Senior Technical Architect
Black Arrow Security System & Services W.L.L
مجموع سنوات الخبرة :16 years, 8 أشهر
Develop, Maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
Systematically examine the organizations information security risks, taking account of threat, vulnerability and impacts.
Maintain and update security systems application & IT Tools to ensure their effectiveness in detect and responding security threat.Developing and implementing a cyber security strategy.
Monitoring for vulnerabilities and risks in existing software and systems.
Installing and testing new security measures. Testing new security measures.
Manage the design deliverables from client and designers to Contractors.
Document and report security incidents, including root cause analysis and recommended remediation steps and Analyze logs and alerts generated by security systems to identify and respond to potential security incidents.
Report all audit findings to the clients’ management team and ensure that corrective action plans are implemented accordingly.
Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.
At starting Site Survey, Installation of Security Devices and finalize it with Software Commissioning with Proper Handover to Client.
Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
Support Concern department in all integration aspects & appropriate co-ordination.
Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
Total 15+ Years’ Experience for Handling IT Lead Implementer, GRC, Risk Management, Projects Operation, Management, Commissioning & Maintenance.
Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
Manage the enterprise's information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance management & performance reviews.
Create and manage IT security and risk management awareness training programs for all employees, contractors and approved system users.
Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
Provide strategic risk guidance for IT projects, Security Systems, including the evaluation and recommendation of technical controls.
Liaise with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
Liaise among the information security team and corporate compliance, audit, legal and HR management teams as required.
Identify and manage interfaces with other subsystems & support in integrating ACS, VMS, Milestone & VCA.
Support Concern department in all integration aspects & appropriate co-ordination.
Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
Develop key Security, Risk and Compliance reporting metrics to ensure progress on these programs is managed and understood by the leadership.
Hand on experience with RSA Archer, Fusion GRC Tool.
Hand on experience on VAPT testing Tool (NMAP, Astra, Nessus).
Liaise with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
Liaise among the information security team and corporate compliance, audit, legal and HR management teams as required.
Identify and manage interfaces with other subsystems & support in integrating ACS, CCTV and Milestone & VCA.
Support Concern department in all integration aspects & appropriate co-ordination.
Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation
Monitor the risks by developing robust risk scoring models specific to the individual organizational requirements.
Provide guidance to the employees with respect to the organizational risk assessment methodology in order to ensure that the procedures followed by them are in line with the ERM policy.
Develop, implement and monitor a strategic, comprehensive information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
Manage the enterprise's information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance management & performance reviews.
Create and manage IT security Systems and risk management awareness training programs for all employees, contractors and approved system users.
Develop key Security, Risk and Compliance reporting metrics to ensure progress on these programs is managed and understood by the leadership.
Hand on experience with RSA Archer, Fusion GRC Tool.
Hand on experience on VAPT testing Tool (NMAP, Astra, Nessus).
Liaise with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
Liaise among the information security team and corporate compliance, audit, legal and HR management teams as required.
Identify and manage interfaces with other subsystems & support in integrating ACS, CCTV and Milestone & VCA.
Support Concern department in all integration aspects & appropriate co-ordination.
Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation
Monitor the risks by developing robust risk scoring models specific to the individual organizational requirements.
Provide guidance to the employees with respect to the organizational risk assessment methodology in order to ensure that the procedures followed by them are in line with the ERM policy.
Develop, implement and monitor a strategic, comprehensive information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
Manage the enterprise's information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance management & performance reviews.
Create and manage IT security Systems and risk management awareness training programs for all employees, contractors and approved system users.
The New
I HAVE DONE BTECH AT BRAND OF Electronics & Communication FROM UPTU.
•I Have done DIPLOMA at the branch of Electronics & Communication from UTTRAKHAND University in 2004.