Information Security Manager
General Authority of Civil Aviation
Total years of experience :23 years, 2 Months
Establish Information Security Department at General Authority of Civil Aviation in 2010.
Manage Information Security Department (Governance, Access Control, Security Operation Center)
Manage Information Security Projects.
Develop and implement information security policy and procedure based on (ISO 27001)
Develop Risk Management Methodology and conduct Risk Assessment and Mitigation process
Develop Business Continuity and Incident Management Framework
Implement spam filtering (Cisco IronPort) and Network Admission Control.
Conduct Security Awareness for GACA Employees
Restructure DMZ and implement Cisco Firewall and IPS (Internet, WAN, VPN, and Internal Firewalls).
Implement database monitoring (Guardium) and Web Application Firewall (F5)
Conduct Penetration testing and vulnerability scan to mitigate the existing vulnerabilities.
Implement change audit and compliance solution (Tripwire)
Build Security Operation Center (SOC) and install/configure SIEM solution (HP Arcsight) to monitor GACA infrastructure 24 hours 7 days a week.
Enhance GACA security level and mitigate risks to acceptable level.
Manage server farm including:
GACA Domain Controller (Active Directory) that cover all GACA airports.
Microsoft Exchange Server (5000 employees)
Microsoft SharePoint
Microst SQL Database
Oracle Database
Backup and SAN Storage
Microsoft Active Directory.
Microsoft Windows Network Infrastructure,
Microsoft Exchange Server,
Microst SQL Database Administrator.