IT Internal Audit Supervisor
Egyptian Gulf Bank
Total years of experience :14 years, 7 Months
Leading the IT audits across 54 branches in Egypt, also I’m in charge of preparing the IT audit risk assessment, annual IT audit plan (Audit Universe), managing the field work including integrated audits with the banking operation audit teams and IT standalone audits i.e. Information Security and IT Governance using frameworks such as COBIT5 & ISO27001. My role is also extended to act as a trusted advisory over the Information Security, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective security controls are recommended. And then decided on and applied by management. Recent selected assignments include:
• IT controls review in regards to:
o Access to Programs and Data: Access management policies & procedures, periodic access reviews, password controls, privileged users’ accounts, physical access, SOD, audit logs, encryption & cryptography.
o IT projects and System Development Life Cycle.
o IT Operations: Batch processing & job scheduling, backup & recovery procedures, incident & problem management, IT service continuity & disaster recovery planning, patch management, IT service assets & configuration management, change management process, capacity planning and performance measurement.
• Review controls over information security function to evaluate information security policies, information classification and labelling, assets and media handling, existence of antimalware software, confidentiality agreements, hardening standards and configuration reviews, running vulnerability assessments and penetration tests in the proper schedules as per the regulations and internal information security policies, security awareness programs, physical and environmental controls for IT facilities.
• Governance and management of IT: reviewed the IT strategy to ensure its alignment with the business strategy, IT organizational structure, IT key performance indicators and SLAs, evaluated IT risk management practices, reviewed the existence of a formalized process for maintaining IT policies and procedures.
• Business automated controls over the critical bank systems.
Ownership and management of Release & Deployment processes.
Coordinated annual audit reviews for PwC / PCI-DSS / ISO20000- 1 / ISO27001 / AXA Group
Managed to annually renew licenses and support contracts for (Oracle DB\RAC\BI, MS GP, HR System, and SMS Gateway).
Established new semi-annual objectives for database team members and follow up.
Created and maintained database Team SLA and OLA's.
Monitored team performance and analyzed the results to ensure enhancement of team capabilities.
Performed database team joiner’s interviews and created technical exams.
Administering Oracle DB 11g
Administering MS SQL Server and MS Great Plains
Administrating IIS and web services configuration
Administrating Oracle Business Intelligence
Running\Monitoring End-of-Day operation and night jobs
Access management over all applications
Providing support to end-users and QA team
Manage system backup and restore strategy in a SQL Server environment
Implementing uses access, monitoring performance and database maintenance
Performing daily replication from several databases to the main office database
Administrating the financial application “Segment”
Utilizing and administrating a radar software application in a Linux environment
Receiving, logging, and modifying flights information
Troubleshooting and analysis software problems
Major: Information Systems
URL removed due to policy violation. Please contact support for further information.