Group Information Security Manager
National Bank of Kuwait
Total years of experience :18 years, 7 Months
Group Information Security Projects and Cyber Security Operations Management
Security Projects, Governance and SOC
• Provide strategic planning in Information Security projects, Enterprise Security Governance, Security Operations management and Incident response with Central Bank’s compliance regulations to ensure maximum reliability.
• Spearheaded creation SOC/Cyber Security Monitoring and Incident response capability across the bank.
• Deliver product management and security services to the business through a regional team.
• Provide IT Project consulting, Stakeholder engagement, and team development to enhance project efficiency.
• Effectively create, review and manage Bank’s policies, standards, standard operating procedures, guidelines, and procedures majorly governing Security Monitoring, Cyber security, Hardware security module (HSM) operations, Patch management and Minimum Security baselines including Incident response plans.
• Expertly facilitate and supervise assessments, audits and pre-post implementation reviews.
• Developed annual IT Security Project plan with IT capital expenditure and staffing needs for Budgetary Planning
• Evaluate requests for pricing/proposals (RFP) for security solutions and vendor management
IT Security Management
• Design, implement and manage LogRhythm SIEM, Centrify PAM, Digital Guardian DLP, Thales HSM, Microsoft IRM (Azure RMS), DDoS protection, File Server Auditing and FireEye Antimalware solutions for the bank.
• Supervise IT Security team responsible for administration of Firewall/IPS, of Bluecoat Proxy, WatchGuard Antispam, Symantec EP, LogRhythm, SIEM, Centrify PAM, F5 ASM, DLP and other security solutions for Bank.
• Effectively plan and deploy new solutions and technologies in areas of intrusion detection and response.
• Provide Asset Inventory, Backup, health-check, Maintenance & Support, and uptime monitoring of solutions.
• Team & Leadership Management, Budget Management and Information Security Project Management.
Managed Security Services Consulting (SOC, SIEM, GRC)
• Decreased security incidents 85 % while designing, implementing and managing SOC operations.
• Increased organizational security by planning for the rollout of strategic initiatives, including cyber threat protection, data loss prevention, bring-your-own-device, cloud and mobile enterprise services.
• Expertly planned and designed security incident management process and security incident response plan.
• Implemented and managed RSA Security Analytics, RSA DLP suite and RSA Archer for Security monitoring.
• Evaluated tools and solutions to enhance operational efficiency and security architecture for YASREF
Information Security Risk Advisory (Audits, Risk Advisory)
• Managed Information Security projects for ISO 27001, IT Security, Application Security and Technology assessments with projects completed on time and under budget.
• Provided IT general controls and process reviews to enhance overall processes and risk assessments.
• Created IT controls framework design and Risk Control Matrix for Risk identification and mitigation reviews.
• Managed IT Governance, Risk and Compliance, and information protection project plans to efficiently implement solutions for BYOD, Cloud and Enterprise MDM solutions.
• Performed IT Security assessments, Technology assessments, Application Security assessments, SAP Security Assessments, Risk Assessments / Risk treatment plan, Business Continuity Planning and Configuration reviews.
• Reviewed and created ISO Policies as per ISO 27001:2013 and conducted IT Security and Internal Audits.
Technology Consulting and Managed Security Services
• Deliver pre-sales and proof-of-concept engagements to design, configure and implement security information and event management (SIEM) around security operations for clients, and service delivery for security projects.
• Supervised managed security services delivery for multiple clients for SOC/SIEM solutions (Trustwave, ArcSight, IBM QRadar, RSA-Envision) including creation of proposals, responding to RFP’s and technical documentation.
• Directed team utilization, effectively meeting customer expectations, and driving completion of items outlined in the Scope of work (SOW) and associated project plans.
Information Security Risk Advisory services
• Consulting for Information Security Risk Advisory projects for ISO 27001 Gap assessments and Technology Assessments and Implementation assistance to customer satisfaction.
• Skillfully performed IT Security Assessments, Technology Assessments, Risk and Internal Controls assessments for Process, Operations, Systems, Applications, Database, Network Security and Third Party Services.
• Conducting IT Security, Business Continuity and SOC Audits.
SOC/SIEM Administration (Lead)
• L2-L3 Support for investigating Security Incidents with Incident Response.
• Created use cases, dashboards, active channels, reports, rules, filters, trends and active lists in ArcSight SIEM.
• Review security logs, content building, analyze security event data, create filters, health checks, upgrades and performance fine tuning of ArcSight SIEM to ensure event data quality and system efficiency and uptime.
Network Security and Application Support (SME)
• Managed and supported network security operations for Fortune 100 client to ensure client satisfaction.
• Administered and monitored Cisco ASA firewalls and Cisco Intrusion prevention systems (IPS), for security configuration, rule-base, documentation and reporting, including firewall fine tuning and maintenance.
CNOC Support Services (Team Lead)
• Delivered operational support for configuration and troubleshooting of routers/switches for Fortune 100 Client.
• Administered and maintained WAN links and uptime monitoring to ensure maximum system uptime.
Global DDI and NTP Security Services
• Increased efficiency 60% by supporting IP address management for bank’s global operations.
• Performed incident response for network-related incidents for the Americas; Europe, Middle East and Africa, and Asia-Pacific operations to enhance security reliability.
• Performed incident response for network-related incidents for the Americas; Europe, Middle East and Africa, and Asia-Pacific operations to enhance security reliability.
Telecom Operations (Nortel, Norstar, NICE, Aspect, Symposium, etc)
• Delivered operational support for Telecom service requests (Symposium, SCCS, NICE, Aspect, Nortel, etc.)
• Coordinated requests with different teams for resolution and service level agreement tracking.
• Documented and tracked daily change requests for banks Enterprise IT division as CAB coordinator.
• Conducted termination database support for terminated employees with strict attention to detail.
• Administered CallPilot solution to support voicemail and application builder related operations.
MCA