Bayt.com

كلما زادت طلبات التقديم التي ترسلينها، زادت فرصك في الحصول على وظيفة!

إليك لمحة عن معدل نشاط الباحثات عن عمل خلال الشهر الماضي:

عدد الفرص التي تم تصفحها

عدد الطلبات التي تم تقديمها

استمري في التصفح والتقديم لزيادة فرصك في الحصول على وظيفة!

هل تبحثين عن جهات توظيف لها سجل مثبت في دعم وتمكين النساء؟

اضغطي هنا لاكتشاف الفرص المتاحة الآن!
نُقدّر رأيكِ

ندعوكِ للمشاركة في استطلاع مصمّم لمساعدة الباحثين على فهم أفضل الطرق لربط الباحثات عن عمل بالوظائف التي يبحثن عنها.

هل ترغبين في المشاركة؟

في حال تم اختياركِ، سنتواصل معكِ عبر البريد الإلكتروني لتزويدكِ بالتفاصيل والتعليمات الخاصة بالمشاركة.

ستحصلين على مبلغ 7 دولارات مقابل إجابتك على الاستطلاع.


تم إلغاء حظر المستخدم بنجاح
سراج شمس الدين, Information Security Manager

سراج شمس الدين

Information Security Manager·Qatar Islamic Bank

قطر

بكالوريوس, Computer Application

الخبرة العملية

مجموع سنوات الخبرة: 16 سنوات, 6 أشهر

Information Security Manager

نوفمبر 2020 - حتى الآن

Qatar Islamic Bank

الدوحة، قطر

نوفمبر 2020 - حتى الآن

• Continuously assess and identify vulnerabilities in cloud infrastructure, collaborating with engineers to design and
implement solutions, leading remediation efforts that strengthen the overall security posture and minimize potential data
breaches.
• Lead penetration testing for internal and external applications, documenting and mitigating vulnerabilities, and ensuring
PCI compliance, resulting in enhanced application security.
• Design and implement security architecture for the banks systems, ensuring continuous compliance with industry standards
throughout the lifecycle, which enhances protection against cyber threats and mitigates security risks.
• Conduct threat modeling, risk assessments, and security audits, implementing encryption, authentication, and access
controls to protect sensitive data, thus reducing exposure to potential threats.
• Manage ongoing vulnerability identification and reporting, advising on prioritization and maintaining the vulnerability
management solution to ensure timely remediation and mitigate risks.
• Lead security hardening benchmarks (CIS, NIST), perform regular audits, and provide detailed reports to the Risk
Management Committee, which enhances security measures and strengthens risk mitigation strategies. Integrate security
testing and requirements into the DevSecOps pipeline, minimizing risks and reducing attack surfaces during the application
development cycle, ensuring more secure deployments.
• Monitor the external threat landscape, analyzing findings to adapt security strategies and improve the organizations
security posture based on emerging threats.
• Oversee brand protection measures, providing weekly dashboards and reports with KPIs to track effectiveness and optimize
security initiatives, resulting in better brand security management.
• Document security risk items, vulnerabilities, and audits in the Operational Risk Management System (ORMS), ensuring
accurate and timely reporting, which improves risk visibility and compliance.
• Ensure ongoing compliance with regulatory guidelines and InfoSec policies, maintaining alignment with industry standards,
which minimizes legal and financial risks for the organization.
مجال الشركة:
البنوك
الدور الوظيفي:
تكنولوجيا المعلومات

Information Security Governance Officer

يناير 2017 - أكتوبر 2020

Commercial Bank Qatar

الدوحة، قطر

يناير 2017 - أكتوبر 2020

• Maintained and updated information security policies and procedures, ensuring regulatory compliance and improving
security practices.
• Adjusted scanning strategies to address evolving threats, enabling proactive risk identification and improved threat
mitigation.
• Led the Data Loss Prevention (DLP) system, creating policies, analyzing incidents, and providing forensic evidence to
strengthen incident response.
• Conducted risk assessments, identifying vulnerabilities and recommending improvements to strengthen security protocols
• Resolved security weaknesses, ensuring faster remediation and minimizing security risks.
• Refined information security program policies, ensuring continuous improvement and alignment with best cybersecurity
practices.
• Supported the CISO in strategic planning, risk assessment, and cybersecurity controls, aligning with organizational goals to
enhance security posture.
مجال الشركة:
البنوك

Security Analyst

أكتوبر 2015 - أغسطس 2016

ShiftPoint L.L.C

الدوحة، قطر

أكتوبر 2015 - أغسطس 2016

• Supported the CISO in strategic planning, risk assessment, reporting, and the implementation of cybersecurity controls.
• Initiated and conducted risk assessments to ensure the adequacy of security protocols.
• Played a key role in maintaining and updating information security policies, procedures, and standards.
• Managed the Vulnerability Assessment (VA) and Penetration Testing (PT) programs using both internal and external
resources. Gathered requirements for threat and vulnerability information, adjusted scanning strategies, and addressed evolving
threat landscapes.
• Led the Data Loss Prevention (DLP) system, including policy creation, incident analysis, and participation in
investigations, providing forensic evidence as needed.
مجال الشركة:
خدمات تكنولوجيا المعلومات
الدور الوظيفي:
تكنولوجيا المعلومات

Information Security Analyst

أكتوبر 2015 - يناير 2016

ShiftPoint L.L.C.

الدوحة، قطر

أكتوبر 2015 - يناير 2016

• Served as an Information Security Analyst, providing hands-on engineering, analysis, and systems integration to implement
authentication and authorization solutions, application onboarding, and PKI-related projects, ensuring robust security
measures and streamlined access control processes.
• Ensured the proper implementation of Public Key Infrastructure (PKI) and certificate management, guaranteeing secure
data transmission and enhanced encryption across the organization.
• Handled information security incidents by creating solution architectures, models, and designs that met client operational
and security needs, resulting in effective mitigation of risks and improved overall security resilience.
مجال الشركة:
أمن المعلومات و الشبكات

Network Administrator

ديسمبر 2007 - يناير 2014

Al Darwish Engineering

الدوحة، قطر

ديسمبر 2007 - يناير 2014

• Responsible for installing and maintaining firewalls and security software to safeguard personal user data.
• Focused on developing protection plans to prevent accidental modifications and unauthorized access to sensitive files
and data.
• Oversee the planning, configuration, and management of information security procedures, including the
administration of the enterprise antivirus manager.
• Accountable for executing and supporting vulnerability scanning programs, including configuring scan sites,
• Provided effective resolutions to identified security weaknesses.
• Updated and refined information security program policies, procedures, and standards.
scheduling scans, generating reports, and interpreting results.
• Responsible for managing Group Policy to establish user rights and privileges for data access.
مجال الشركة:
البناء والتشييد

التعليم

Mahatma Gandhi University

أبريل 2024

أبريل 2024

بكالوريوس، Computer Application

الهند

ICFAI University Tripura

ديسمبر 2021

ديسمبر 2021

ماجستير، Master of Business Administration in IT and Systems

الهند

Mahatma Gandhi University

مايو 2007

مايو 2007

بكالوريوس، Computer Applications

الهند

المعدل التراكمي (التقدير): جيد جداً

المعدل التراكمي (التقدير): جيد جداً

Computer Application

Skills

Cyber Security
Expert
Cyber Security
Expert
Security Architecture Design
Expert
Security Architecture Design
Expert
Application Security
Expert
Application Security
Expert
Security Policy Development
Expert
Security Policy Development
Expert
Endpoint Security
Expert
Endpoint Security
Expert
Zero Trust - ZTNA
Expert
Zero Trust - ZTNA
Expert
LEADERSHIP
Intermediate
LEADERSHIP
Intermediate
INFORMATION SECURITY MANAGEMENT
Intermediate
INFORMATION SECURITY MANAGEMENT
Intermediate
INTERIOR ARCHITECTURE
Intermediate
INTERIOR ARCHITECTURE
Intermediate
BUSINESS RISK MANAGEMENT
Intermediate
BUSINESS RISK MANAGEMENT
Intermediate
BANKING SOFTWARE
Intermediate
BANKING SOFTWARE
Intermediate
GOVERNANCE
Intermediate
GOVERNANCE
Intermediate
RISK MANAGEMENT
Intermediate
RISK MANAGEMENT
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
Information Security Architecture
Expert
Information Security Architecture
Expert
Risk Analysis and Mitigation
Expert
Risk Analysis and Mitigation
Expert
Cloud Security
Expert
Cloud Security
Expert
Data Encryption
Expert
Data Encryption
Expert
Security Analytics
Expert
Security Analytics
Expert
Secure System Configuration
Expert
Secure System Configuration
Expert
Security Automation
Expert
Security Automation
Expert
COMPUTER SECURITY
Intermediate
COMPUTER SECURITY
Intermediate
GRAPHIC DESIGN
Intermediate
GRAPHIC DESIGN
Intermediate
COMPONENT BASED SOFTWARE ENGINEERING
Intermediate
COMPONENT BASED SOFTWARE ENGINEERING
Intermediate
NETWORK ARCHITECTURE
Intermediate
NETWORK ARCHITECTURE
Intermediate
CLOUD SECURITY
Intermediate
CLOUD SECURITY
Intermediate
IDENTITY AND ACCESS MANAGEMENT
Intermediate
IDENTITY AND ACCESS MANAGEMENT
Intermediate
Vulnerability Management
Expert
Vulnerability Management
Expert
Web Application Security
Expert
Web Application Security
Expert
Network Security
Expert
Network Security
Expert
Security Governance
Expert
Security Governance
Expert
Intrusion Detection and Prevention Systems (IDPS)
Expert
Intrusion Detection and Prevention Systems (IDPS)
Expert
Security Risk Assessment
Expert
Security Risk Assessment
Expert
Security Patch Management
Expert
Security Patch Management
Expert
Threat Intelligence
Expert
Threat Intelligence
Expert
Security Auditing
Expert
Security Auditing
Expert
Disaster Recovery Planning
Expert
Disaster Recovery Planning
Expert
Security Metrics and Reporting
Expert
Security Metrics and Reporting
Expert
Penetration Testing
Expert
Penetration Testing
Expert
Business Continuity Planning
Expert
Business Continuity Planning
Expert
Security Consulting
Expert
Security Consulting
Expert
Authentication and Authorization
Expert
Authentication and Authorization
Expert
Identity and Access Management (IAM)
Expert
Identity and Access Management (IAM)
Expert
Secure Network Design
Expert
Secure Network Design
Expert
Data Classification
Expert
Data Classification
Expert
Defence in Depth
Expert
Defence in Depth
Expert
Security Incident Response
Expert
Security Incident Response
Expert
Vulnerability Assessment
Expert
Vulnerability Assessment
Expert
Security Awareness Training
Expert
Security Awareness Training
Expert
Security Compliance
Expert
Security Compliance
Expert
Cryptography
Expert
Cryptography
Expert
Firewall Configuration and Managemen
Expert
Firewall Configuration and Managemen
Expert
Web Security
Expert
Web Security
Expert
Secure Software Development
Expert
Secure Software Development
Expert
Application Security
Expert
Application Security
Expert
Data Protection
Expert
Data Protection
Expert
Azure Security
Expert
Azure Security
Expert
SASE
Expert
SASE
Expert
Risk Assessment
Expert
Risk Assessment
Expert
Data Loss Prevention
Expert
Data Loss Prevention
Expert

اللغات

الانجليزية

متمرّس

التدريب و الشهادات

الشهادات
ITIL V3 Foundation
Feb 2010
CompTIA Security+
Mar 2010
Certified Ethical Hacker (CEH)
May 2015
Certified Force-Point DLP Administrator
Jul 2018
Information Systems Security Architecture Professional (CISSP-ISSAP)
May 2023 - Jun 2026
Certificate of Cloud Security Knowledge (CCSK)
Nov 2022
Certified Security Blue Team Level 1
Jun 2023
Certified Information Systems Security Professional (CISSP)
Jun 2019 - Jun 2025

الهوايات والاهتمامات

Playing Football

.