Head of IT Security Risk Management
Faysal Bank Ltd
Total years of experience :31 years, 4 Months
Governance of Databases, DBA activity monitoring/analysis
Control and monitor DB admin passwords
Network admin activity monitoring
Strategy defining/verification of backups
Applications access control/review management (for entire running applications - \{8000+Users\})
Perform surprise review for IT staff and critical users
Impalement Change Control Process
Highlight KRIs to IT Steering Committee/Top management
Manage critical application’s log monitoring process
Responsible to manage IT Security Risk functions
Manage BCP framework and perform drills with coordination of IT and Business (Mock testing)
Manage IT Risk Assessment as per regulatory Compliance
Supervise penetration testing process and coordinate with IT for fixes
Update and Implement IT Security Policy & SOPs as per regulatory guidelines
Coordinate with vendors regarding Information Systems acquisition, development & maintenance
Responsible for Internal/External and regulatory audit
Responsible to execute Security awareness programs
19+ year multi-functional experience. I’m CISSO (Certified Information Security System Officer)my work experience includes Information Security, I T Operations, Implementation of core banking application, Project Management, SWIFT administration, End-Users training, Preparation and Implementation of Information Security Policies, Business Continuity Policy framework as per British standards BS25999, Identification of KRIs (Key Risk Indicators) for Systems & Applications, Coordination with Audit.
Currently working under Compliance & Risk Group.
From 2000-Present with Faysal Bank Limited, AVP and IT Project Coordinator, involved in IT project with "System Access Ltd Singapore" (International banking solution provider). Involved in all the project areas. Worked as Data Centre In-charge in 4 different branches.
Network administration, end users support, communication monitoring including hardware/software management.
Users profile management with security access as per audit requirement
Inventory management
Administration Novell NetWare
Additional task as Output control checking officer (Internal Audit Coordinator)
Preparation and testing of BCP/DRP activities
Involved in BPR (Business Process Re-engineering) activities
Y2K Compliance (Testing & Implementation)
Worked as Data Centre Controller/ In-charge at 6 different locations including head office