Specialist Auditor (Information Security Management System)
DEWA (Dubai Electricity and Water Authority)
Total years of experience :25 years, 6 Months
Performed as the Specialist Auditor for Information Security under the ISO-27001 and other IT and Cyber Security Frameworks. Conducted hands-on testing to explore the hidden Vulnerabilities and Threats within applications, operating systems, network, procedures etc.
The audits cover a large area, including Implementation & Effectiveness of IT Services, IT Controls, ISO 22301 - Business Continuity System, IT Project Management, Configuration and Management of Firewall and Advance Threat Management Systems, Physical Access Controls, Patch Management Systems, Encryption of Data on Transit and Data at Rest, Centralized Log Analyzer (SIEM), MS Exchange, SAP and Cloud Security, other Applications Security, Reviewing Incident Reports etc. Using the best practices and internationally recognized standards
• Worked as a freelance IT Consultant, for various clients on Agile Methodology IT projects, including;
Selection and Implementation of mid-size-ERP. Assessment of Information and Network Security
Website development, eMarketing Campaigns, YouTube & Facebook Accounts management, Email Campaigns, Infrastructure Designing, Compiling IT Budget, Training for PMP Students etc.
• Implementation of SAP R3, with IS-H module for the Hospitals.
• Infrastructure Planning, Projects Management, I.T Business Analysis, Change Management Process.
• Creation and Implementation of IT Policy to establish Governance at all levels.
• Introduction of Policies, Standards, Processes, Procedures, Technology, Tools and Techniques for supporting Continuous Improvement Activities.
• Planning and implementing Channels of Communications and Continuous Training for staff.
• Selection and Supervision of outsourced Centralized IT Data Center.
• Maintenance of Enterprise level Hospital Information System (HIS), with Centralized Hosting and Multi-tenant structure and Implementation of standards like ICD, CPT, DrugCodes, HCPCS, HL7 etc.
• Testing and Maintenance of IT Disaster Recovery Plan.
• Implementation of global Standards in the Processes and Procedures to meet the Govt. Health Authority requirements and to standardize the practices.
• Implementing Continuous Improvements in Policies, Technology, Tools and Techniques.
• Centrally Hosted, Email Server Implementation
• Preparation and presentation of Annual IT Budget.
• Analysis of the Core Business Applications like Finance, HR, Procurement etc, at the Group Level.
• Enhancing the Hospital Information System (HIS), and Implementation of standards like ICD, CPT, DrugCodes, HCPCS, HL7 etc.
• Development of IT Disaster Recovery Plan.
• IS Portfolio Management, Infrastructure Planning, Projects Management, I.T Business Analysis, Change Management Process.
• Group Leader for Information Security Management System (ISMS) project and overseeing the implementation on more than 35 sites.
• Creation and Implementation of Group IT Policy to establish Governance at the Enterprise level.
• Introduction of Policies, Standards, Processes, Procedures, Technology, Tools and Techniques for supporting Continuous Improvement Activities.
• Planning and implementing Channels of Communications and Continuous Training for staff.
• Preparation and presentation of Annual IT Budget and a complete IT Roadmap with “Vision 2017” at the Enterprise level.
• Selection and Supervision of outsourced Centralized IT Data Center.
• Introducing the Core Business Applications like Finance, HR, Procurement etc, at the Enterprise Level, maintaining Service Level Agreements (SLAs) for each.
• Selection of Enterprise level Hospital Information System (HIS), with Centralized Hosting and Multi-tenant structure and Implementation of standards like ICD, CPT, DrugCodes, HCPCS, HL7 etc.
• Development of IT Disaster Recovery Plan.
• Optimization of Business Processes for the entire Group.
• Restructuring IT Teams, for Deployment and Maintenance of IT Projects in UAE, India, Oman & KSA.
• Implementation of Centralized Pathological Lab Information System (LIS).
• Implementation of Centralized Tele-Radiology, (Distributed PACS for 14 Clinics and 3 Hospitals).
• Setting up a small Call Centre with 15 agents.
• Chairman, Health Information Management Committee.
• Implementation of IT Governance and Business Service Management to meet Project Delivery Objectives.
• Requirement Detailing of RFPs for Business ERP procurement.
• Selection and Customization of Hospital Information System (HIS / HIMS).
• Effective implementation of Change Management System and Errors Tracking System.
• Scanning and Digitizing the old paper records, and Integration with Hospital ERP.
• Development & Implementation of Errors Tracking System for HIS Software.
• Deployment of Image Archiving & Communication Systems (for Radiology - PACS).
• Continuous Training of staff on Healthcare ERP, including HIS, HRMS, Finance, PACS, LIMS etc.
• Introducing various IT Policies, Standards, Processes, Procedures, Technology, Tools And Techniques.
• Managing and Developing, MIS Reporting for JCIA and Operational purposes.
• Planning & Implementation of IS Management and IT Infrastructure.
• Member of Committee for IT Budgeting, Hardware & Software Procurement with agreed Financial guidelines.
• Management of various Service Level Agreements (SLAs) with external vendors.
• Development & successful implementation of IT Disaster Recovery Plan.
Worked as Project Manager for comprehensive network of solutions comprising of vast range of software products and services designed to meet modern healthcare organizations information needs focusing on:
• Medical Transcription Services
• Clinical Informatics Solution
• Dictation & Transcription Services
• Support Services and Service Level Agreements
• E-Marketing Solutions
Here I emphasized on the Team Management parallel to team building activities that includes recruitment of top talent for the organization. Being a customer focused company for Healthcare I have been monitoring strict security policies implementation along with quality control of the software solution to prevent data leakage.
Also responsible for companywide IT backup strategies development along-with continued customer support for 24x7x365 availability.
Worked on: Taught various IT related courses, like; Web Engineering, E-commerce, Visual Basic Programming, Object Oriented Programming etc. Performed as Internal Advisor to many student-groups for their Final Projects
Team Management Task Prioritization Client Support
Client Co-ordination Coding Development Software Deployment
Team Evaluations System Design Software Testing
Supervisor's Requirements Data Validation Database Programming
Report Designing Database Designing Website Development
Training Network Installation Backup Routines
Students Evaluations Network Security Policies Network Troubleshooting
Diploma in Software Engineering
URL removed due to policy violation. Please contact support for further information.