ياسر حمزة علي حسين حماد

· Established the vulnerability management framework and implemented a new vulnerability management tool to help manage IT assets and remediate their vulnerabilities
· Established the security incident response framework and procedures
· Worked closely with systems teams to establish and implement configuration benchmarks for various systems including: Windows servers, SQL databases, Sharepoint servers, Oracle databases, etc.. using CIS benchmarks as starting point
· Worked with the development teams (business solutions) and operations teams (systems) to establish a web application security program where application level flaws can be mitigated early in the systems development process
· Participated in implementing the Identity and Access Management (IAM) systems (IGA)
· Participated in operating the Identity Governance and Administration solution including the fine tuning of automated provisioning processes and access request management process
· Actively engaged various teams in IT and the business side to improve security control effectiveness

· Successfully launched major OT security initiatives, managed the relationships with both the IT and OT sides building trust and cross-functional collaboration
· Provided leadership to the ISO 27001 certification initiative in network & security section of Qapco besides focusing on performance enhancement of network & security infrastructure.
· Achieved ISO 27001 certification.
· Proven ability to work cross-functionally with various teams in both IT and plant sides to achieve the goals of improving the security posture of ICS systems
· Introduced the concepts of secure SDLC and established practices that form a nucleus of a software security program, promoted cross-departmental cooperation to achieve the goals of proactive security
· Served as an internal IT security consultant
· Guided the design, implementation, operation and maintenance of the Information Security Management System in both IT and OT.
· Participated in the definition, scope and procurement of technical security controls in both IT and OT
· Monitor compliance with information security policies, procedures and applicable laws and regulations
· Advise management on current information about information security technologies, threats and related issues
· Lead commissioned information security risk assessments and control selection activities in IT and OT
· Perform regular reviews and audits to ensure compliance with approved policies and best practices in the IT and OT sides of the company
· Achieved major milestones in upgrading the information security and network infrastructure.
· Participated in establishing the corporate Enterprise Risk Management framework as a member of the risk management task force
· Started important OT (mainly DCS) security initiatives to enhance security and make it part of regular operational work as well as a fundamental design/engineering requirement.

• Managed operations of the IT department in the Arab Sudanese Bank focused on designing of network security infrastructure and out of band management.
• Monitored installation/ configuration of security infrastructure including Cisco ASA firewalls, tipping point IPS, barracuda spam firewall and bluecoat proxy SG.
• Involved in patch management & configuration management, drafting IS policies, procedures and guidelines of the bank.
• Liaised with compliance & risk departments pertaining to IS risk management.

• Accountable for smooth functioning of network & telecommunications and enterprise IT infrastructure for the largest bank in Sudan with 56 branches.
• Involved in organization of the unit, definition of functional sections within the unit besides focusing on individual roles and accountabilities.
• Developed & mapped business processes apart from monitoring network, security and system admin staff members.
• Focused on enhancement of security, uptime & performance of banking services through planning and implementation of new projects.
• Involved in drafting of security policies (which were subsequently approved and adopted by the senior management) and tender specification document for data center and disaster recovery projects.
• Participated in planning & implementation of network segregation & separation of security zones besides implementing VPN access project.
• Ensured deployment of Snort & Cisco IDS, NMS to monitor network, ATM and server infrastructure.
• Highlights
o Instrumental in introduction of SIEM (envision)
o Recognized for accomplishment of network uptime of 99+%

• Managed diverse technologies from various vendors like RSA, Cisco (firewalls and VPN concentrators), Bluecoat, Barracuda, Network Intelligence, Mcafee (NIPS, AV), ISS (HIPS) and Solarwinds.
• Conducted telecom server audit to assess security health of the network (NGN).
• Reported to security and quality manager.

• Led the internal IS audit, monitoring & penetration testing team (as team leader security audit and awareness).
• Developed IS audit plan, incident handling processes and corporate IS awareness programs; conducted regular audits and organized corporate CSIRT.
• Received training in quality management, performance management, internal quality auditing and business process mapping.
• Highlights
o Successfully completed business process mapping for all security section functions.

• Monitored installation, commissioning and integration of internet caching and filtering solution for Canar Telecom (Mail Security, Two Factor Authentication)
• Installed, commissioned and integrated internet caching and filtering solution for Canar Telecom based on Bluecoat Proxy SG technology.
• Focused on presales and design of information security & internet filtering solutions for Canar Communications (run by Emirates Etisalat) based on technologies from Barracuda (mail security), RSA (strong authentication) and Bluecoat (caching and filtering).
• Involved in installation, configuration & implementation of Bluecoat based internet caching and filtering solution for Canar Telecom using Proxy SG appliances apart from installation, commissioning, testing & support of RSA SecureID Authentication System for Canar Telecommunications.
• Accountable for installation, configuration, testing & support of Barracuda Spam Firewall system for Canar Telecom.

• Functioned as Networking Division Manager (Feb 2002 - Jan 2005) involved in implementation of various services including security & professional services.
o Managed projects like design, planning and installation of Filtering System for National Telecom Corporation using Network Appliance Netcaches and a centralized management and reporting system; design, planning and installation of security solution for Omdurman National Bank using Fortinet firewall and Network Associates Active Virus Defence Suite including network segmentation design, security policy development and on-going support.
o Implemented & commissioned enterprise virus control solution for Sudan National Radio and TV Corporation (NAI Active Virus Defense).

Highlights
- Acknowledged for accomplishing major sales in internet caching, filtering & security infrastructure for Canar Telecom

Oracle Database/ UNIX System Administrator, Sept 2000 - Feb 2002
Network Engineer (May 1999 - Sept 2000)
ISP Webmaster/ Developer (Nov 1998 - May 1999)