IT Security Specialist
Kuwait Finance House
Total years of experience :26 years, 11 Months
Acting Vulnerability Assessment / Penetration Testing Head - IT Security Specialist
• Managing the IT Security Vulnerability Management including:
Conducting Security Vulnerability assessment on the bank systems (production and per-production)
Continue security assessment to identify weaknesses and vulnerabilities within the system and proposing/implementing countermeasures.
Integration of security tools with build environments to ensure iterative scanning during the Secure-SDLC.
Conducting security assessment over all changes on the live / production systems
Conducted penetration testing of the bank systems (web application, O.S and network)
Consulting on vulnerability remediation on multiple platforms (Windows and Unix)
Designing of minimum security baseline documents for system
Designing O.S and application Security hardening Guide (OWASP, NIST, CIS, DISA).
Providing formal security assessment report for each application / System.
Patch management.
• Vendor selection exercise for security software and products.
• PCI DSS
• Carried out security incident management, root cause analysis.
• Ensure complaining with the Bank Information Security Policy and Procedure
• Security auditing business applications in the areas of banking and finance which includes online Web application, internet, core banking application and payment gateways etc.
• Developed Application Security testing framework for the organization, consisting of methodology, vulnerability database, test plans and reporting structure.
• Audit planning, fieldwork and reporting for information technology, information security, system and integrated audit engagements; assess business / technology risks and the related controls and then provide practical, value-added remediation plans
• Prepare audit reports that accurately summarize the most significant control weaknesses and resulting impacts to the organization
• Participate in multiple and simultaneous risk-based audits, while maintaining departmental quality standards. Function as part of a team or operate independently as required
• Represent Corporate Audit on company initiatives and special projects
• Understand the organization and develop relationships to provide value-added solutions and best-practices
• Assist in developing and executing annual audit plans focused on the most significant risks in the audit universe
• Verifying of the Bank current IT and security controls line up with the standards and/or Vendor Best Practices based on international standard.
• Verifying of The IT process includes procedures to collect and examine controls which impact the effectiveness and help identify deficiencies in the Information Security Program. Additionally, the examination process includes the ability to archive supporting data, documentation, and evidence that is used to support the conclusions with clear audit trails.
Trace IT and IT Security Audit process that is help evaluate the effectiveness of and adherence to your organization’s Information Security Policy controls such as; (Virtualization environment, Authentication and Access Controls, Network/Host/Application Security, Physical & Personnel Security, Encryption and Data Security)
- Assist in management and mitigation risks related to the bank's information systems and comply with central bank regulations related to information systems.
• Conducting periodic information risk assessments to identify current and future security vulnerabilities, determine level of risk which is acceptable to management and recommend the best ways to reduce information security risks to acceptable level.
• Handling Information Security & IT audits conducted by internal & external entities
• Assist in identifying information systems risks and assist in establishing procedures to mitigate any breach.
• Implement and assist in periodically updating IT security policy.
• Ensure that policies are strictly complied with and enforced across all bank's activities.
• Identify solutions to mitigate information systems risks.
• Provide solutions to information security problems.
• Evaluate, Implement and Manage network security devices (FWSM, Firewall, WEB Proxy, WAF, IPS etc.).
• Prepare periodically security management reports.
• Assist in creating and reviewing systems roles and profiles.
• Manage critical systems and application access control.
• Designing and Implementing Enterprise Information Security, including IT Infrastructure Security Monitoring, Web Filtering, End Point Security, Vulnerability Management, Patch Management, etc.
• Conducting periodic information risk assessments to identify current and future security vulnerabilities, determine level of risk which is acceptable to management and recommend the best ways to reduce information security risks to acceptable level.
• Identifying security violations, security risks and vulnerabilities and reporting it to the attention of the Management.
• Coordinate and direct the development, management approval, implementation, and promulgation of objectives, goals, policies, standards, guidelines, and other requirements needed to support technology risk initiatives in the bank.
• Developing Security Incident Management Methodologies based on industry best practices.
• Adopt a security assessment Activity for all new projects
• Recommend security controls which help to elevate the security posture of the systems
• Penetration Test to Evaluate the computer System/Network Security
• SOA Security infrastructure design.
• Incidents and Risk management
• Evaluating new Security Systems/Network/Application Appliances and Software include (Web Application Firewall, IPS, Unified Firewall and Logs coloration and Reporting)
• Perform Security assessment and Hardening Systems/Applications include (Web Server, Application, Unix/Linux Server, Virtualization environment and Microsoft Windows/Exchange/DNSSEC/AD)
• GPO Design and Implement for Enterprise
• Worked in the Doha Asian Games 2006 as Video over IP Engineer "Media Links MD6000"
• Design and implement security solutions for systems / networks
• Implement security baseline, policy and procedures for systems (MS servers 2000/2003 include DNS, DHCP, Active Directory, IIS, IAS, GPO, RRAS and NLB/Cluster - exchange 2000/2003 and MS ISA 2000/2004)
• Provide systems security vulnerability, threat and risk rating Assessment.
• Provide support for Systems and Network
• Design .Configure & maintain CISCO routers, switches, CISCO Firewalls and Juniper NS and SSG.
• LAN/ WAN network infrastructure designing, installing, configuring, troubleshooting and administering.
• Plan design, implement and administer MS-Exchange 2003 email system, windows Active Directory, DNS, DHCP
• Plan, design, implement, support and administer IDPs and VPN
•LAN/ WAN network infrastructure designing, installing, configuring, troubleshooting and administering.
•Managing wireless LINKSYS ADSL router and CISCO switches
•Plan design, implement and administer MS-Exchange 2003 email system, windows Active Directory, DNS, DHCP
•Plan, design, implement, support and administer MS-ISA 2004 and RADIUS.
•Backup and restore servers using VERITAS software V9.0
•Design, prepare and apply LAN/ WAN policies and procedures
•Installing, configuring and managing Trend Micro Office Scan Enterprise Edition, including (Client, Server, Interwall and Mail protection
•LAN/ WAN network infrastructure designing, installing, configuring, troubleshooting and administering using CISCO routers, switches and CISCO PIX Firewall.
•Plan design, implement and administer MS-Exchange email system, domains, and active directory services.
•Plan, design, implement, support and administer MS-ISA, and MS-SQL Server servers.
•Backup / Restore using VERITAS Backup Solution.
•Installing, configuring and managing Trend Micro Office Scan Enterprise Edition, including (Client, Server, Firewall, and Mail Protection).
•LAN/ WAN network infrastructure designing, installing, configuring, troubleshooting and administering using CISCO routers and switches.
•Plan design, implement and administer MS-Exchange email system, domains, and active directory services.
•Plan, design, implement, support and administrate MS-ISA, and MS-SQL Server servers.
•Installing, configuring and managing MCafee Enterprise Edition.
•Design and implementing policies.
•Act as lead manager on PCs/ Networking projects overseeing quality assurance, technical support, and customer interface.
•Provide technical expertise to those who need assistance in PCs and networking implementation and maintenance.
•Plan and schedule work orders and the team to specific customer projects.
•Installation, upgrading, networking, application installation, software and hardware configuration.
•Prepare network solution for clients.
•Provide technical support for PCs hardware / software, servers and networks.
•Designed, implemented and administered LANs using Windows NT Networking.
•Configured and maintained CISCO routers and switches.