Mohammad Sarhan

Information Security Manager

General Authority of Civil Aviation

Lieu: Arabie Saoudite
Éducation: Master, information Security
Expérience: 23 years, 2 Mois

Expériences professionnelles

Total des années d'expérience :23 years, 2 Mois

Information Security Manager à General Authority of Civil Aviation

Arabie Saoudite - Jeddah
Je travaille ici depuis octobre 2010

Establish Information Security Department at General Authority of Civil Aviation in 2010.
Manage Information Security Department (Governance, Access Control, Security Operation Center)
Manage Information Security Projects.
Develop and implement information security policy and procedure based on (ISO 27001)
Develop Risk Management Methodology and conduct Risk Assessment and Mitigation process
Develop Business Continuity and Incident Management Framework
Implement spam filtering (Cisco IronPort) and Network Admission Control.
Conduct Security Awareness for GACA Employees
Restructure DMZ and implement Cisco Firewall and IPS (Internet, WAN, VPN, and Internal Firewalls).
Implement database monitoring (Guardium) and Web Application Firewall (F5)
Conduct Penetration testing and vulnerability scan to mitigate the existing vulnerabilities.
Implement change audit and compliance solution (Tripwire)
Build Security Operation Center (SOC) and install/configure SIEM solution (HP Arcsight) to monitor GACA infrastructure 24 hours 7 days a week.
Enhance GACA security level and mitigate risks to acceptable level.

Server Services Manager à General Authority of Civil Aviation

Arabie Saoudite - Jeddah
mars 2008 à septembre 2010

Manage server farm including:
GACA Domain Controller (Active Directory) that cover all GACA airports.
Microsoft Exchange Server (5000 employees)
Microsoft SharePoint
Microst SQL Database
Oracle Database
Backup and SAN Storage

System Engineering à General Authority of Civil Aviation

Arabie Saoudite - Jeddah
mars 2001 à février 2008

Microsoft Active Directory.
Microsoft Windows Network Infrastructure,
Microsoft Exchange Server,
Microst SQL Database Administrator.

Éducation

Master, information Security

à Saudi Electronic University
juin 2017

Baccalauréat, Computer Science

à King Abdulaziz University
avril 2001

Specialties & Skills

IT Security

+Endorse 1

Information Security Management

+Endorse 1

ISO 27001

+Endorse 1

Database Administrator

+Endorse 1

Information Security

+Endorse 1

Management

+Endorse 1

Langues

Anglais

Niveau: Expert

Formation et Diplômes

CISSP (Formation)

Institut de formation:

ISC

Date de la formation:

May 2011

Durée:

40 heures

Certified Information Security Auditor (Formation)

Institut de formation:

VinSys Dubai

Date de la formation:

June 2015

Durée:

40 heures

Certified Ethical Hacker (Formation)

Institut de formation:

Vinsys Dubai

Date de la formation:

June 2015

Durée:

40 heures

ITIL (Formation)

Institut de formation:

ITIL

Date de la formation:

October 2008

Durée:

40 heures

Communication Skills (Formation)

Institut de formation:

Communication Skills

Date de la formation:

May 2008

Durée:

40 heures

Project Management Professional (Formation)

Institut de formation:

PMP

Date de la formation:

May 2009

Durée:

40 heures

Managing Messaging Security using Microsoft Exchange Server 2007 (Formation)

Institut de formation:

Microsoft

Date de la formation:

April 2008

Durée:

40 heures

Implementing a Microsoft SQL Server 2005 Database (Formation)

Institut de formation:

Microsoft

Date de la formation:

May 2010

Durée:

40 heures

Maintaining a Microsoft SQL Server 2005 Database (Formation)

Institut de formation:

Microsoft

Date de la formation:

November 2007

Durée:

40 heures

Oracle Database 10g: Administration Workshop I & II (Formation)

Institut de formation:

Oracle

Date de la formation:

November 2009

Durée:

80 heures

Oracle Database 10g: Program with PL/SQL (Formation)

Institut de formation:

Oracle

Date de la formation:

January 2008

Durée:

40 heures

Oracle Database 10g: Introduction to SQL (Formation)

Institut de formation:

Oracle

Date de la formation:

November 2009

Durée:

40 heures

Microsoft MCSE (Formation)

Institut de formation:

Microsoft MCSE

Date de la formation:

March 2005

Durée:

240 heures

Cisco CCNA ( ICND1& ICND2) (Formation)

Institut de formation:

Cisco

Date de la formation:

December 2010

Durée:

40 heures

Implementing and Maintaining Microsoft SQL Server 2005 Reporting Services (Formation)

Institut de formation:

Microsoft

Date de la formation:

January 2009

Durée:

40 heures

Oracle ADF 11g (Formation)

Institut de formation:

Oracle

Date de la formation:

April 2009

Durée:

40 heures

Certified Professional Manager (Certificat)

Date de la formation:

October 2012

Valide jusqu'à:

November 2012

Security Principles (Certificat)

Date de la formation:

January 2010

Valide jusqu'à:

February 2010

Network and Host Security (Certificat)

Date de la formation:

April 2011

Valide jusqu'à:

April 2011

PKI and SCCM (Certificat)

Date de la formation:

October 2011

Valide jusqu'à:

October 2011

ISO 27001 - Lead Implementer (Certificat)

Date de la formation:

April 2011

Valide jusqu'à:

April 2011

TripWire Enterprise operator (Certificat)

Date de la formation:

January 2012

Valide jusqu'à:

January 2012

ISO 27001 - Lead Auditor (Certificat)

Date de la formation:

April 2011

Valide jusqu'à:

May 2011

Parcourir Les Emplois

Emploi Arabie Saoudite

Produits Par Bayt.com

Utilisez l'Appli de Bayt.com

Mohammad Sarhan