IT Security Analyst
Schenker Saudi Arabia LLC
Total years of experience :16 years, 11 Months
Review, Update, and Develop and implement policies and procedures to identify threats to the confidentiality, integrity, availability, accountability and relevant compliance of information systems, and Conducts risk and vulnerability assessments of information systems in the light of these threats and recommends appropriate action to management.
•Devising new or revised procedures relating to security control of all IT environments, systems, products or services in order to demonstrate continual Improvement in control including creation of auditable records, user documentation and security awareness literature.
•Contributes to the provision of training, guidance and support to other security staff within the organization, in all aspects of security policy and control.
•Perform Risk Assessment and provide the assistance for the risk mitigation.
•Evaluation of cyber security technologies and solution to determine the best that fit company’s requirements.
•Designing and implementing cost effective BCP and DRP procedures.
•Strengthening the administrative controls like awareness training, banners across the organization and documentation to keep all users updated.
•Physical security measures taken at critical locations to act at deterrent to any intended incident.
•Managing identity management system for access request procedure and account review purposes.
•Evaluating all IT service providers and vendors like ISP, Cloud service provider, SIP service providers, etc. as per regulated standards( includes screening through a global sanction list provided by various security agencies)
•Monitoring IT asset management procedure including hardware, software (licenses), data and organization’s business critical information.
•Conducting internal audit check on IT asset management, account management and compliance. Protect the audit info collected during evaluation and pass it to the management as per set guidelines.
• Review, Update, and Develop and implement policies and procedures to identify threats to the confidentiality, integrity, availability, accountability and relevant compliance of information systems, and Conducts risk and vulnerability assessments of information systems in the light of these threats and recommends appropriate action to management.
• Devising new or revised procedures relating to security control of all IT environments, systems, products or services in order to demonstrate continual Improvement in control including creation of auditable records, user documentation and security awareness literature.
• Contributes to the provision of training, guidance and support to other security staff within the organization, in all aspects of security policy and control.
• Perform Risk Assessment and provide the assistance for the risk mitigation.
• Evaluation of cyber security technologies and solution to determine the best that fit company’s requirements.
• Designing and implementing cost effective BCP and DRP procedures.
• Strengthening the administrative controls like awareness training, banners across the organization and documentation to keep all users updated.
• Physical security measures taken at critical locations to act at deterrent to any intended incident.
• Managing identity management system for access request procedure and account review purposes.
• Evaluating all IT service providers and vendors like ISP, Cloud service provider, SIP service providers, etc. as per regulated standards( includes screening through a global sanction list provided by various security agencies)
• Monitoring IT asset management procedure including hardware, software (licenses), data and organization’s business critical information.
• Conducting internal audit check on IT asset management, account management and compliance. Protect the audit info collected during evaluation and pass it to the management as per set guidelines.
• Installation, Configuration, Administration & Troubleshooting of Win 2003 Server, Professional, 98, XP clients.
• Security implementation by assigning permissions on various windows 2003 resources. Implementation of policies. Managing Users and Computer Systems, Active directory installation and Admin.
• Installing and configuring IIS, DNS, and DHCP.
• Implementing Group policy as per the company requirement
• Installing application with software deploy policy
• Creating policy in domain controller
• Installing and configuring and maintaining Exchange Server 2010.
• Installing and troubleshooting for peripheral network devices such as printers
• Citrix client installation for the critical application to have a secure access.
• Single use and multiuser outlook configuration on client PC.
• Managing WSUS server for Clients.
• Maintaining Microsoft Windows Server 2003
• Managing and maintaining Active Directory Infrastructure
• Managing and maintaining DHCP and DNS servers..
• Analyzing user needs specify requirements and proposing system solutions on Win 2003, Handling User Problems.
• Regularly using Event Viewer to check for Warning and Errors. Making reports and escalating the issue to concern person.
• Installation of Trend Micro Corporate Edition in the server for managing Client Pc.
• Configuring new PC for client as per the company security police and assigning the desired access in the network.
• Troubleshooting Virus & Worms problems on Servers and Client side.
Analyzing user needs specify requirements and proposing system solutions on Win 2003, Handling User Problems.
•Regularly using Event Viewer to check for Warning and Errors. Making reports and escalating the issue to concern person.
•Installation of Trend Micro Corporate Edition in the server for managing Client Pc.
•Configuring new PC for client as per the company security police and assigning the desired access in the network.
•Troubleshooting Virus & Worms problems on Servers and Client side.
•
Providing IT infrastructure support Ashland Chemicals, providing global support based three different regions (APAC, EMEA and NA). Includes a lot of co-ordination between different resolver groups and client, following a typical ITIL framework tool, Remedy 7.5. The desk was an internal migration for Unisys where the migration happened without any interruption to the service in parts.
• Was instrumental in implementation for Henkel, a German company, this was the first time they were outsourcing the service to a third party.
• Was part of partial migration of helpdesk for Baxter, a US client dealing in pharmaceuticals.
• Was part of incident management for an year.
• Major duty was to create incidents as per the defined ITIL procedure of the client. Make sure the defined SLA is met for the creation of incident and B2B integration is done.
• Also was a part of request management for Henkel. I played the role of first point of contact for the desk to identify the issue to be passed on to the request management and problem management.
• SCOPE OF SUPPORT:
Installation and configuration of Lotus Notes client 8.0, Internet explorer, MS Office suite, all kind of device drivers. Internet, Intranet, VPN using Cisco, Extend 360 and iPass. LAN, WAN and Wireless
• HARDWARE:
DELL, Lenovo laptops, blackberry and DELL Axim PDA. HP Local and network printers. Wireless cards and docking stations.
Also included managing their accounts and profiles using web based mainframe and citrix tools in providing them temporary admin rights. Remote desktop and remote assistance were also major support providing tools.
Analyzing user needs specify requirements and proposing system solutions on Win 2003, Handling User Problems.
•Regularly using Event Viewer to check for Warning and Errors. Making reports and escalating the issue to concern person.
•Half yearly Checking of the entire C3i-inc client as per security policies and procedures.
•Configuring new PC for client as per the company security police and assigning the desired access in the network.
•Troubleshooting Virus & Worms problems on Servers and Client side.
• Installation, Configuration, Administration & Troubleshooting of Win 2003 Server, Professional, Windows NT Server & Workstation, 98, XP clients.
• Security implementation by assigning permissions on various windows 2003 resources. Implementation of policies. Managing Users and Computer Systems, Active directory installation and Admin.
• Installing and configuring IIS, DNS, and DHCP.
• Implementing Group policy as per the company requirement
• Installing application with software deploy policy
• Creating policy in domain controller
• Installing and configuring and maintaining Exchange Server 2003.
• Installing and troubleshooting for peripheral network devices such as printers
• Citrix client installation for the critical application to have a secure access.
• Single use and multiuser outlook configuration on client PC.
• Managing WSUS server for Clients.
• Maintaining Microsoft Windows Server 2003
• Managing and maintaining Active Directory Infrastructure
• Managing and maintaining DHCP and DNS servers.
• Managing Cisco Routers and Switches of the Company for internet and local traffic.
• Analyzing user needs specify requirements and proposing system solutions on Win 2003, Handling User Problems.
• Regularly using Event Viewer to check for Warning and Errors. Making reports and escalating the issue to concern person.
• Half yearly Checking of the entire C3i-inc client as per security policies and procedures.
• Configuring new PC for client as per the company security police and assigning the desired access in the network.
• Troubleshooting Virus & Worms problems on Servers and Client side.
courses: TRAINING & CERTIFICATIONS •Cisco Certified Network Associate (CCNA)(ID:-CSCO11908556) •CISSP ISC2 Associate(written) passed. •ITIL v3 Foundation(1302#311796410) •Six Sigma Green Belt Certified •MCSA: Windows Server 2012 •MCSE: Server Infrastructure •MCPS: Microsoft Certified Professional