Cyber Security Manager
SORFERT SPA FERTILIZER COMPANY $ 2,2 billion
مجموع سنوات الخبرة :17 years, 1 أشهر
Cyber SECURITY lead, and cyber SECURITY group member with SORFERT- FERTIGLOBE world's largest export- focused
nitrogen fertiliser Platforms and largest producer of urea and merchant ammonia.
with accomplished task:
- Group Cybersecurity Insurance
- Development and approval of group cybersecurity policies and kicking off the local endorsements and enforcement
- Designing and deploying trust zero network architecture
- laying out cybersecurity capabilities with Microsoft O365 migration project
- Addressing audit and internal control findings
Execution of roadmap, with each initiative being on a different execution phase, i.e., SOC, Cybersecurity Awareness, PAM, and
vulnerability management
- Laying out the required groundwork to have a group OT/Plant enterprise agreement with a well-known OT cybersecurity leader
Built SORFERT’s on-premise systems solutions and security multi-layering, maintaining, delegating tasks, and upgrading.
A highly skilled and well-seasoned senior level head of systems and security, Microsoft certified professional, Certified information
systems security officer, and Security Architect backed with certification and over 15 years of expertise in planning, designing,
coordinating, implementing and evaluating the effectiveness of systems and enterprise infrastructure, acting as a solution and
security Architect, responsible for the definition and implementation of the systems and Security, oriented multi-site and distributed
solutions.
Recognized and respected as a leader in the IT organization. Evaluate internal security posture, and conduct risk assessment with
report, using appropriate elements framework and tools, from: International Organization for Standardization (ISO) 2700X, ITIL,
COBIT/Risk IT & National Institute of Standards & Technology (NIST), CSET from CISA. Designated as Job Leader for
IT/Security Policies and Controls Framework building and validation with partners- Designed validated and implemented the
architecture of mobility Management and DRP for the company
Designed a tuned predictive SOC IT/OT architecture for the company, with abstract submission to Korea world gas call for
conference 2020 which was delayed to 2022.
Analyze innovative systems and integrate new computers, networks, databases and mobile communications technologies.
Work with and advise team members and customers on best practices, advanced troubleshooting, and future systems designs
update, develop strategies that utilize existing infrastructure to provide enhanced defense to system attacks. Design and
implement system requirements, processes, and design specs based on organizational needs, security/compliance policy, and
industry trends. Designing, implementing and auditing multi-level security, integrity, availability of the company’s data. Designing,
implementing, deploying Enterprise mobility management (EMM), Desing SOC, SIEM automation and Orchestration. Designing,
implementing, and troubleshooting multi-site Active Directory 2003/2008/2012/2016 /2019 environments AND multi-site microsoft
Exchange 2003/2007/2010/2013/2016/2019, and security gateways (ironport email & mobileiron) and site resiliency. Designing,
implementing, and troubleshooting multi-site High Availability, application delivery, reverse-proxy, web application firewalling and
data replication
Designing, implementing, configuring and troubleshooting high availability site to site Exchange server 2016, and cluster cisco
3/10
ironport email security gateway. Designing, implementing, configuring and troubleshooting site to site SCCM 2019, SCOM 2019,
SVMM2019 and storage area networks. Evaluate environments and recommend best practice solutions. Designing, implementing
backup plan and solution for multisite with database replication. Virtualization technologies including VMware ESXi, Hyper-V
Clustering. Expertise in routing and switching technology and terminology as well as the OSI model. Proficient with Storage
solutions. Strong technical experience with all Microsoft enterprise products, Hyper-V, KempTechnology, F5/FORTINET/Cisco
(email security/Web security/ identity security)/Sonicwall firewalls, Microsoft Server, and SAN technologies.
SSL WILDCARD CA Certification, SPF, DKIM, DMARC, PTR, TLS, SSL, PKI, DLP, Encryption
Enterprise Mobility Management (MobileIron, SOTI, BlackBerry, Microsoft Intune, Citrix)
Application delivery control and availability solutions, ESP, WAF, F5 BIG IP LTM, Geographical load balancing, Kemp
LoadMaster, Geo Master, Radware, Fortinet, Barracuda ADC, HAProxy, reverse proxy. Monitoring & analysis: fortisiem, events
logs, SCOM, Splunk, Qradar, Automation thread response and orchestration with Splunk Phantom, fortisiem, labels with python
On-premise deployment of upload and transfer solution nextcloud and linshare
Elaboration et conception de l'infrastructure systèmes de l'entreprise. deux sites Actif.
Déploiement de la messagerie exchange 2010 en multisites, administration et suivie avec résolution des pannes
AD directory, DNS, SCCM, SCOM, EXCHANGE, backup/replique, SAN/NAS, Application en deux site actif /actif
Déploiement SCCM 2007 en multisite pour la gestion de l'asset information, administration et orchestration des taches sur un parc de 600 PC et 60 serveurs
design des noms de domaines et du schéma master, déploiement de l'architecture directories pour l'ensemble du groupe, local et site distant, créations des relations d'approbations
supervisons des performances et des pannes avec SCOM et nagios
Conception et design de l'architecture mobility pour le groupe, déploiement de solution mobileiron pour la gestion de la conformité du parc mobile
design et déploiement de l'Endpoint protection pour le groupe
création des policy et procédures au niveau master et insertion sur tous le parc du groupe
- Déploiement des solution gateway\passerelles de sécurité frontale email gateway cisco ironport en cluster
- Design datacenter hyperconvergés hp blade system
- Déploiement et administration d'HP Dataprotector pour la sauvegardes des donnés
- attribution des droits d'accès, création des gpo
- Gestions des sites web de la company
- Gestion des vulnérabilité et maintien a jours tout les systèmes.
Central Processing Facility ELMERK project bloc 208 lot 1&7 (Anadarko & Sonatrach, HASSI BERKINE, Algeria, in Desert of
Algeria), Project IT Manager from August 2009 to Mars 2012 with mission building company's IT infrastructure from end to end
infrastructure building
solutions architecture
Strategic / Tactical planning
Budget Management
Team Building
Project Management
Vendor negotiations
Staff training and development
Policy / Program Development
Staffing / Employee Relations
- Build IT solutions and facilities from end to end
- Designing and definition of IT needs for the entire Project.
- Planning, realization and implementation of all IT procedures.
- Ensuring continuity of IT services (7 / 7).
- Participation in the implementation of new IT systems in collaboration with suppliers.
- Managing All the IT Needs.
- Participation in the preparation of budgets, control IT costs and reporting activities.
- Ensure coordination with subsidiaries
IT engineer Support level 2 and 3 for the project
- Reporting to the company Head office at Algiers
- Supported and maintained LAN/WAN and related equipment.
- Exchange 2007 messaging multisite administration and security gateway instalation and administration.
- Diagnosed and resolved all network related issues.
- Created and made changes to end user accounts.
- Designed and implemented a Microsoft SQL 2008 server database greatly improving record keeping and access to records.
- Monitored daily backups, antivirus status, shared storage space and network activity, adjusting network equipment and settings
as needed.
- Designed, managed and maintained group policies.
- Developed and supported custom backend software for use of job tracking, inventory, shipping and workflow management.
- Analyzed and revamped antiquated and inefficient processes to increase productivity while bringing in newer and more efficient
technologies. Brought the company and network up to industry standards, ensuring 99% uptime.
Assuring internet backbone cover and distribution for west Algeria area including connexion for Oran, tlemcen, sidi belabbes,
temouchent, mascara, arzew and mostaganem)
Skilled in the design and deployment of large scale local and wide area network systems including TCP/IP, Subnetting, DNS,
DHCP, xDSL, T1 and DS3.
Extreme attention to detail, capable of thinking independently and quickly resolving critical network issues.
Expertise with Cisco systems.
Recognized for exceptional analytical and problem solving skills with a proven ability to identify and resolve root cause outages or
performance issues.
Design and maintain comprehensive reports on capacity utilization and load balancing.
Implement layer 3 routing and layer 2 switching with dynamic routing protocols.
Set up and configure security systems,
manage domains registrations
- Designing, implementing, and troubleshooting multi-site and metropolitain WAN environments
- Administration internet backbone of west Algeria, installing, deployment of professional solution (Vsat connection, FH, LS,
FTTH…. for big company.
- Cisco router, firewall, switch, and access point configuration and management.
Extensive knowledge of MPLS, BGP, and OSPF.
Expertise in routing and switching technology and terminology as well as the OSI model and how it applies to telecommunications.
- Configuring, administering Cisco’s Gateways
- Monitoring, Problems Troubleshooting, detection and resolving
- Deploying NEC transmission solutions for Operators ( djezzy, Nedjma, mobilis..)
- installing rack servers and optical fiber
- Deployement of Telecom Solutions, dish & gateways for Telecom operators.
- Wide transmission coverage solutions.
Computer sciences engineer, specialized in distributed systems engineering discipline with expertise in grid computing architecture, conception, implementation and deployement.