cyber security manager
KPMG
Total years of experience :21 years, 3 Months
Kuwait
Responsibilities
Management and delivery of security related assurance and advisory services to clients
Assist clients in developing cyber security strategies and multi-year implementation and remediation programs based on business priorities and risks
Advise clients in defining security governance and target operating model positioning within the organization
Help clients to address the underlying security challenges raised by the digital transformation journey (Mobile technologies, Cloud computing, IoT, Digital trust, etc.)
Advise clients in understanding the overall business case and effective use of security technologies by identifying constraints, risks and integration points
Assist clients in selecting and designing specific security architectures and technologies
Assist clients in implementing specific security technologies including data leakage prevention, identity and access management.
Coach, manage and develop staff by establishing clear goals, expectations and strategies for employee performance and career development.
•SOC Solutions implementation supervision.
•Manage relationship with external security vendors to ensure service delivery meets SLAs and work closely to improve their efficiency.
•Develop and manage a robust documentation lifecycle
•Develops, documents and manages identification, containment and remediation strategies
• Security operations center (SOC) rules configuration and testing (Symantec MSS).
• SOC alerts response and analysis.
• ISO 27001 internal audit and security policies review/maintain.
• Conduct periodic vulnerability assessment and penetration testing.
• Corporate IT security planning.
• PKI Solution evaluation & Implementation.
• Develop policies and procedures that minimize the risk to the corporate IT infrastructure
• Provide evaluations and assessments for new deployments.
Diyar security operations center SOC team leader & Analyst (20+ clients under our supervision and administration including Oil Sector, Banks, Telecom, and Colleges...)
•SOC SIEM solution testing and evaluation (Symantec MSS Vs. logrhythm vs. splunk).
•SIEM rules create and modify as per the risk analysis results and best practice.
•Manage individual and team performance to consistently meet performance standards
•Providing performance and management reporting
•Develop and supervise work schedules to ensure proper staffing levels are maintained
•Establish performance goals and priorities
•Actively participate in hiring of new team members, adheres to policies and procedures, and create motivational strategies to drive quality performance
•Providing a centralized location for management, co-ordination and knowledge base contact, in particular for severe and critical incidents
•New threats classifications, prioritize and SLA.
•Daily collection of global, national and local incidents sources to produce a written daily/incident specific analytical report(s).
•Team shifts and schedule management.
•Monitor work order service requests, and all communications, prioritize and processes incoming information according to procedure.
• Vulnerability assessment and penetration test engagements leader and conductor.
•IT Security Services Presales consultant conducting presentation and presales meetings/activities with clients.
•Responsible for Managed services center ISO27001 certification and recertify Network and Security part.
.mtnsyria.com
•Some of the Projects at MTN:
•Delegated engineer for the GRX project to provide customers with internet services during roaming using a secure techniques
• Delegated engineer in the 3G project for video calls and high speed internet on mobile phones.
•Leading the VPN mesh network implementation between MTN Syria branch and other 21 branches in different countries.
•Team member in implementing the Next generation Network (NGN) project using MPLS tech on Cisco equipment’s.
•Team member in implementing a private ISP to provide the GSM customers with the internet services.
E-lcom ISP internet service provider
.e-lcom.sy
•Some of E-lcom
o Backbone devices configuration part from scratch until the ISP became in service.
o Integration configuration between internet routers and billing system.
o All internet connection types configuration on the connections concentrator LAC.
Education ¬ Bs, IT Engineering College (5 years) - Damascus University - Syria Certification TOGAF 9.2 COBIT 5 ¬ ISO 27001 Lead Auditor ¬ CNDA (Certified Network Defense Architect ) ¬ CSLO ( Certified Security Leadership Officer ) ¬ LPT (Licensed Penetration Tester) ¬ CHFI (Computer hacking forensic Investigator) ¬ CEH (Certified Ethical Hacker) ¬ ECSA (EC-Council Security Analyst) ¬ CPTE ( Certified Penetration Testing Engineer ) ¬ CIW Web Security professional ¬ CIW web Security Specialist ¬ CCIE Security, SP, R&S Written. ¬ CCNP (Cisco Certified Network Professional) ¬ CCIP (Cisco Certified Internetwork Professional) ¬ CCSP Cisco Certified Security Professional ¬ CCNA ¬ CompTIA Server+. ¬ MCSE Microsoft certified System Engineer. ¬ Symantec Sales Expert Trainings and Workshops: SWIFT Infrastructure Security Audit, Symantec SIEM administration, logrhythm SIEM administration, CISSP, CISM, PMP.