Bayt.com
مصطفى محمد محمد بيومى هاشم هاشم, Senior Information Security

مصطفى محمد محمد بيومى هاشم هاشم

Senior Information Security

Banque Misr

البلد
مصر
التعليم
بكالوريوس, Accounting
الخبرات
16 years, 8 أشهر

مشاركة سيرتي الذاتية

حظر المستخدم


الخبرة العملية

مجموع سنوات الخبرة :16 years, 8 أشهر

Senior Information Security في Banque Misr
  • مصر - القاهرة
  • أشغل هذه الوظيفة منذ سبتمبر 2007

 Assesses information risk and facilitates remediation of identified vulnerabilities with the Bank network, systems and applications.  Reports on findings and recommendations for corrective action. Performs vulnerability assessments as assigned utilizing IT security tools and methodologies.  Performs assessments of the IT security/risk posture within the IT network, systems and software applications, in addition to assessments within the Vendor Management Program.  Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios. Facilitates and monitors performance of risk remediation tasks, changes related to risk mitigation & reports on findings.  Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications.  Provides weekly project status reports, including outstanding issues. The IT Security/Risk Analyst assists in all IT audits, IT risk assessments and regulatory compliance Key responsibilities  Management of IT security and IT risk (e.g., data systems, network and/or web) across the enterprise.  Address questions from internal and external audits and examinations.  Develop policies, procedures, and standards that meet existing and newly developed policy and regulatory requirements according to PCI-DSS  Facilitate IT security/risk training curriculum.  Serve as project manager/lead within IT security projects.  Promote awareness of applicable regulatory standards, upstream risks and industry best practices across the Bank. Technical Tasks.  Monitoring Security logs and Alerts.  Create, review, and maintain correlation rules for all platforms monitored by SIEM solutions.  Administer and maintain Data loss Prevention System.  Administer and maintain Control compliance suite systems (IT GRC)..  Approve authorization production changes, transports, and Change Management.  Vulnerability Management  Windows Configuration Assessment.  Follow-Up and respond to External Audit reports like CBE, KPMG and CAO.

الخلفية التعليمية

بكالوريوس, Accounting
  • في Faculty of commarce
  • مايو 2003

Specialties & Skills

Data Extraction
+Endorse 0
Integrity
+Endorse 0
Risk
+Endorse 0
Privacy
+Endorse 0
Platforms
+Endorse 0
Vulnarability Assessment
+Endorse 0
Windows configuration assessment
+Endorse 0
Risk Assessment
+Endorse 0
Leadership
+Endorse 0
IT-GRC
+Endorse 0
DLP
+Endorse 0
SIM
+Endorse 0
PCI-DSS
+Endorse 0
CISA
+Endorse 0
information security
+Endorse 0

اللغات

العربية
متمرّس
الانجليزية
متوسط

العضويات

ISACA
  • CISA
  • December 2011

التدريب و الشهادات

(تدريب)
Microsoft Certified System Administration (تدريب)
معهد التدريب:
Yat Education
تاريخ الدورة:
May 2005
CCNA (تدريب)
معهد التدريب:
Cisco
تاريخ الدورة:
December 2007
SANS SEC401: Security Essentials certified (تدريب)
معهد التدريب:
Egyption Banking Institute
تاريخ الدورة:
August 2011
SANS Audit521: PCI/DSS 2.0 (تدريب)
معهد التدريب:
Egyption Banking Institute
تاريخ الدورة:
April 2010
SANS SEC579: Virtualization and Private Cloud Security (تدريب)
معهد التدريب:
Egyption Banking instatute
تاريخ الدورة:
March 2012
CISA (Certified information system Auditor) (تدريب)
معهد التدريب:
Amrican Chamber
تاريخ الدورة:
March 2011
Network and OS security (تدريب)
معهد التدريب:
IBM
تاريخ الدورة:
June 2004

الهوايات

  • Football