Information Security
Umniah
مجموع سنوات الخبرة :13 years, 10 أشهر
•Security Information & Event Management (SIEM): managing and administering SIEM,
•Analyze the risk in case of accidental event
•Select the event level
•Second layer for SOC analyses
•Internal and external penetration testing for Umniah IT network
•External Penetration testing services for big banks and companies
•Internal and external VA assessment - Umniah
•Internal and external VA assessment - “Banks “and companies
•Developing Policies and procedures” ISO 27001”
•Building end-to-end KPIs to measure effectiveness of security program for companies
•Advises the organization with current information about information security technologies and related regulatory issues
•Initiate and manage relationships with other departments and functions involved in information Security
•Promote and supervise the execution of the Information Security Awareness and Training program.
•Production and management of reports and production of documentation to capture all operational issues and incidents.
•Security Audit, Data leakage and Access Control Audit
•ISMS implementation and Audit
•Participate in the risk assessment process
•Business Continuity Management
•Web Application and Mobile Application Security testing
• Security Information & Event Management (SIEM): My responsibilities include managing and administering SIEM, customizing new reports, and provisioning of new customers. In addition to that, I have successfully used this tool to review multiple items (reports and graphs) showing current system data and in the production of management information/dashboard on a recurring manner.
• Arbor System (Intrusion Prevention System - IPS) which achieves an automated DDoS Mitigation of risks, protection of network security and overall visibility into the network status.
• Management and administration of Penetration Tests to finding security weaknesses in UMNIAH customer facing solutions and general customer service portals.
• Management and operation of a Vulnerability Scanner designed for early detection of issues within internal solutions within UMNIAH and is bundled as part of the release process of of any new component.
• External and internal Penetration testing
• Highly experienced in the use/operation of a VMS™ tools (Vulnerability Management System)
• Seasoned user of the McAfee IPS used by UMNIAH.
• Ability to manage security logs including review, reading, troubleshooting, archiving, and truncation.
• A good knowledge in servers, desktop, and laptop security products (Anti-virus, Anti-Spam and filtering)
• Highly experienced in network monitoring and management tools with hands-on exposure facilitated through job-rotations and daily shifts.
• Highly seasoned in the analysis/monitoring of system and network performance using monitoring tools while analyzing collected data and producing recommendations for growth and capacity plans.
• Production and management of reports and production of documentation to capture all operational issues and incidents.
• WAF Management
• IPS
• ISO 7001 standard
• Security Audit
• ISMS implementation and Audit
• Data leakage
• Access Control Review Users Privilege in quarterly basis
• Participate in the risk assessment process
• Administrator Enterprise & system engineer & Domain controllers as well as group information security policies.
• Highly experienced in the management, installation, and upgrade of Windows server 2008R1 & 2008R2 & IIS for window server 2008.
• Basic knowledge Linux.
• Long experience in troubleshooting activities of DNS (A, NS, MX …. record) and Outlook applications.
• Excellent knowledge in sales and packaging programs of IT equipment and products HW/SW.
• A good understanding of the operational logic of Developer Applications and websites (*.VB).
• Ability to identify and recommend modifications in software for the purpose of correcting errors and adapting it to new hardware, or to improve its performance.
• Excellent and proven knowledge in software system installation and monitoring.
Security Operations Center
• Security Information & Event Management (SIEM): My responsibilities include managing and administering SIEM, customizing new reports, and provisioning of new customers. In addition to that, I have successfully used this tool to review multiple items (reports and graphs) showing current system data and in the production of management information/dashboard on a recurring manner.
• Arbor System (Intrusion Prevention System - IPS) which achieves an automated DDoS Mitigation of risks, protection of network security and overall visibility into the network status.
• Management and administration of Penetration Tests to finding security weaknesses in UMNIAH customer facing solutions and general customer service portals.
• Management and operation of a Vulnerability Scanner designed for early detection of issues within internal solutions within UMNIAH and is bundled as part of the release process of of any new component.
• External and internal Penetration testing
• Highly experienced in the use/operation of a VMS™ tools (Vulnerability Management System)
• Seasoned user of the McAfee IPS used by UMNIAH.
• Familiar of ISO 7001 standard
• Designed mechanism and algorithms to detect and stop malicious spoofing activities (Web Spoofing, DNS Spoofing, IP Address Spoofing, etc.).
• Ability to manage security logs including review, reading, troubleshooting, archiving, and truncation.
• A good knowledge in servers, desktop, and laptop security products (Anti-virus, Anti-Spam and filtering)
• Highly experienced in network monitoring and management tools with hands-on exposure facilitated through job-rotations and daily shifts.
• Highly seasoned in the analysis/monitoring of system and network performance using monitoring tools while analyzing collected data and producing recommendations for growth and capacity plans.
• Production and management of reports and production of documentation to capture all operational issues and incidents.
Jordan University 2007-2011/2012: Bachelor degree, B.I.S (Business Information System)
Modern Systems Schools 2006-2007 High Secondary Education