Cybersecurity Architect
Sadara Chemicals Company
Total years of experience :18 years, 9 Months
• As a Cyber Security Architect, responsibility is to manage security architecture, cybersecurity operations and protection information.
• Responsible for identifying security gaps and providing recommendations to close the gaps.
• Implement and operate multiple security systems such as Identity and Access Management, Privilege Access Management, Multifactor Authentication, Microsoft Active Directory, Digital Rights Management, Integration Remote access solutions (VPN and Citrix) and Azure Cloud solutions with 2FA, FireEye, IPS, Symantec EPP, DLP, Citrix WAFs, Arbor DDOS, O365 security, Azure RMS, Azure IaaS Security, ADFS for Single Sign-on, Microsoft EMS, email ATP.
• Ensured that cloud systems such as O365, SuccessFactors, Ariba, Salesforces, Azure IaaS, Wombat etc are secured.
• Provided Technical insight to select, review designs and implement QRADAR SIEM for security monitoring.
• Develop strong use cases to detect security incidents for APTs, authentication failures, Data leakage, brute force attacks, unauthorized access, reconnaissance etc.
• Lead efforts to develop Incident Response process and plans.
• Lead and implemented cloud based Intsight threat intelligence platform to receive intelligence for organizations external digital assets.
• Enforce and maintain Saudi National Cybersecurity Authority controls for critical infrastructure security.
• Enforce and maintain Aramco Critical Cybersecurity Controls mandated for their JVs.
• Implemented and operated Tenable Vulnerability Solution.
• Accountable for patch management process and KPIs.
• Responsible for running vulnerability scans both within and from cloud.
• Responsible for managing and operating managed security services via outsourced partners.
• Responsible for timely closure of cybersecurity audit observations identified by internal and external auditing entities such as PWC, IBM, SecureWorks, Boston Consulting Group, Saudi Aramco, DOW Chemical’s etc.
• Define policies and processes for Identity, Access and Privilege Access Management services.
• Provide and evaluate Security requirements in all IT RFPs.
• Ensure availability of critical IT systems through proper disaster recovery and business continuity planning.
• Work closely with Enterprise and Solution architects to analyze business requirements and then come up with secure, highly available and scalable IT solution.
• Handle complex projects and assignments, such as recurring application, service, or operational problems, and use expertise to recommend solutions to management.
• Responsible for enforcing and maintaining controls to protect Sadara intellectual property and data.
• Responsible for enforcing and maintaining CIS based hardening controls on security devices.
• Develop project and service rationale and perform scoping assessments to determine feasibility, provide guidance and advice regarding vendor selection and implementation process.
• Plan and conduct workshops and presentations to senior business and IT management to demonstrate new IT solutions and capabilities.
• Develop comprehensive requirement specifications that will determine the estimate of cost, time and resources to deploy solutions.
• Research and recommend high level functional and/or technical solutions.
• Ensure that relevant business stakeholders are involved in specification of new services and/or major upgrades to existing services.
• Oversee the implementation of new systems/services.
• Keep abreast of trends and developments throughout the computer industry to recommend new IT solutions that would improve the performance of certain functions or the company as a whole.
• Defining and maintaining system, product and security architectures in alignment with the company’s business architecture.
• Providing technical direction for cybersecurity on strategic IT systems.
• Train and direct IT staff by sharing expertise and experience to develop the knowledge of the IT staff.
• Involve in IT Infrastructure Consulting projects.
• Do as-is Infrastructure analysis, identify gaps and make recommendation to the client Infrastructure with possible roadmaps and accordingly propose target (to-be) infrastructure architecture.
• Deliver Enterprise Architecture project wrt Technology Architecture.
• End to end IT Infrastructure due diligence in areas of Applications, databases, storages, network, servers and virtualization.
• IT Strategy, initiatives and roadmap.
• Involved in projects in BCP, DR, Virtualization, Information security, Infrastructure Assessments, Data Center assessment etc.
• Identify technology components, products to be part of target architecture.
• Involved in research, identifying industry/technology trends and other practice development activities.
• Solution Architecture.
• Togaf 9 implementation for Enterprise wide architecture.
• Involved in IT Governance and Information Security projects delivery.
• Define and implement end to end DR Policies, Plans, Procedures and Process.
• Conduct Business Impact Analysis.
• Involved in RFPs and other pre-sales activities.
• Prepare Technology architecture, Recommend technology options for Enterprise Systems.
• Understand current IT technologies and infrastructures Trends in the market.
• Understand and model the business processes of the client organization to lay the foundation for the technology architectures
• Conduct client interactions and workshops with Business users and process owners to get functional and architectural requirements.
• Presentations to stakeholders and Senior Executives.
• Define and implement enhancements to current architecture and standards, based on business requirements, in order to ensure the highest levels of technological support to business operations are achieved and maintained.
• Develop, communicate and implement IT standards and ensure that business areas operate in line with a common, integrated set of architecture and standards, so as to enable technology decisions that support business requirements.
• Ensure adherence to standards covering all areas where integration can be improved or economies of scale can be gained (e.g., network, technology platforms, programming languages, database tools, end-user tools)
• Develop all security policies and security guidelines for IT, as well as business continuity measures and disaster recovery plans, in conjunction with other department heads, to provide action plans which will respond speedily and effectively to the threat or disaster.
• Define information security requirements and standards (e.g., who will have access to the information, what kind of operation will users be allowed to perform)
• Assess potential tools to define whether they should or not become new standards.
• Document all architecture and standards, communicate within IT and related business areas.
• Track any additions/changes/deletions to applications, infrastructure and systems, and monitor (inc. auditing) and enforce security policies.
• Monitor organizational changes and industry trends in order to align standards with external and internal practices.
• Organize and supervise the activities and work of subordinates to ensure that all work within Architecture and Standards activity is carried out in an efficient manner which is consistent with operating procedures and policy.
• Evaluate project RFP’s.
• Define as-is and to be architecture for the client & do the gap analysis.
• Evaluation and selection of EA tools for client.
• Use Togaf 9 framework do develop Enterprise Architecture.
• Delivery, support and single point of contact for all IT Infrastructure issues of J&K Circle.
• Responsible for Circle Data Center operations.
• Manage Circle Network, Storages, Servers (Application, Database and Web, email, Internet Proxy, Anti-Virus servers)
• Responsible for delivery of End User Services for the location.
• Ensure support for rolling new Infrastructure projects in the circle.
• Monitor, Configure and troubleshoot Cisco Routers, Switches and firewalls.
• Apply Hardening procedures for Cisco Network Devices and Servers.
• Ensure high availability of IT Infrastructure for the circle.
• Linux and Wintel server management, administration and troubleshooting.
• Ensure adherence to Physical Access Control, Incident, Change and Problem Management processes.
• Document all incidents in Incident Management tool and analyze calls as per Incident Management Process.
• Ensure Implementation and Compliance of client information security policy which was based on ISO 27001, for the circle.
• Responsible for circle specific information security audits.
• Circle ID Management, QEV and CBN.
• Ensure System Log Reviews and accordingly recommend actions incase required.
• Managing information security for applications, network devices and servers.
• Information security audits of servers, network devices, data center operations and process compliance.
• Responsible for circle Patch Management Process.
• Manage and support 350+ desktop and laptop end users.
• Vulnerability assessment, risk management, mitigating controls and procedures.
• Ensure high availability of critical application, web and database servers of the circle (AOL, CDR, Omni DOCS, Omni Reports, SFTP, Web, email, Antivirus and proxy services)
• Ensure desktop support of CRM, Keenan FX and PACS provisioning applications for circle users & availability of Postpaid and Prepaid MIS reports to circle users.
• My Responsibility was managing the call center network of a telecom client at J&K.
• Administration and troubleshooting of Nortel Networks M-11-C PBX Switch, VPS Periphonics (IVR),
• Symposium Call Center Server 5.0, Symposium 5.0 (Classic Client).
• Configuring and troubleshooting Nortel 3904, 3905 Phone Sets for Call Center Agents.
• Managing and troubleshooting Pre-Paid and Post-Paid applications in VPS Periphonics IVR (Interactive Voice Response System).
• Manage and troubleshoot problems in VERINT Voice Logger.
• Manage Windows 2000/2003 Servers, Active Directory and Group Policy.
• Windows 2000/2003 server backups, SCCS 5.0 backups, oracle database customer data backups.
• Manage and troubleshoot FTP and HTTP Services on windows 2000 servers.
• Manage and troubleshoot DNS Services.
• As a customer support engineer the responsibility was implementation, configuration and troubleshooting of LANs, WANs, Servers and Desktops.
• Windows NT/2000/2003 server administration and troubleshooting.
• Windows 2000 / XP desktop administration and troubleshooting.
• Responsible for troubleshooting desktop and server problems.
• Windows NT backups.
• Redhat 8/9 Linux administration and troubleshooting.
• Configure and troubleshoot Cisco Routers 2600, 1700 and Cisco Switches 2950 and 3550
• Troubleshoot LAN, WAN and Internet Problems.