Bayt.com
Mostafa Hashem, Senior Information Security

Mostafa Hashem

Senior Information Security

Banque Misr

Location
Egypt
Education
Bachelor's degree, Accounting
Experience
16 years, 7 Months

Share My Profile

Block User


Work Experience

Total years of experience :16 years, 7 Months

Senior Information Security at Banque Misr
  • Egypt - Cairo
  • My current job since September 2007

 Assesses information risk and facilitates remediation of identified vulnerabilities with the Bank network, systems and applications.  Reports on findings and recommendations for corrective action. Performs vulnerability assessments as assigned utilizing IT security tools and methodologies.  Performs assessments of the IT security/risk posture within the IT network, systems and software applications, in addition to assessments within the Vendor Management Program.  Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios. Facilitates and monitors performance of risk remediation tasks, changes related to risk mitigation & reports on findings.  Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications.  Provides weekly project status reports, including outstanding issues. The IT Security/Risk Analyst assists in all IT audits, IT risk assessments and regulatory compliance Key responsibilities  Management of IT security and IT risk (e.g., data systems, network and/or web) across the enterprise.  Address questions from internal and external audits and examinations.  Develop policies, procedures, and standards that meet existing and newly developed policy and regulatory requirements according to PCI-DSS  Facilitate IT security/risk training curriculum.  Serve as project manager/lead within IT security projects.  Promote awareness of applicable regulatory standards, upstream risks and industry best practices across the Bank. Technical Tasks.  Monitoring Security logs and Alerts.  Create, review, and maintain correlation rules for all platforms monitored by SIEM solutions.  Administer and maintain Data loss Prevention System.  Administer and maintain Control compliance suite systems (IT GRC)..  Approve authorization production changes, transports, and Change Management.  Vulnerability Management  Windows Configuration Assessment.  Follow-Up and respond to External Audit reports like CBE, KPMG and CAO.

Education

Bachelor's degree, Accounting
  • at Faculty of commarce
  • May 2003

Specialties & Skills

Data Extraction
+Endorse 0
Integrity
+Endorse 0
Risk
+Endorse 0
Privacy
+Endorse 0
Platforms
+Endorse 0
Vulnarability Assessment
+Endorse 0
Windows configuration assessment
+Endorse 0
Risk Assessment
+Endorse 0
Leadership
+Endorse 0
IT-GRC
+Endorse 0
DLP
+Endorse 0
SIM
+Endorse 0
PCI-DSS
+Endorse 0
CISA
+Endorse 0
information security
+Endorse 0

Languages

Arabic
Expert
English
Intermediate

Memberships

ISACA
  • CISA
  • December 2011

Training and Certifications

(Training)
Microsoft Certified System Administration (Training)
Training Institute:
Yat Education
Date Attended:
May 2005
CCNA (Training)
Training Institute:
Cisco
Date Attended:
December 2007
SANS SEC401: Security Essentials certified (Training)
Training Institute:
Egyption Banking Institute
Date Attended:
August 2011
SANS Audit521: PCI/DSS 2.0 (Training)
Training Institute:
Egyption Banking Institute
Date Attended:
April 2010
SANS SEC579: Virtualization and Private Cloud Security (Training)
Training Institute:
Egyption Banking instatute
Date Attended:
March 2012
CISA (Certified information system Auditor) (Training)
Training Institute:
Amrican Chamber
Date Attended:
March 2011
Network and OS security (Training)
Training Institute:
IBM
Date Attended:
June 2004

Hobbies

  • Football