Information Systems Security Officer
Arab Monetary Fund
مجموع سنوات الخبرة :14 years, 7 أشهر
- Participating in developing, maintaining and updating the Information Security Strategy and Information Security Program of AMF.
- Administrating and monitoring all AMF’s infrastructure security solutions and products.
- Acting as the Lead Cybersecurity consultant for the Arab Regional Payment System (ARPS), advising on optimal security design and recommendations based on business requirements of the project.
- Maintaining a communication channel with financial institutions in UAE and Middle East countries to establish an initiative of Threat Intelligence Information Sharing Platform across the Middle East region.
- Managing the infrastructure security components and advising on Cybersecurity best practices to reduce the attack surface and enhance Cybersecurity Defense and Resiliency.
- Maintaining the Information Security Framework and underlying policies, procedures, standards, and guidelines.
- Participating in Business Continuity/Disaster Recovery planning, testing, and documentation.
- Leading Vulnerability Management and Penetration Testing (VAPT) exercises on periodic basis to proactively manage infrastructure vulnerabilities by drafting remediation plans.
- Actively ensuring appropriate administrative, physical and technical safeguards are in place to protect AMF's information assets from internal and external threats.
- Participating in an ongoing, proactive risk assessment program for all new and existing systems.
- Evaluating risks and delivering recommendations of mitigation to the C-level executives by communicating in non-technical, cost/benefit terms, and in a relevant format.
- Evaluating security incidents to determine the appropriate response along with planning, testing, and updating the Incident Response Plan on periodic basis.
- Developing and delivering information security awareness training and education programs.
- Assisting with security and operational audits with internal/external auditors; regulatory agencies; and industry leading security vendors.
- Acted as a technical lead in Cisco’s security projects to ensure successful delivery of various Cisco security solutions across the GCC area, Europe and US.
- Diverse experience with ISPs, financial sector, private sector, and government entities.
- Delivered up to 30 PoCs that were successfully converted into sales.
- Delivered a successful implementation of Identity Management solution (Cisco ISE) that served up to 20, 000 users to secure network access.
- Conducted technical review for Cisco ASA firewall implementation. Optimized and reduced the required rules by 30% with maintaining the same security level. Hardened the configuration as per Cisco’s security best practices.
- Implemented a successful GETVPN solution for high-profile environment that achieved full traffic encryption and confidentiality between 20 remote sites.
- Authored and peer-reviewed more than 200 technical design documentation including Readiness Assessment, High Level Design, Low Level Design, Network Implementation Plan, User Acceptance Testing Plan, and Network Migration Plan.
- Successfully migrated Data Center firewalls to Cisco’s largest ASA 5585 series that enhanced the network security posture with easing administrative tasks.
- As a resident engineer for one of the leading banks in UAE, assisted in management of highly complex environment that consisted of Cisco FP9300 firewalls, Cisco NGIPS, Cisco AMPv virtual cloud, Cisco ESA, Cisco SMA and ThreatGrid. Co-worked with SOC team to ensure that NGIPS is updated with latest signatures to mitigate newly discovered CVEs and help prevent against zero-day attacks. Protected against malicious emails by ensuring that only legitimate domains are allowed on Cisco ESA to help ensure spam-free email environment. Lead the implementation of Cisco AMPv virtual cloud and AMP for Endpoints on corporate users which enhanced the organization’s security posture.
- Attended technical meetings and design workshops with customers guiding them through the optimal security designs and implementations by defining requirements and reviewing available resources.
- Delivered knowledge transfer sessions for administrating the deployed solutions. Developed and delivered Information Security awareness materials.
- Reviewed information security controls to ensure compliance with Cisco security products. Helped customers in authoring enterprise security standards, policies, and guidelines that align with desired business goals.
- Worked in close partnership with the Account Managers and Pre-Sales team to design and propose solutions. Provided technical presentations, technical/business discussions, and ideas that helped influence customer’s decision makers.
- Assisted and participating in developing technical proposals, RFPs, BoQs, and BoMs in various security solutions.
- Delivered multiple successful network security solutions including Cisco firewalls (Cisco ASA), Juniper SSL VPN, FortiGate firewalls, and UTM Firewalls (Dell SonicWall)
- Demonstrated solution value through presentation, POC testing, and knowledge transfer.
- Successfully delivered a migration project that involved 3000D Data Center and 1500D perimeter FortiGate firewalls that provided segmentation, next-generation firewall services.
- Deployed various SSL-VPN solutions with Cisco AnyConnect and Pulse Secure.
- Deployed Cisco wireless solutions including Unified and autonomous, mesh solutions, voice over wireless, and Cisco unified management tools to enhance wireless network performance and administration.
- Deployed various LAN/WAN solutions between remote sites using EIGRP and OSPF protocols. Assisted in configuring and tuning L2 technologies on enterprise networks using STP, VTP, Etherchannel, HSRP, GLBP, Trunking, and VSS to ensure loop-free and fully optimized networks.
- Designed a Cisco wireless solution that served a large geographical area and consisted of 4 Wireless LAN Controllers and 100 access points.
- Delivered 10 wireless site surveys using AirMagnet.
- Assisted in the implementation of a complex Site-to-Site VPN solution that consisted of Cisco IOS routers, Juniper firewalls, and Huawei firewalls and served customers across the GCC region.
- Assisted Cisco customers in configuring and troubleshooting Cisco Unified Wireless Networks containing WLC, WiSM, WCS, NCS, MSE, Cisco Aironet Access Points and Cisco Bridges, Mesh Outdoor solutions and Voice over wireless.
- Assisted in configuring and troubleshooting Cisco security products including Access Control Server (ACS5).
- Participated in establishing an internal lab for practice and knowledge share within the team.
- Provided technical responses to Cisco product questions reported direct from customers via email and telephone.
- Mentored and delivered technical trainings for 10 new hires.
- Reproduced and conducted lab re-creates to identify problems and define workarounds.