Information Secuirty Manager
Dubai Financial Market
Total years of experience :25 years, 7 Months
- Identity And Access Management
- ISO 27001
- Information Security Regulations (ISR)
- National electronic Security Authority (NESA)
-
Information Security Consultant For ADSIC
• Responsible for ADSIC Documentation
• Service Categorization, Business owners interviews, risk assessment
• Creation of Information Security Plan, for various service,
• Scope and Boundary documents
• Develop and manage the implementation of specific Information Security policies and procedures.
Information Security officer - June 2009 till October 2010
Dubai Health Authority ( Outsourced by Paramount Computer System FZ LLC ) ( May 2011 - Feb 2013)
• Responsible for maintenance of ISO 27001: 2005 ISMS Certification
• Faced surveillance audit for recertification of ISO 27001
• Monitor and audit security practices
• Keep up-to-date on information security threats, technologies and techniques;
• Establish Security Metrics and Dashboard
• Develop and publish periodic security awareness campaigns
• IT Security policies and procedures are developed or revised
• Existing policies and procedures to be implemented and activated
• Promote & Conduct information security awareness sessions
• Reporting to Information Security Management Forum, Information Security Group and IT Director
• Risk Assessment of Information Assets
• Security Classification
• Prepare and lead the organization for the ISO/IEC 27001:2005 renewals
• Preparation activities including self audits and readiness reviews
• Internal ISMS Audit as per approved plan.
• Review audit report findings with ISMF in regular meetings
• To ensure that an effective process for implementing and maintaining the security controls is in place.
• Encourage participation in information security program.
• Conduct random systems/infrastructure/application security checks.
• Responsible for developing, implementing and maintaining the information security program under the direction of the CISO.
• Understand the security architecture, practices, and procedures;
• Develop local practices, publish them and update as appropriate;
• Conduct risk assessment or be involved in risk assessment exercise
• Data identification & classification under direction of CISO
• Monitor and audit security practices;
• Assist in recovery from attacks on the IT system;
• Make recommendations for improved practices and procedures;
• Keep up-to-date on information security threats, technologies and techniques;
• Establish Security Metrics
• Promote & Conduct information security awareness sessions.
• Assist Business Units to develop Information Security Champions
• Annual Review of Information Security Policy and Procedures along with CISO.
• Understand the business objectives as well as the internal processes of the organization.
• Conducted Business Impact Analysis for Entire Bank by meeting business representative from each department, identifying Essential business process, aligning them with accordingly.
• Conducted Business Continuity Awareness Sessions across the bank along with Operation Risk Team.
Security Consultant
• Worked with the Following Companies as Consultant
- Dubai Airport Free Zone Authority
- Drfco Group of Companies.
- New Horizon, Dubai and Abu Dhabi
- Fairmont Dubai
- Mohammad Bin Ghalib Energy
- Al Sayegh Brothers
- I2I Group
- FKamber Holding
- 24 Media
- DotCom Arabia. ( Yahoo Middle East)
• Configured RAS Server over ISDN for 20 Locations for alsayegh brothers and
Mail Server for there cooperate office
• Have performed Information Security Awareness Training
• Server Lockdowns & Hardening
• Penetration Testing, Password Audits
• Advise Customers for best security practices, tools, and devices,
- Involved in Sales and Purchase, hardware for clients.
• Ongoing design, installation, configuration, maintenance, and support of Windows NT/2000 Domain.
• Content Management on Installation Server, managing Software, Documents and other contents
• Tested and Implemented Clickatell SMS solution for Tangerine
• Maintenance of network with minimal network and system down time.
• Research to develop specifications for new hardware and software systems.
• Strong IT technical skills; network, hardware, software, configuration, management and
• Communications. Desktop support, network administration.
• Knowledge of various telecommunication equipment.
• Troubleshooting of Cisco, Marconi Switches and Micros Terminals - Point of Sale
• Responsible for All IT Department at Shifts
• Managing and Troubleshooting Cisco Broadband Server Manager and Cisco Wireless Support
• Created & carried out assistance in Servers, Network Documentation & Diagram.
• Hands on Experience with Fluke Systems Network Tools
• Conducted and Designed the Training for In-Room Technology to train all housekeeping staff
• Researched on Implementing Purchase order E-Document with Adobe Acrobat with Digital Signatures. Tested and verified by Verisign
August 1998 - July 2002 mags.net Karachi, Pakistan.
Network Administrator
Network and cabling design for clients
Web Development sales
Installation and Troubleshooting of LAN
Support on Windows 2000 and other applications.
Email Administration on MDaemon Mail Server.
Worked as a Contractor for Sui Southern Gas Company Limited Karachi, Pakistan
Network Administrator
Installation and Configuration of SCADA
WINDOWS NT and WINDOWS 2000 Administration
Migration to Windows 2000 Server from NT4
Email Server Administration, Managing User Accounts
Helpdesk & Desktop Support
Radio modems Configuration