Information Security Officer
Tadhamon International Islamic Bank
Total years of experience :18 years, 10 Months
Information security Officer.
Information Security program development
- Informing and advising the executive management regarding existing security
threats/exposures and recommending courses of action.
- Reviewing the information security framework and the related policies at least once a year and requesting approval for the changes from the executive management.
- Defining the standards for technical implementation of information security requirements in
the IT systems.
IT Security Risk Management
- IT Security Risk Management program development.
- Performing security risk assessments and organizing periodic security testing.
- Making suggestions for improving security controls and safeguards according to new threat
agents.
Security Awareness
- Security Awareness Program development and maintenance.
- Developing employee awareness regarding the information security threats and
countermeasures.
- Regular security awareness sessions Assessment of the security awareness
Security Compliance
- Developing and maintaining the information security procedures, guidelines and standards.
- Implementing the information security policies ensuring the compliance with the information security policy, procedures and guidelines.
- Supervising the handling of information security incidents.
Projects Manager
- Central Backup Solution (Acronis)
- Documents Management System (Docuware)
- Cloud Server Management.
- Data Center Hardware Configuration Management.
Information security Officer. 2009-2012
- IT and Compliance Security Officer / Development and implementation of global security policies, standards, guidelines and procedures to ensure ongoing maintenance of security.
- Monitoring compliance with the policies. Development and delivery of an education and
training program on information security and privacy matters for employees.
- Working with outside consultants as appropriate for independent security audits. Business continuity planning, auditing, and risk management.
Systems Administrator 2005-2009
- Strengthening the IT infrastructure through to implementing new technologies.
- Responsible for hardware and software installation, maintenance and repair.
- Developing & maintaining the bank IT systems, software and applications.
- Recommending and implementing improvements and efficiencies.
- Reporting to the IT Director.
- Management of server software and associated backup routines.
- Evaluate, test, advise, train and support IT projects.
- Procurement of IT hardware, software and maintenance products & services.
- Responsible for training of new staff.
- Writing documentation for ICT procedures, security and disaster recovery.
- Maintaining documentation of changes regarding users, functions & systems.
- Managing the internal & hosted network infrastructure including: firewalls, servers.
- Managing the Active directory and group policy, Exchange server, Antivirus server and clients’.
- E-services developments and administration.
- Internal and external Web Site developments and administration.
- Domain, clients and servers Protection from attackers and viruses threats.
- Emails Protections and Mail Gateway configuration and administration.
- Web site and internet Banking security, protection and data encryption.
- Proxy server administration (Blue coat system)
- Managing the Documents managements system (archiving system)
- Participation in the preparation of the annual IT dept. budgets.
