CV, Information Security Consultant seeking work in KSA

Available
Serial No: 40948
Skills keywords: 
Current location:  Al Madinah Province, Saudi Arabia - View on map
Nationality: India
Spoken languages: Arabic, english

Professional Experience

  • Information Security Consultant – (Security Operations Center)
  • YASREF (Yanbu Aramco Sinopec Refining), Yanbu, KSA. Joint Venture of Saudi Aramco.
  • Duration: May 1, 2014 to Present.

Job responsibilities:

 

  • Oversight Implementation and deployment of RSA Security Analytics, RSA DLP (Data Loss Prevention) and RSA Archer (incident Management).
  • 24×7 monitoring of security log events from various IT platforms, included but not limited to firewalls, intrusion prevention systems, Windows servers, UNIX servers, network, and various applications.
  • Work with data owners of different business functions to ensure solutions implemented for data loss prevention does not negatively impact the business.
  • Define rule and policy in RSA DLP, RSA SA and RSA Archer as per organization’s compliance requirement and enforce IT Security Policies, Protect their Infrastructure, and effectively managing the Systems
  • Deployment of Data loss prevention across the network – Data in motion, Data in Use & data at Rest servers.
  • Network Access Control – Implementing a secure solution to identify network devices and profiling the Network devices to allow or disallow access based on the device type
  • Signature Updates Deployment on the Management Components and all the Individual IPS/IDS devices.
  • Analysis of the Network Attack, blocks, detects and regular Health Checkups in the real Environment
  • Analyzing collected security logs, managing information security incidents, perform security analysis on IT security events, and identifying unusual or suspicious behavior.
  • Investigating and analyzing virus and malware incidents.
  • Develop information security monitoring threat cases to be developed in security information and event management system.
  • Fine-tune SOC monitoring and incident management tools.
  • Perform network packet analysis.
  • Train and mentor Level 1 security monitoring analyst.
  • Review IPS/IDS signature update and coordinate applying them accordingly.
  • Recommend security incident response and remediation actions.
  • Preparing the Knowledge Transfer document of Process and Technical specifications guide for the Transition/Internal purpose
  • Ensure Smooth Transition for all the Security Applications, Preparing Team Metrics report and Project status report weekly/monthly presenting to the Management.

 

  • Security & Compliance Lead (Security & Risk Management)
  • IBM India PVT. LTD.
  • Duration: March 2011 to April 2014.

Job responsibilities:

 

  • Perform IT Control Assessments/Reviews to ensure Compliance with established policies, standards, regulations etc.
  • Consulting, Advising and Participating in design of various IT processes and controls to support compliance with policies, standards, regulatory requirements, etc.
  • Identify and evaluate business and technology risks, internal controls which mitigate risks and related opportunities for internal control improvement
  • Help establish Annual Audit Plan for core areas using risk assessment methodologies.
  • Coordinate with various departments to create remediation plans for defects found during audit.
  • Coordinate with auditors during internal & external audits.
  • Develop and deliver various trainings related to Security and Compliance.
  • Present the Account Security document to the customer and review for completeness.
  • Review Customer security policies with regard to change requests and exceptions
  • Review customer security policy change requirements and advise on the impact to delivery of implementing the requested change
  • Perform Risk and Vulnerability Assessment
  • Create/Update Security (ISeC) document based on customer inputs.
  • Conduct reviews to confirm compliance with security documents and the contract
  • Perform Security Gap Analysis, Develop and maintain applicable ISeC processes and procedures for service delivery
  • Provide a standard monthly security operations report to display the health of the customer environment
  • Manage root cause analysis for any audit findings.
  • Facilitating the designing, administration, implementation, and maintenance of the Identity and Access Management solution infrastructure
  • Facilitating the creation and maintenance of workflows for Identity and Access Management

 

 

  • Concessions Investigation Specialist (Transaction and Risk Management Services)
  • Amazon Development Centre (India) PVT. LTD.
  • Duration: September 2007 to March 2011.
  • Investigate retail and marketplace orders for suspected fraud using automated and manual tools.
  • Take appropriate action to identify and minimize the risk posed by such trends.
  • Update and maintain catalogue of current use cases and SOPs.
  • Be aware of and identifying new abusive patterns and trends among customer accounts.
  • Partner with appropriate business team to continually refine Concession Referrals process.
  • Achieve productivity and quality standards for investigations.
  • Contributes a positive team atmosphere, works cooperatively.
  • Communicate via email and telephone with external and internal customers to make informed decisions about risk.
  • Work on trouble tickets to find possible abuse and take required action.
  • Work with Policy Management Team and Marketing team to define policies for any promotional offers

 

Educational Qualification:

 

  • B.Tech (E.I.E) from Al-Habeeb College of Engineering and Technology, Jawaharlal Nehru Technological University, Hyderabad.
  • Intermediate (10+2) from Ratna Jr. College – Hyderabad.
  • 10th Grade from J. G. R High School – Hyderabad.

 

Technical Skills:

 

  • Security & Risk Management: HP Arcsight, TSIEM, RSA SA, DLP, RSA Archer
  • Identity Management: ITIM, Empower IDM, OIM, OAM
  • Audit & Compliance: SOX 404, ISO 27001, FDA, HIPAA, SAS 70, SSAE, Corp Audits
  • Operating Systems: MS Windows XP upto Server 2008, UNIX, Linux, Solaris & HMC Servers
  • Network: Cisco ASA, Juniper Firewalls, IDS, IPS, Microsoft TMG, Proxy
  • Applications: Active Directory, Microsoft Exchange Management 2008, SAP, Middleware, Oracle, WAF
  • Completed Microsoft Certified System Engineer (MCSE) training from Zoom Technologies
  • Applying knowledge of Lean & IBM GDF
  • Applying knowledge of ITIL
  • Trained on RSA Security Analytics, RSA DLP and RSA Archer

Completed Certified Information Systems Security Professional (CISSP) training from

Employers, Click here to Hire





Latest Job Adverts

popup-img
popup-img
Welcome to
Skills Provision

Please click on the relevant link

Employers Job Seekers

For further information on our international agency and available workers please contact us today (click here)

Back

If you are interested in new employment opportunities please register on our website (click here)

Back
popup-img