Muna Abu Abed

Main Duties:  IT security operation and administration:  Provide input to development of enterprise IT security policies, standards, best practices; monitor security profiles and report violation .  Develop information security framework based on the ISO27001 standard that defines how people, technology, and process should be assembled to secure the environment and remain consistent with business objectives.  Assist in the investigation of possible security exception to ensure information system security in applied across the enterprise.  Technical implementation of PCI DSS requirements  Implement process and methods for the purpose of the auditing and addressing on compliance issues to information security standards.  Provide input in planning of security administration of smooth implementation of all IT projects .  Systems and Network Hardening against Bank standards and CIS benchmark documents.  Vulnerabilities assessment using the vulnerability management systems in the bank . Building security awareness program (IS awareness Trainer), and promote for security culture and practices among employees.  Provide support for Security problems, security incident response and change management.  Administrating security appliances at Jordan Ahli Bank (Cisco Firewalls, Cisco IPS, Fircepoint web gateway, Fortinet, McAfee MVM, Wireless IDS, Source fire SSL, Cisco ISE, Cisco ACS, RSA envision SIEM solution ) .  Administrating Temenos SMS module .  Ensure project milestones are achieved as per project plan in terms of time and budget. Risk and compliance management:
 Identify any potential areas of complaince vulnerability and risk in order to implement corrective action plans for resolution of problematic issues.  Assist in conduct of risk assessment on the risks that could seriously impact IT services across enterprise IT infrastructure against the ISO 27001 standards and recommend the appropiate controls and risk plans and programs to mitigate the risk .  Monitor and identify any new technology risk threat and take pro-active measure to protect company's computing and networking environments.  Participate in conduct of pnetration tsting to assess the vulnarabilities and weaknesses in the systems.  Participate in the planning for the restoration of IT services to provide adequate backup and recovery mechanisms for the unexpected contingencies.  Coordinate the internal and external audites and follow up the implementation of the AUdit recommendations with various IT sections.  Monitor the performance of the risk and compaliance program and related activitiexs on a continuing basis in order to take appropriate steps to improve its effectiveness.  Track and analyze performance and security risk measures, study and evaluate frequently reported problems to pro-actively take necessary actions to prevent them in the future.  observe and participate in the evaluation of new technology to keep improving company's IT security infrastucture framework and proactively protect company against the new threat and risks.
 IT Audit:  Engage with external and internal auditor for compliance and audit programs.
section objectives
 JAB IT Security Projects:  PCI -DSS certification .  ISO 27001 standard applying.  Cobit5 standard applying.  Changing Jordan Ahli Bank data center network devices.  New Disaster recovery site building (new network and security devices).  Implementing I storm Vulnerability assessments, Strom Agent FIM and SIEM solution and Air storm wireless IDS.  MacAfee Vulnerability (new vulnerability scanner) tool.  RSA Security Analytics SIEM solution (Implementing, configuration, systems integration, Reports tuning, Dashboards )  JAB new systems along with the new core banking implementation.( new interfaces and systems along with the new core banking system _ Temenos )

Providing technical security support to Arab bank. Performing Security and infrastructure assessment and following up on the security incidents related to Arab bank. Working on the bellow products and technologies:
 Certificate and pre-shared VPN and DMVPN tunnels.  Juniper and Cisco firewalls.  McAfee Vulnerability manager.  MacAfee IPS.  Cisco ASA modules.  Symantec Compliance suite.  FireEye appliance.  Cisco configuration Manager.  Tripwire FIM .  Arcsight SIEM .
 New Project implementation for the HP Arcsight solution and migrate all old SIEM reports to the new SIEM systems which includes:  Identifying scope of monitoring ( bank’s systems to be monitored ) .  Identifying the logs type for each system to be connected to the SIEM solution.  New SIEM system components implementation.  Connect scope systems to the SIEM .  Migrate old SIEM solution reports to the new System .  Dashboards, reports and alerts tuning for the new systems connected to the SIEM .

 Administrating the SIEM solution to make sure that All systems in the scope of monitoring are monitored properly by dashboards, reports and Alerts. this includes  troubeshoout any nodes connectivity and fix it .  Periodic Content and context update for SIEM.  Creation of ADHOC reports/rules and dashboard in Logger and ESM .  License requirement.  Maintenance of ArcSight components - ArcSight Logger, ArcSight connector appliance, ESM.  Upgradation of ArcSight SIEM environment to the latest version.

 Periodic assessment on SIEM and report necessary changes and enhancement to management.  Alerting security team for attacks targeting environment.  Generate periodic reports from ArcSight ESM and distribute to security team.  Managing configuration in ESM and Logger  Managing backups restore related to SIEM environment.  Conduct periodic maintenance activities like health checkup in ESM and Logger.  Coordinate with SIEM engineering team for trouble shooting of faults & problem resolution  Develop log baseline document to share with asset owner for enabling logs.  Develop use cases which are required for daily SOC monitoring to detect advance threats.  Capacity planning for ArcSight agent server.  Optimize existing SIEM hardware resources for better utilization.  Develop and maintain SIEM device management process.  Capacity planning for SIEM Manager and Database.  Knowledge transfer to SOC on recent updates on SEIM and enhancements.  Configure trends and query viewer in SIEM for historical analytics  Suggest new reports and enhance existing reports configured in SIEM environment.

Jan 2011 till CISCO TAC JORDAN - || Estarta Solutions
April 2012 (15 months) Technical Support Engineer
Providing technical support to for Cisco's customers in issues related to network security; this includes a range of various products: - Cisco ASA, PIX, and FWSM firewalls
- VPN technologies including WebVPN, Site to Site VPN, Easy
VPN, VPN client remote access on both Cisco Router and Cisco
firewall
- SSL technologies including Any connect on both Cisco router and firewall
- Intrusion prevention systems, and intrusion detection systems
- Router IOS security including configuring the zone based
firewall, CBAC and the IPS /IDS
- Routing and switching on Cisco firewalls
- GRE and MGRE Vpn technology
- Cisco ASDM and SDM
- Cisco CSC module
- Cisco ACS
- AAA technologies
- Authentication using pre-shared key ad certificates technologies

Non-technical Duties: - Continuous customer support with periodic updates and follow- ups
- Report to management any arising issues
- Support and be supported by team mates
- Continuous self-development in reading about new technologies and receive training.
- Keep issues well documented in timely manner.
- Serve customers and resolve issues in a short time frame.

Skills improved: - Focus
- Commitment and determination
- Working under pressure
- Time management
- Organization
- Documentation
- Communication and teamwork
- Network Engineering
- Leading by example
- Customer satisfaction

Trainee