Information Security Analyst/PMO
Ministry of Interior
مجموع سنوات الخبرة :20 years, 1 أشهر
• Collaborate with business heads/business managers & IT function heads/managers and security liaisons on information security issues
• Coordinate with different department within ministry for development, maintenance, communication, and distribution of information security policies
• Support system administrators to create policies and procedures for the identification, collection and analysis of risk related information
• Provide consultation on Information security to other government ministries
• Implementation and maintenance of SIEM (ArcSight) in K-Electric environment
• Establish and clarify accountability and decision rights with help of Policies and Procedures
• Manage risks, change and contingency proactively.
• Improve IT organizational performance, compliance, maturity and staff development.
• Improve customer service and overall responsiveness with help of ITIL.
• Align IT investments and priorities more closely with the K-Electric business end.
• Manage, evaluate, prioritize, fund, measure and monitor requests for IT services and the resulting
• work and deliverables, in a more consistent and repeatable manner that optimizes returns to the
• business.
• Manage the responsible utilization of resources and assets within IT division.
• Ensure that IT delivers on its plans, budgets and commitments.
• Design metrics for different processes and services
• Implementation of ITIL and Cobit in K-Electric IT Division
• Implementation and maintenance of ISO 27001:2005
• Prepare, Maintain and check Business continuity plan/Disaster Recovery plan in such a way that it
• will not affect customer deliverables in uncertain condition
• Risk assessment, Risk analysis and mitigation plan for all areas which can create hindrances in
• business process
• Oversee Information Security Policy development and project management (VMWare Hypervisor, LANDesk EndPoint Security, EndPoint Security)
• Assess controls and conduct audits in accordance with Information Security Policies, IS audit
• standards, guidelines and best practices to meet audit objectives
• Communicate emerging issues, potential risks, and audit results to key stakeholders
• Analyze reports from information security systems including: log consolidation, patch compliance,
• change control, vulnerability, IDS, and content management
• Assist with incident response including performing investigative follow-up, assigning responsibility
• for corrective action, and auditing for effective completion
• Involved in security planning for future application system implementations
· Leading a team of more then 8 engineers.
· Core team member who Initiated Six Sigma methodologies in the department and developed quality measurement unit DPMO.
· Performed Process Flow Diagram & Cause & Effect Diagram for problem solving.
· Seek verification from outside sources to establish that the Etilize decision on eligibility and benefits is correct
· Record findings on prescribed forms.
· Research and recommended for automated processes like auto manufacturing and QA during the different design and development stages
· Handling customer complaints, making sure that the customer retention percentage should be more than 99%.
· Involved in various organizational projects and have done Cost & Benefit Analysis (ROI) for their selection/execution
· Liable to create a sampling plan for the Quality Assurance for its Quality Control / Inspection.
· Have objectively defined each area for process improvement and effectiveness and established KPIs for monitoring
· Responsible to determine the conformity or nonconformity of the system elements with specified requirements.
· Liable for determining the effectiveness of the implemented system in meeting specified objectives.
· Internal Quality Audit: Conducted an audit for the organization of its own systems and procedures through quality inspection plans. Its main objective is to assure maintenance, development and improvement of the quality system. Liable to generate a monthly report and defining non-conformances in each department to higher management and also to provide corrective and preventive actions for each activity.
· Part of the team who identify Key Performance Indictors for QAEs
· Run different projects simultaneously for the betterment of organization. Each project prior to its execution is analyzed as per its ROI and SWOT Analysis.