Inofrmation security consultant
Ahli United Bank - Kuwait
Total years of experience :12 years, 3 Months
Assist the bank to achieve and maintain the different compliance certificates on timely basis
like PCI-DSS, SWIFT CSF, CBK CSF, ISO 27001.
Ensure the bank’s assets and departments under the scope meet the different compliance and
regulatory requirement and help to implement and achieve the controls.
Initiate and coordinate with the internal and external audit requirements for Information
Security.
Create policy, standard and procedure documents for the information security unit to
implement the framework and controls.
Plan and map the objectives, KPI and KRI for cyber security in accordance with the strategy of
the information security unit.
Conduct risk assessments for new or emerging technologies to be set up in the bank.
Analysis of daily requests like firewall, internet and approve based on the business
requirements and the risks involved.
Assess the residual risks for any non-compliance, follow the risk approval procedure with the
management and keep the management aware of the Risk acceptance currently in place by
tracking on regular basis.
Develop security baselines for different technology or solutions like Operating systems, Web
Servers, Network devices, Firewalls etc.
Conduct regular configuration review for the network devices like Firewall, router, switch,
mail gateway, DNS, WAF and security solutions.
Regularly check the OS or technologies if they meet the minimum security baseline set by the
organization.
Conduct a Vulnerability Assessment plan for the internal and external systems of the Bank on a
monthly basis.
Define the scope, use case for the penetration tests and coordinate with the vendors to be
completed on a timely basis.
Analyze and provide insight to the IT team for security vulnerabilities which are present in the
bank and ensure vulnerabilities are addressed in timely manner.
Develop use cases for different security solutions like Network access control, Data loss
prevention, IPS, end point security, file monitoring system, privileged access monitoring.
Monitor and analyze the events received from SOC and other security solutions to identify the
incidents and coordinate the progress of incident within the approved SLA.
Prepare and record detailed incident reports.
Collect threat feeds from various sources and coordinate to remediate the threats within the
defined SLA.
Prepare information security weekly reports for the management committee to be present the
security posture of the organization.
Conduct regular meetings with the management to identify gaps and provide solutions to
optimize the processes or controls set in place.
Prepare quarterly and monthly reports for the Board risk committee and Operational risk
committee to keep them informed about progress, achievements and risks related to
information security.
Gather business requirements and objectives from stakeholders to produce a blueprint for an
integrated network and make a business case to advocate necessary investments to support the
deployment.
Conduct POC from different vendors for different security solutions such as NGFW, IPS,
UTM, DLP, Email gateway, Load balancers and assess products prior procurement.
Develop configuration templates, baselines and processes based on industry best practices for
all network and security devices.
Replaced the existing proxy solution and was kept transparent to the end users. Also integrated
with the DLP solution to protect sensitive data being leaked.
Good knowledge related to PCI / Swift compliancy requirements.
Design and implement network infrastructure for business continuity to ensure resilient and
highly available networks.
Plan, design, implement and refine disaster recovery methods for network and network
security infrastructure. Implement and test solutions at regular intervals and keep track of
shortcomings.
Performing self-security assessment for audit / PCI of the network and security devices on
regular basis.
Work closely with the audit team and guide them to understand the shortcomings of current
infrastructure and closing the gaps on the audit issues raised.
Actively working on to close any security vulnerabilities related to devices or technologies.
Keep track of asset inventory of all network and security devices with complete details
including licenses, EOL devices etc.
Maintain and regularly update high and low level network infrastructure diagrams.
Prepare and keep an updated operational and DR procedures with escalation matrix.
Intrusion Prevent System - redesign the current tapping point to have efficient detection
system.
Web Application Firewall - monitor and look for security vulnerability on critical services and
accordingly modify the security policy as per service requirements.
Net Optics network tapping solution - configure the tap to use for IPS and other monitoring
devices
Managing site-to-site VPN connectivity with 3rd party, clients and vendors.
Implement and manage client VPN to securely connect to the banks network remotely.
External DNS server management.
Daily operational tasks related to network and security devices for local and international
branches.
Actively participate in mitigating the cyber security attacks and document operational
procedures for different incidents etc.
Perform quarterly health check for different network and security appliances.
Work closely for closing gaps related to PCI, swift and Central bank requirements and advice
on any infrastructure or design changes with regards to the compliance.
Manage, maintain and monitor the links related to internet and 3rd party leased connections.
Maintain the backup and monitoring solutions for network infrastructure devices.
Liaise with the ISP, telecom, vendors or consultants for any issues or requirements