Cybersecurity and Defense Center Manager
Jeddah Airports Company ( JEDCO)
Total des années d'expérience :13 years, 0 Mois
• Manage the SOC team and function for all L1 Monitoring, L2 Analysis, and L3 Incident Response and Digital Forensics 24/7/365 for all IT infrastructure and related third party
• Manage the cybersecurity operations team of the daily tasks and requests
• Alignment between SOC and cybersecurity operations teams for any security incidents to meet KPI, SLA and ensure business continuity and disaster recovery plans
• Report any security incident to all concerned teams and stakeholders for all needed actions and impact remediations
• Daily/ Monthly/ Annual SOC reports to top management and related concerned departments
• Threat Intelligence alignment with SOC function and cybersecurity operations
• Developing SOPs and playbooks for all security incidents and operations
• Implementing, testing, and validation all SEIM and security controls use cases in a daily basis
• Manage all security controls for the daily operations, projects, maintenance and support
• Propose, build, and develop RFP for any required IT security systems
• Comply with Saudi National Cybersecurity Authority (NCA) controls and all related government and aviation regulations
• Manage the Information Security Ops team
• Manage the Information Security Ops Projects
• Manage the Security Operations Center “SOC” team
• Conduct Daily/Weekly and Monthly meetings with the SOC team
• Report the Information Security Posture and Improvement to the Management
• Review SEIM use cases, Correlations Rules, Playbooks, and security alerts/incidents constantly with the SOC team
• SOC Alignments with IT Security Ops, System, Network, Applications teams, and related parties
• SEIM Integration with Cybersecurity Threat Intelligence Tools /Feeds
• Monitor Saudi CERT, NCA Alerts /Notifications and take actions accordingly
• Integrate all log sources with SEIM system
• Propose Security Orchestration, Automation, and Response “SAOR” system in the SOC Department
• Develop Information Security Maturity Level
• Propose Information Security Technologies and Controls
• Hardening and fine tuning for all security systems
• Documentation of all Information Security Systems
• Conduct Information Security Awareness
• Adherence with Information Security Policies and Procedures
• IT/OT Technical Assessment Stream Lead
• Information Security Strategy and Governance
• SOC Development
• Conduct Asset Inventory and Management for all OT Infrastructure
• IT/OT Network Architecture review
• IT/OT Configurations Review
• IT/OT Compromise Assessment
• Information Security Projects (Deploying FortiGate NGFWs, FortiNAC)
• Administration of NGFWs (Paloalto, Fortinet)
• Administration of Endpoint Security (Kaspersky )
• Develop and implement new Systems Security Administration solutions to meet business requirements
• Implement and support the rollout of critical Systems Security Administration systems to support all impacted services, on both a long term and tactical (immediate term) level
• Ensure that Security Administration systems are fully documented and performing as required for internal and customer SLA guarantees and expectations by means of specific metrics and measurements
• Provide technical Systems Security Administration expertise to Product Development and its support to develop new Systems Security Administration product support and enhance existing Systems Security Administration product sets
• Provide 2nd level troubleshooting tasks and support all End user requests under their departmental mandate
• Responsible to support all assigned Systems Security Administration projects within departmental ICT services
• Responsible documenting and reporting status to line manager
• Fulfill Systems Security Administration departmental Service Level Agreement (SLA) ICT services
• Responsible for fulfilling the assigned Systems Security Administration departmental ICT Services or projects to meet KAMC users requirements
• Responsible and team lead new Systems Security Administration technology implementations to improve ICT services
• Monitor Saudi, U.S. CERT and National Cyber Security Center NCSC in MOI announcements/Alerts and apply all Security recommendations immediately.
• Prepare a security awareness program for employees constantly
• Attend and adhere to ICT meeting decisions and attend appointed meetings and committees
• Adhere to any task deemed necessary, which falls within the scope of job
• Comply with all ICT departmental policies and procedures
• Evaluates and provides reasonable assurance that risk management, control, and governance systems are functioning as intended and will enable the organizations objectives and goals to be met
• Reports risk management issues and internal controls deficiencies identified directly to the audit committee and provides recommendations for improving the organizations operations, in terms of both efficient and effective performance
• Evaluates information security and associated risk exposures
• Evaluates regulatory compliance program with consultation from legal counsel
• Evaluates the organizations readiness in case of business interruption
• Maintains open communication with management and the audit committee
• Teams with other internal and external resources as appropriate
• Engages in continuous education and staff development
• Provides support to the companys anti-fraud program
• Conduction Information Security Risk Assessment and Management
• Conducting Asset Inventory and Management
• Conducting Gap Analysis for different Information Security Frameworks such as, ISO 27001, NSIT CSF, and COBIT
• Propose the Countermeasures plan for Risks
• Propose Business Continuity and Disaster Recover Plans
• Vulnerability assessment and Management
• Conducting Information Security Gap Analysis for Security Controls
• Propose Information Security Technologies for different layers (Network, Applications, Systems, End users ...etc.)
Yaser Aljohani Resume
• Provide advice, assistance and training relevant to the installation, functioning and ongoing maintenance of equipment or software
• Conducting risk assessment and management for different critical operations and departments within the company.
• Suggesting risk countermeasures for the risks that have been detected which threaten the company business and operations.
• Provide contingency plan that prepare company to be able to respond for unexpected incidents/events.
• Assist coworkers with completing work assignments and provided coverage for absent personnel
• Maintain company computers on a weekly basis
• Install Operating System and Software applications as needed
• Provide Technical Support throughout the company
• Prepare technology for meetings.
• Order computer parts to ensure computers stayed online.