Security Consultation and Vulnerability Assessment
Entrepreneur
Total years of experience :10 years, 8 Months
In a role where I manage myself and work with a small group of IT Security enthusiasts engaging and educating government entities on Information Security and situational readiness. My role includes finding clients and use common grounds to transition them as stakeholders, identify shared interests and concerns and provide expertise in choosing meaningful solutions for protecting intellectual assets. On the technical side, I provide basic network hardening and offer PEN testing services finding vulnerabilities in systems to be capped with the help of technology and management controls.
As management adviser on Abu Dhabi government multi-million dirhams data center and infrastructure project, my role was to audit project practices and oversee that the practices are according to ISO 21500. I was internal adviser for PMO and Risk Management, IT Security. Working with projects and resources team, I endeavored to make sure Risks are properly addressed in timely fashion.
Core of my focus was to find gaps in applied management practices, communicating to management and applying approved measures.
1. I improved Process & Policies bringing focus to quality, stakeholder and security practices per ISO 27001 and ISO 21500.
2. Accountable for transition plan to broaden acceptance of new policies ensuring unwavering delivery capability, customer trust.
3. I was extremely successful in re-energizing team using emotional intelligence and contribution dynamics.
4. Member of Steering committee, maintained influential relationship with team while remaining management confidant to uphold 2-way trust.
5. Challenged outdated practices in stakeholders and resource management arena and introduced major adjustments in roles and duties.
6. Improvised internal risk management embedding it into job functions, accountabilities and communication, all using RACI.
7. As Senior Project Manager mentored project managers to keep more focus on engagement with stakeholders and compliance.
8. Enhanced capability to certify for ISO 21500 with full documentation.
Data Center Migration/Infrastructure Expansion
Strategy contributor for Data Center migration for a UAE Department of Transport infrastructure project worth 3 million dhs.
Responsible for detailed migration plan with case scenarios and address possible roadblocks with solutions. Technical adviser on project management to project director, project managers. Tapped changing requirements aligning with customer expectations.
Training Section - Information Security and Auditing
Trained experienced professionals on Information Security (CISM), IS Auditing (CISA) and Project Management for medium and large entities in Telecom, Banking and Oil and gas sector turning potential into strength and raised capacity. Clientele included:
• Telecom- Regional Directorate, Abu Dhabi, UAE.
• Municipality, UAE.
• Health authority, UAE.
• Oil and Gas, Abu Dhabi, UAE.
In this role I was the management confidant, experienced in heading large change, IT security and virtualization projects and operations support for large user base in 51 sites across 34 MENA AFRICA countries.
My core customers were Country and Regional Directors, Senior IT team in UK and vendors like Logica, McAfee, and Global Crossing. Interaction with the senior management teams on the issues of Governance, Problem management, Performance meetings for IT Service KPIs and project checkpoints.
IT Consultant MENA AFRICA British Council Dubai- (2008 -2011)
Core Services and Projects
• End to end service management and 2nd, 3rd line support delivering catalog of world class services to 3000 MENA AFRICA users (9000 in total) across globe including applications, network, communication, IT security and problem management.
• Ownership of IT Audit, Compliance, Infrastructure Virtualization, IT Security and Disaster recovery projects in 51 offices. Responsibility to seek consensus from IT Steering Group.
• Worked with top country stakeholders in realizing result from post-audit recommendations pulling compliance level to its highest.
• As Relationship Manager, accountable for keeping Service Levels and expectations, delivering services transparently to business.
• Volunteered Knowledge Transfer to equip regional colleagues for smooth transition for organizational change program.
• Managed major connectivity and security incidents in close loop, minimizing exposure and outage of services.
• Recruited/line managed country IT Managers, developed skills development plans, job plan and performance development plan.
Projects
• Virtualized server infrastructure reducing physical servers by 50%, power consumption and CO2 emission by 50%.
• Total ownership for improving efficiency of Disaster recovery by re-designing corporate backup solution increasing backup capacity by 35% while reducing resource consumption (time, tapes) by 45%, saving on hardware and tape fixed costs.
• Supervise McAfee threat resolution suite rollout on 3000+ devices in collaboration with McAfee and SCCM/SCOM team.
• ISO 20000 based Compliance lead for MENA AFRICA region on Service Management Best practices and PMO.
On site desktop and mid-level server support to 200 users spread in three sites distanced by 200 KM and 2nd line support, via Remote support or outreach visits.
• Provision of exceptional level of IT related services and devices to 120 staff in 3 provincial offices in Punjab province (Pakistan).
• IT Security Manager for 3 regional offices. Worked with global security team, personally prevented Brute force attacks on server.
• Member of IT steering committee for British Council Pakistan in the areas of Knowledge sharing, IT Security and effective use of technology advancements.
• Monitor SIEM tools (McAfee, VERITAS), ensure maximum event management with integration to Operational Risk Management.
• Handpicked to provide VIP level support to senior in-house and visiting leadership.
• Make IT audit plans and conduct regional IT audits checks, advocate remedy and findings to senior management in Business Risk Framework Meeting.
• Supervised establishment and support of Video conference suite, 1st in British Council in South Asia region (Year 2003).
• Supervised testing and deployment of latest software by ACCA on 300+ PCs, leading multiple on-site teams. (Year 2003-4)
• Supervised provision of IT facilities for major Information Services events expecting 7000+ visitors. (Year 2002)
• Instigated and implemented biometric controls in 3 business critical facilities to secure sensitive resource.
• Maintained PABX, telephony and surveillance systems enforcing accountability. Managed vendors for value for money.
Bachelors Degree with focus on System programming and Internet. Degree attained in 1995.
