Information Security – Senior Manager
Confidential
مجموع سنوات الخبرة :16 years, 2 أشهر
• Perform business risk assessment, and manage risk register.
• Manage various teams.
• Ensure compliance with regulators, and maintain Fawry certificates.
• Review Fawry policies and procedures.
• Review current controls’ effectiveness and utilization.
• Perform gap assessment, and implement POC for the proposed solutions
• Review/Enhance the deployed application security architecture.
• Integrate Security into the SDLC.
• Review and maintain Bank policies and procedures.
• Participate in Risk assessment processes.
• Enhance the information security processes and policies.
• Review the Vulnerability Scans and penetration testing and assess the severity of security vulnerabilities.
• Review the Baseline Configurations, perform the Compliance Scans, and assess the discovered Gaps.
• Enhance the deployed application security architecture.
• Advises AUB management Team on risk issues related to information security, and recommends actions in support of the bank’s wider risk management.
• Participate in CAB as an InfoSec member.
• Define, create, implement, review, and maintain corporate policies and procedures.
• Collaborates with risk partners such as operational risk on InfoSec critical priorities.
• Participates in risk management, and business continuity drills.
• Monitors information security trends internal, and external to the bank, and keeps bank leadership informed about information security related.
• Review and enhance the application security architecture.
• Manage Application penetration testing activities with recommended mitigation and closing.
• Mentor and coach new team members.
• Approver for Swift CSP Self-Attestation project.
• Security/Risk assessments of network infrastructure, hosts, and applications - another element of risk management.
• Define, create, implement, and maintain corporate security policies and procedures.
• Monitor IT systems and users constantly to ensure compliance with established computer security protocols (NIST, CIS), CBE regulations, Data Security Standards (PCI DSS, Swift), and Bank Policies.
• Investigate arising incidents, and identify false positives.
• Approver for Swift CSP Self-Attestation project.
• Feed corporate with the latest threats intelligence feeds to mitigate the latest malware.
• Work with the Vulnerability Scan System, and assess the severity of security vulnerabilities.
• Manage the External Audit missions related to organization certificates.
• Implement security solutions for clients.
• Define and analyze clients’ requirements and develop an appropriate solution.
• Manage POC and prototypes.
• Work with the Pre-sales team, and project managers to provide technical support.
• Implement security solutions at EUN and university data centers.
• Monitor multiple security systems.
• Investigate arising incidents, and identified false positives.
• Security technical support and auditing for Egyptian universities, and other customers.
• Editing and applying network security policies for EUN, and Egyptian universities.
• Technical member of tenders’ evaluation team for EUN, ICTP, and Egyptian universities.
• Install and maintain SELTA, and PANASONIC PBX, for some companies and universities.
• Sales and contracting.
• IT support for small and medium-range companies.
• Modify some electronic circuits, as per customer needs.
• Train new members of the team.
MBA – ESLSCA University Intake ESL 71 – Started in Oct 2022 - In Progress
Engineering College – Cairo University Bachelor in Communications and Electronics Engineering, July 2007