Manager
National Bank of Oman
مجموع سنوات الخبرة :16 years, 1 أشهر
Job Responsibilities:
Manage complete enterprise level security infrastructure
Implements information security policies and procedures for the organization
Davelop best practices for application coding also ensure code review and assessment .
Review all system-related security plans throughout the organization and ace as a liason to ISO
department
Intiaites, Facilitate and promotes activities to create information security awareness within
organization
Ensuting adequate internal action and timely response for security related incidents
Leads or Comissions activities relating to contingency planning, business continuity management
and IT disaster recovery in conjunction with relevant functions and third parties.
Monitors compliance with information security policies and procedures and referring
concerns/issues to the appropriate department manager
Serves as internal information secueiry consultant to the organization
Conducts periodic Vulnerability & pentetration test on application and infrastructure systems
Manger all Infrastructure security appliances ( FW.VPN, IPS etc )
“ Wipro Arabia
Prepare the technical solution and cost build output and provide technical risk assessment.
Improve the technical competence of the Technical Design community in global environment
Support large & complex contracts during the design and delivery phase.
Facilitate pull through business in a sales /technical consultancy role.
This includes system study of Client’s infrastructure, understanding Client requirements,
providing best security solutions to Client, implementation of recommended security solutions
and managing the same, Vulnerability Analysis and penetration testing.
Security Design and Implementation troubleshooting of security devices, Implementation
Management & Up gradation of Security appliances. Security log Analysis, Problem Management,
RFC management.
Responsible for providing security solutions in the area of Managed Security Services for more
than 50 clients (Banking, Retailers, Telecom etc...).
Hands on experience on ASA, Palo Alto, Checkpoint R60, R70, R71, NetScreen, SRX, Nortel
Contivity, Microsoft ISA, Bluecoat, Iron Port, TrendMicro IMSS, IMSSVA, IWSS, ISA 2006,
Websense, SurfControl, Watch Guard Firewall
Handling escalated calls and problem calls
Responsibilities include working on escalated and high priority calls, Periodic fine-
tuning/Hardening of Security devices, Capacity planning, Risk assessment and mitigation
registers - Recommendations and Implementation, Infrastructure auditing and implementing
improved infrastructure designs, Recommend and implement Product up-gradations, New
implementations and Major changes, Call Trend analysis etc.
Providing RCA for all major incidents by thorough analysis and by involving principal vendor.
Documenting the work around or permanent solution .
Ensuring smooth transition (migration) plan of existing configuration from one type of firewall
and proxy to another.
Configuring the Firewalls of various flavors like Fortigate, Checkpoint (Nokia, UTM, SPLAT etc),
Cisco ASA, IPS, PIX and Microsoft ISA 2006
Implementation and Management of Clusters / Load Balancers (High availability), failover
solutions using firewalls.
Review the Firewall rules for the compliance check.
Identifying the strengths and weaknesses of individuals and ways to improve working conditions
without affecting team morale.
Configuring and reviewing the changes of all security devices for all customer.
Troubleshooting S2S VPN connectivity issue for ODCs and C2S VPN connectivity for the end users
to connect to the Client VPN Servers.
Closure of Non-compliance in internal / client audits.
Raising vendor ticket for unknown and abnormal incidents and thereby deriving solutions or
workarounds.
Creation of Standard Operating Procedure (SOP) for the Security Domain.
Automation of tasks - Firewall Configuration Backup, Syslog Management, Hardening ISA
Firewalls etc., through scripts.
Log analysis of abnormal / suspicious traffic notified either by Arcsight agent or by Standard
firewall alerts configured. Remedial measures taken against the findings with the help of
principal vendors.
Responsible for ensuring the Organizations Gateway IT Security compliance.
Managing Fortigate, ASA, PIX, checkpoint firewalls, Proxy and URL filtering servers.
Managing proxy services for all customer.
Designed and implemented Bluecoat load balancing for internet usage
Configured proxy bandwidth control using Bluecoat in customer location
Implemented Websense remote filtering server for laptop users
Requirement Analysis, High Level Test Planning and Kick off meetings with Client.
Tracking the information of all signatures update and version control of IOS of network devices.
Validating and creation of access lists on firewall and routers based on business requirements.
Monitoring and preventing network traffic from outside worm n Trojan horses.
Involved in review meetings & documentation review. Analyzed network traffic & resolved issues
reported by clients
Performing penetration testing for the customer.
Knowledge sharing sessions with client on various network traffic challenges.
Troubleshoot of network on switches, routers and VPN.
Worked on ACS server for authentication user and to provide authorization based on their roles
and responsibilities.
To perform incident handling, incident response and escalation management in a 24x7
environment
Worked on Adaptive security device manager for firewall and router configuration.
Worked in IPS device manager to analyze and block unwanted network traffic.
Support large & complex contracts during the design and delivery phase.
Facilitate pull through business in a sales /technical consultancy role.
This includes system study of Client’s infrastructure, understanding Client requirements,
providing best security solutions to Client, implementation of recommended security solutions
and managing the same, Vulnerability Analysis and penetration testing.
Security Design and Implementation troubleshooting of security devices, Implementation
Management & Up gradation of Security appliances. Security log Analysis, Problem Management,
RFC management.
Responsible for providing security solutions in the area of Antivirus, Firewall Management, Email
security
Responsibility of SIEM log management and monitoring
Customer mangament
Vulnrability assessment and best practices implementation
Information Technology Project management
in