Information Security Specialist
Qatar Islamic Bank
Total des années d'expérience :15 years, 0 Mois
Led the development of on-site and cloud security architecture, ensuring compliance with standards. Monitored digital banking projects for security, privacy, and compliance. Conducted assessments on internal and third-party applications, performed risk assessments, and oversaw annual penetration testing services. Reviewed security architecture, managed Security Impact Assessments, and addressed vulnerability reduction in the software development lifecycle. Provided recommendations for security enhancement, analyzed emerging threats, and coordinated security investigations for information systems and applications.
Provided crucial support to the CISO in cybersecurity strategy planning, risk assessment, reporting, and control implementation. Initiated tests and conducted risk assessments to ensure the adequacy of security protocols. Maintained information security policies, procedures, and standards. Accountable for the VA and PT program using both internal and vendor resources. Played a key role in gathering threat and vulnerability information, adjusting scanning strategies, and addressing evolving threat landscapes. Led the DLP system, including policy creation, fine-tuning, incident analysis, participation in investigations, and provision of forensic evidence. Contributed to the resolution of security weaknesses and updated information security program policies, procedures, and standards.
As an Information Security Analyst, I provided hands-on engineering, analysis, and systems integration for the implementation of authentication and authorization, application onboarding, and PKI-related projects. Ensured the proper implementation of Public Key Infrastructure (PKI) and certificate management. Managed information security incidents, creating solution architectures, models, and designs aligned with client operational and security requirements. Responded to user-raised security incidents, addressing phishing attempts, malware outbreaks, and unauthorized access attempts.
Designed, implemented, and documented new information security architectures, standards, and risk analysis methodologies. Evaluated practices and diagrams for security measures. Developed and delivered organization-wide information security programs. Administered network firewalls, messaging security, and internet proxies. Led security measures for information systems, managed endpoint security projects, and supervised network support. Resolved application security issues, managed antivirus systems, and configured firewall IPS, IDS, content filter, email filter, and network access protocol. Oversaw Group Policy, network and system infrastructure, including servers and Active Directory. Handled system administration, networking, and hardware management. Implemented best practices, ensured prompt issue resolution, and maintained user accounts. Managed IT infrastructure, enhanced network performance, and coordinated firewall, router, switch, DHCP, DNS, and VPN activities. Conducted weekly security reviews and ensured policy compliance. Implemented IT infrastructure consolidation. Liaised with department heads to identify and resolve performance bottlenecks.
Computer Application