Cyber security Consultant
Aramco Services Company
مجموع سنوات الخبرة :13 years, 2 أشهر
Lead and manage Security Operations Center team.
Primarily responsible for security event monitoring, management and response
Monitoring windows event collector & forwarding to Arcsight/ ESM.
Support internal incident response activities, assisting with the mitigation and remediation processes while documenting lessons learned.
Verifying Assets, Risk management & Assessment the current state of control.
Responsible for integration of standard and non-standard logs in SIEM
Creation of reports, dashboards, metrics for SOC operations and presentation
Assess and recommend improvements to the security of operational technology.
Managing & operating Qradar SIEM for monitoring, detecting, analyzing & reporting
tools, alerting and procedures as they relate to DDoS.
I have experience, in SIEM and log management tool such as LogRhythm, Qradar
Verifying Assets, Risk management & the current state of control. Implement security Countermeasures to mitigate threat related to (DDoS/DA)
Performing vulnerability management (patching, scanning, recommended remediation
or mitigation actions) Manage endpoint security (EDR), thrat detection, response & investigation
Providing incident response support, including mitigating actions to contain activity
and facilitating for forensics when necessary
Monitor security systems for anomalies and respond to potential security events SIEM solution, vulnerability assessment, Network Analyzer
Have good experience in windows server 2012, 2016
information security to IT infrastructure and projects as needed threats that / Deployment & Manage AVG antivirus /AVG Server Consol & EPO MacAfee
Providing security support for application and infrastructure related projects. installation & Configuration IPS/IDS Firewall on premises with customer investigation, analysis & response to suspicious security events that trigger in IPS, SIEM, firewalls. AD, DNS, RDP, WSUS, windows update definition & Security IDS/IPS, Experience with designing / integrating with Office 365
cloud, SDDC, hybrid IT, virtualization,
RAMY
MOHAMED HANAFI
IT Security Consultant Network level: WAN and LAN connectivity, routers, firewalls, and security. Ability to set and manage priorities judiciously. Develop and implement a data leak prevention program. Computer Emergency Response Team (CERT), Computer Security Incident Escalate and manage security events to support the established Incident Management and CSIRT processes& Perform security research, analysis, and design of the computing systems and network infrastructure
English Language
Arabic Language.
German language basic Have a good experience level knowledge in IT industry standards and best practices processing for " office 356, windows server . Exchange online
Design and implementation of networks, connecting lines fiber optic cable.
Assistant director of communications projects in the UAE in setting up a fiber optic cable.
Installing & configuring TMG 2010 - establish Domain controller based on windows server 2008 r2, DC, DNS, DHCP, LAN, WAN - Windows cluster 2008
VMWARE - Hyper-V implemented with Dc 2012.
WatchGuard, Firewall.
Mail Server exchange 2010 - 2013.
Networking troubleshooting (Help desk).
IT Network plan field using MS infrastructure &
VMware. Virtualization
Assistant director of communications projects in the
UAE in setting up a fiber optic cable. Inspection
TMG/forefront 2010 designing & implementation
courses: Courses attended: MCSE 2012 (AD – group policy – OU – NT backup & restore. MCITP ( windows 2008 ) ( Active Directory ) ( DNS ) ( DHCP ) Exchange online 2016 CISM CISSP CCNA. CISA CEH v9 Windows Server 2012 PMP ( Project Management Professional ) Certifications:- MS Certified exchange servers -2007-2010 MCTS Certified. MS Exchange Server 2010-2013 Win 7 - 8 & windows 10 professional Certified. MCSA 2012 Certified. Microsoft Certified Solutions Associate (MCSA) Win server 2012 Linux Administrator suse 9.1 - CentOS Project Title://MCSA,MCITP,MCTS,MCSE,TMG,MCP Ramy Hanafi 2