Information Security Manager
Electronic Documents Centre LLC
Total years of experience :25 years, 10 Months
Key Responsibilities:
• Maintain EMV, VISA, MasterCard and BS7799/ISO27001 standards’ compliance and related certifications.
• Entrusted to lead a team of 7. Reports to CEO on the health of the ISMS. Function as consultant to the management in aligning business requirements with IT and Information Security requirements; prepare and manage budgets average AED1.2 million
• Develop Security Policies and Procedures. Conduct periodic Reviews of Systems, Network devices, Access Control System Logs, CCTV and business processes.
• Conduct internal vulnerability scans and lead auditing, analyse root cause, create reports for management with suggestions for preventive/corrective actions.
• Liaison with vendors, service providers, external vulnerability/penetration testers and oversee MasterCard, VISA, ISO and other external audits.
Key Achievements:
• Compliance with VISA and MasterCard requirements for card personalization within 4 months and EMV and BS7799/ISO27001 compliance within a year of joining.
• Achieved 14% reduction in operational and management costs by effectively managing IT Operations, Information Security Management System, redesigned IT infrastructure, and access control system, frequent training, well negotiated service contracts and strict SLAs.
• Improved the efficiency of IT Operations by initiating the development of operations manual, asset inventory, problem tracking, scheduled maintenance and training
• Merged and simplified policies and procedures to ease distribution, implementation, review and management; Merged individual audit programs to increase efficiency of VISA, MasterCard and ISO27001 compliance audits
• Developed Risk Management Framework, Incident Response Plan and Cryptographic Key Management documents that were appreciated by VISA and MasterCard auditors as ‘one of the best they have seen’.
• Managed CCTV, Access Control System, Storage, Virtualization, e-statement and EMV projects
Emitac: HP Authorized Service Partner
Key Responsibilities:
• Accountable for providing solutions, pre-sales, project implementation and support.
Key Achievements:
• Supported corporate clients such as SEWA, Sharjah Islamic Financial Services, United Aviation, Sharjah Airport Free Zone, WS Atkins, Belhoul, Dubai Sports City and DFM. Managed projects worth up to 6 million in areas such as share brokerage, hospital, government and construction. Secured over 3 million in business within the first year.
• Highly appreciated by management of SAIF Zone, United Aviations for successful data and application recovery using innovative methods. Promoted to Sr. System Engineer within a year
• Independently designed & installed High Availability Clusters for Messaging, Database & Web
• Successfully implemented Centralized Management and Security of Users, Resources and Access using Active Directory & Group Policy. Designed Multi Domain, Multi Forest, Multi OS, Multi Vendor Networks
• Auditing and Evaluation of Systems, Network and Users. Security/Awareness Training for Users and Management. Helped develop Security Policies to meet Customers’ Business Requirements
IT Support Engineer, United Arab Bank Jan 2002 - Aug 2004
• Actively involved in the Migration of Lotus Domino/Notes to Exchange 2000/Outlook and SQL Server 7.0 to 2000. Designed and Executed NT 4.0 to Windows 2000 Active Directory migration
• Efficiently setup replication of SQL data from H.O. to branch offices which helped improve overall network performance and cut leased line costs
• Extended support to the Audit department in finalizing Information Security Policies and Procedures for the bank
• Initiated inventory of IT Systems/Resources across the bank branch offices & HO in an attempt to cut down the overall IT expenditure and to further improve the Return of Investment (ROI). Involved in IT Budgeting
:::Role included Support, Pre-Sales and Project Implementation:::Telephone and On-Site support for corporate customers such as V-Guard, Manorama, Escotel, BPL, Kochin Refineries Ltd, Catholic Syrian Bank:::Ranked high in the internal employee evaluation program.
Completed Modules & Grades: Computer Communications and Networks - A - Excellent Security Engineering A* - Outstanding Computer Forensics A - Excellent Professional Issues in Computing A - Excellent Computer Structures A - Excellent
Certified Information Systems Security Professional – CISSP Certified Information Systems Auditor – CISA CISM, EC-Council C|CISO Certified in Risk and Information Systems Control - CRISC Symantec Certified Security Practitioner - SCSP Microsoft Certified System Engineer (MCSE): Security Certified Internet Webmaster (CIW) Security Analyst MCSE: Messaging, MCDST, MCDBA, Oracle OCP DBA, Cisco CCNP, CCDP, Citrix CCEA, Solaris SCSA/SCNA, HP AIS/ASE
PMI Project Management Professional Training (PMP) CISA Training Secur Middle East Congress BS25999 Business Continuity Implementation Workshop MOC 2823 - Implementing and Administering Security in a Windows 2003 Network MOC 2824 - Implementing Microsoft Internet Security and Acceleration Server 2004 MOC 2279 - Planning, Implementing, and Maintaining a Windows 2003 Active Directory Citrix Administrator Training