Total Years of Experience: 31 Years, 0 Months
August 2009
To Present
Manager - Information Security Office
at National Bank of Bahrain
Location :
Bahrain - Manama
Manager - Information Security Office
National Bank of Bahrain, Bahrain Jan '09 - Till Date
◆ Acts as a central point of ownership and management for enterprise-wide Information Security in the Bank.
◆ Recommend approach and methods for implementing strategic Information Security objectives, initiatives, and directives.
◆ Device a comprehensive Information Security Program in line with the strategy for Bahrain HO and Overseas BUs.
◆ Risk based approach to assess the information and IT assets in developing a comprehensive mitigation strategy through redesigning the setup and improvising the process.
◆ Prime architect in redesigning the entire banks network, security and other IT infrastructure systems.
◆ Advisory services to IT team for adopting new technology and strategic decisions.
◆ Ensure that adequate information security management aspects are taken into account for strategic projects.
◆ Develop and maintain Information Security policies, standards, procedures and guidelines.
◆ Devised Information Security monitoring and reporting system to ensure monitoring of exceptional activities on high privilege accounts and incidents on all critical systems.
◆ Primary evaluator of Risk and Control Self Assessment (RCSA) for IT infrastructure and IT security operational security areas.
◆ Provide assistance to IT Audit, Fraud investigation team and Business units towards remediation on audit finding and fraud investigations.
◆ Facilitate Internal, External Audit and work for compliance with the management.
◆ Ensuring Security Awareness through fliers and awareness emails for the entire bank.
National Bank of Bahrain, Bahrain Jan '09 - Till Date
◆ Acts as a central point of ownership and management for enterprise-wide Information Security in the Bank.
◆ Recommend approach and methods for implementing strategic Information Security objectives, initiatives, and directives.
◆ Device a comprehensive Information Security Program in line with the strategy for Bahrain HO and Overseas BUs.
◆ Risk based approach to assess the information and IT assets in developing a comprehensive mitigation strategy through redesigning the setup and improvising the process.
◆ Prime architect in redesigning the entire banks network, security and other IT infrastructure systems.
◆ Advisory services to IT team for adopting new technology and strategic decisions.
◆ Ensure that adequate information security management aspects are taken into account for strategic projects.
◆ Develop and maintain Information Security policies, standards, procedures and guidelines.
◆ Devised Information Security monitoring and reporting system to ensure monitoring of exceptional activities on high privilege accounts and incidents on all critical systems.
◆ Primary evaluator of Risk and Control Self Assessment (RCSA) for IT infrastructure and IT security operational security areas.
◆ Provide assistance to IT Audit, Fraud investigation team and Business units towards remediation on audit finding and fraud investigations.
◆ Facilitate Internal, External Audit and work for compliance with the management.
◆ Ensuring Security Awareness through fliers and awareness emails for the entire bank.
November 2008
To June 2009
Manager
at Ahlibank (S.A.O.G)
Location :
Oman - Muscat
Manager - Information Security
Ahlibank (S.A.O.G) November 2008 - June 2009
◆ Strategic Information Security plan.
◆ Risk Assessment and Management.
◆ IT Control Compliance.
◆ IT and Information Security process development and maintenance.
◆ Development of Security policy, procedures and standards.
◆ Development of DR and BCP plan and related process.
◆ Implementation of information security projects.
◆ Security Infrastructure Management.
◆ User training and awareness about information security.
◆ Planning and implementation of Information Security policy, procedures and standards.
◆ Security monitoring and reporting.
Ahlibank (S.A.O.G) November 2008 - June 2009
◆ Strategic Information Security plan.
◆ Risk Assessment and Management.
◆ IT Control Compliance.
◆ IT and Information Security process development and maintenance.
◆ Development of Security policy, procedures and standards.
◆ Development of DR and BCP plan and related process.
◆ Implementation of information security projects.
◆ Security Infrastructure Management.
◆ User training and awareness about information security.
◆ Planning and implementation of Information Security policy, procedures and standards.
◆ Security monitoring and reporting.
July 2004
To September 2008
Manager
at Information Security Office
Location :
Oman - Muscat
Manager - Information Security Office
BankMuscat (S.A.O.G) July 2004 - September 2008
◆ Develop, review and revise the Information Security Management System (ISMS)
◆ Enabled bank for ISO 27001 certification.
◆ Develop systematic approach and detail methodology for Information Risk Assessment.
◆ Conduct Risk assessment and derive Risk treatment Plan.
◆ Devise Information security policy, guidelines, standards and procedures.
◆ Guide Security Steering committee and business units on IS and Risk.
◆ Integrate security standard requirements to QA process.
◆ Plan and execute awareness program.
◆ Evaluation and recommendation of new Security products or technologies.
◆ Network Security architecture design and implementation.
◆ Manage projects initiated under Information Security Enhancement Program and networking.
◆ Implementing best practices and other recommendations by Statutory and external auditors.
◆ Co-ordinate ISO 27001 surveillance other statutory audits.
BankMuscat (S.A.O.G) July 2004 - September 2008
◆ Develop, review and revise the Information Security Management System (ISMS)
◆ Enabled bank for ISO 27001 certification.
◆ Develop systematic approach and detail methodology for Information Risk Assessment.
◆ Conduct Risk assessment and derive Risk treatment Plan.
◆ Devise Information security policy, guidelines, standards and procedures.
◆ Guide Security Steering committee and business units on IS and Risk.
◆ Integrate security standard requirements to QA process.
◆ Plan and execute awareness program.
◆ Evaluation and recommendation of new Security products or technologies.
◆ Network Security architecture design and implementation.
◆ Manage projects initiated under Information Security Enhancement Program and networking.
◆ Implementing best practices and other recommendations by Statutory and external auditors.
◆ Co-ordinate ISO 27001 surveillance other statutory audits.
September 2000
To June 2004
Senior Technical Consultant
at Ramco Systems Ltd, India
Location :
India - Delhi
Senior Technical Consultant
Ramco Systems Ltd, India September 2000 - June 2004
◆ Develop information security program for the clients.
◆ Develop techniques and procedures for conducting information security risk assessments and compliance audits.
◆ Devise Information security policy, guidelines, standards and procedures in conjunction with the risk assessment results.
◆ Assistance in enforcing information security standards and further audit trials on the compliance level towards BS7799.
◆ Product architecture design and implementation of security solutions.
◆ Technical support to diagnose, analyze, research and resolve complex security administration and operation related problems.
◆ Vulnerability Assessments on network, host and Database.
Ramco Systems Ltd, India September 2000 - June 2004
◆ Develop information security program for the clients.
◆ Develop techniques and procedures for conducting information security risk assessments and compliance audits.
◆ Devise Information security policy, guidelines, standards and procedures in conjunction with the risk assessment results.
◆ Assistance in enforcing information security standards and further audit trials on the compliance level towards BS7799.
◆ Product architecture design and implementation of security solutions.
◆ Technical support to diagnose, analyze, research and resolve complex security administration and operation related problems.
◆ Vulnerability Assessments on network, host and Database.
November 1998
To September 2000
Facility Management Engg
at Nexus Computers
Location :
India
Facility Management Engg
Nexus Computers, Chennai November 1998 - September 2000
◆ Lead 3-member team for maintaining and administering the network at the client site. Implement new trends and technologies based on client requirements
Nexus Computers, Chennai November 1998 - September 2000
◆ Lead 3-member team for maintaining and administering the network at the client site. Implement new trends and technologies based on client requirements
December 1996
To September 1998
Customer Support Engineer
at Cat Computers
Location :
India
Customer Support Engineer
Cat Computers December 1996 -September 1998
◆ Design and Implementing Local area Network solutions for clients
Cat Computers December 1996 -September 1998
◆ Design and Implementing Local area Network solutions for clients
July 1993
To September 1996
Service Engineer
at Inscomp Systems and Controls PVT Ltd
Location :
India
Service Engineer
Inscomp Systems and Controls PVT Ltd. July 1993 - September 1996
◆ ModiOlivetty sales and support
◆ IBM Compatible PCs Assembling and card level service.
◆ In House Engineer at APTECH Computer Education, Trichy.
Inscomp Systems and Controls PVT Ltd. July 1993 - September 1996
◆ ModiOlivetty sales and support
◆ IBM Compatible PCs Assembling and card level service.
◆ In House Engineer at APTECH Computer Education, Trichy.
Share on Facebook
Share on Twitter
Share Via Email