KPI and performance dashboard.
o Manage the creation of the IT related management quarterly reports.
o Collaborate with representatives from the internal audit, external audit and IT team to verify and submit evidence of control effectiveness and gap remediation’s to auditors as needed.
o Work closely with IT teams to ensure that they comply with the IT policies, procedures and standards.
o Develop IT training and awareness programs in order to develop the skills of IT teams.
o Develop IT projects quality process.
o Review the IT projects to ensure the value is delivered to business.
o Manage IT risk assessment project.
o Design and implement the SAP GRC and authorization.
o Develop and implement the Information Security Framework according to the global Information Security Standard (ISO27001) with the aim of obtaining Certification.
o Preparing the department budgets (Capex & Opex) and help to reduce it by 20%.
o Evaluate the current IT security solutions and processes for proposing new security technologies required in closing the gaps and enhancing the overall security of the IT infrastructure.
o Establish and lead the Security Incident Response Team (SIRT) to detect, analysis, investigate, reporting and containment of attacks.
o Establish and develop the malware analysis processes and procedures.
o Monitor and analyze internal control systems to ensure that appropriate information access is maintained.
o Serve as a security change advisor Board.
o Planning and implementing security hardening measures to SAP environment and Network devices.
o Design, Implement and lead an effective vulnerability management function.
o Conducting regular vulnerability assessment and penetration testing of enterprise network and infrastructure,
o Designing, integration, deployment, and troubleshooting support to the following technologies: intrusion prevention, firewall, Malware protection, web and email gateways, vulnerability management, DLP and encryption technologies.
o Create, manage and maintain user security training and awareness.
o Establish and lead the anti-fraud and anti-phishing process.
o Managing, planning, implementing, and status reporting of information security projects.
Assisting in the preparation of department budgets (Capex & Opex).
o Working with high management for 5 years strategic plan.
o Creating, analyzing, and monitoring help desk performance reports.
o Creating, analyzing, and monitoring Internet usage reports.
o Perform periodic applications, systems and network performance reporting.
o Plan, coordinate, and implement security measures in order to protect data and compliance with internal policy.
o Establish and managing the IT capacity management for network and storage.
o Establish network asset management, including maintenance of network component inventory and related documentation and technical specifications information.
o Design and manage the new IT infrastructure and eLearning environment.
o Design and implement IT training programs.
o Managing, planning, implementing, and status reporting of IT projects.
Perform daily backup operations, ensuring all required data are successfully backed up to the appropriate media.
o Perform daily system monitoring, verifying availability of all servers’ resources.
o Perform ongoing performance tuning and hardware upgrades if required.
o Work with IT teams for new applications and systems implementation.
o Perform regular folders permission monitoring to avoid any unauthorized access.
o Server installation, troubleshooting and management (Domain Controller, Exchange, DHCP, Proxy and Database Servers).
o Perform regular end point protection monitoring to identify any possible intrusions.
o Perform end user systems are compliance with end point protection standard.
Troubleshoot and maintain network devices: WAN modems, Routers, Switches… etc.
o Design and review existing networks designs and configuration to ensure the security controls are implemented and performance is improved.
o Network performance monitoring to ensure network high availability.
o Install and configure new network devices.
o Maintaining the network documentation.
o Fiber cables troubleshooting.
o Performing hardware and software installations and maintenance.
o Applications issues analyzing and resolving.
o Troubleshooting layer two network connectivity issues.
o Malware removing from infected PCs.
o Troubleshoot and maintain various computer related equipment such as Printers and scanners.
My thesis was in Cloud computing