Assistant Manager - IT Security
Abu Dhabi Islamic Bank
Total years of experience :26 years, 3 Months
(Moved from outsource below to permanent staff) Technical focal
point for the bank's Infrastructure and Application Security.
Manages a team that handles the operations.
Oversee design, implementation, operations and
maintenance of security technologies, processes and
serve as the focal point for all IT security issues and
concerns.
Formulate Information Security Procedures as per policy,
Send periodic notification to users for awareness.
Responsible for Security Assurance program to ensure all
changes made in ITD comply with the policies and does
not affect the security posture of the organization
Responsible for IT Security Operations annual Budget
(CAPEX and OPEX) to accommodate business security
requirements / projects.
Responsible for implementing risks identified during
Vulnerability Management Program and audits like RCSA,
GARR, Central Bank, PCI etc. Includes the preparation of
prioritization plan for implementation of fixes for
vulnerabilities that are discovered from time to time.
Work with the Senior Manager, Information Security to
develop and implement an Information Security Plan and
to identify, investigate, and document all reported
security violations and their resolutions.
Perform research, technology development and
engineering of information system security for broad
range of systems including enterprise and departmental
applications.
Assist in the management and coordination of enterprise
security projects and their associated resources.
Leveraged several projects - Mobile and Web. Delivered
as per tight deadlines to meet customer needs. Projects
were related to Central Bank WSI, Merchant
Issuer/Acquirer POS services, ATM security, Tokenization,
NESA, Oracle e-HR, UBPS, ESB integration, Mobile/Web
Digital Banking, SWIFT, SAP Ariba, Phoenix/Ethix etc.
TECHNOLOGIES
File Integrity Monitor and Config Manager
NNT FIM
PKI and Cryptographic modules
Thales Luna HSM
IdAM and SSO
Imprivata, CA
Managed services (Design, Implementation and operations) of IT-
Security infrastructure for the bank (client) as it connected to
partners, vendors and customers
was the focal point of contact
for any security related technical issues/escalation
covering the following:
Administering and provisioning Application security for
the client’s hosted Web services on WAF, not limited to
DDOS mitigation, OWASP top ten threats etc
Provisioning global availability of all the client’s hosted
services by administering the global DNS name server for
the bank
Administering the client’s Email Security and
complementary Sandboxing services for DC and DR
locations. Thus ensuring enterprise mails are analyzed for
potential threats to the infra not limited to brand abuse,
identity theft, phishing etc
Implemented and Administered Secure browsing
Solutions for DC and DR, ensuring only business related
and safe sites are accessible wherein exceptional policies
for non-standard requests are maintained
Providing network security through adminstration of
Firewalls/IPS for business critical applications such as
Core banking, ATM, Covered Card, Internet/Mobile
banking, SMS Bankng etc
Provisioning encrypted communications using VPNs •
Performing device audits and self-review health checks
adhering to PCI, NESA, ISO etc compliance
Lead - IT Network and Security
Samsung/former Harman
International/former Symphony Teleca
Designed, implemented and remotely managed IT Network Security
infrastructure for more than 30 clients across 100+ locations
Security: • Administration of: ASA/PIX/Juniper firewalls •
TACACS server • NATting customer networks • VPN
(IPsec/SSL) • Web Proxy/Reverse proxy/WAF • Email
Security • Hardening devices post VAPT
Routing and Switching: • Administration of static and
dynamic routing in customer and internal networks •
Maintenance/Troubleshooting issues related to switching
like STP, port flap, VLAN, HSRP, Portchannel etc •
Involving in service provider link termination and testing
activities to ensure 100% connectivity to customer
networks
Wireless: • Commissioning, maintaining Wireless Access
points • Configuring WLCs to provide SSIDs for wireless
user access
QoS/Traffic manipulation: Committing Bandwidth using
Qos as per customer requirement, involving standard
Codecs for video and voice equipment
US
SaaS provider for retail customers. Cloud back-end administration
for cross continent Data centers (US/UK/China/India), inclusive of
Network, Linux servers and proprietary storage cluster technologies
Certified: Azure Solutions Architect Expert AZ-303, AZ-304 Certified Info Systems Security Professional (CISSP) F5 -101 CCIE Security - Lab Attempt
in
in
courses: Doha-Qatar Achievements/Tasks