Mahmoud Yassin Ali Moustafa CISA, CISSP, CRISC, MCSE, COBIT, ITIL, PMP Mobile +971-50-8116825 [email protected][email protected][email protected]Career objective To purse a successful career in the IS field based on both my technical and bus iness experience in various ITS Security & infrastructure projects. Professional Snapshot Professional with more than 15 years of experience in IT Operations with focused exposure in Bankin g & ISP Information Security. IT Infrastructure Mana gement, Project Management, Network Management, Business Continuity Planning, New Technology Implementation, Process Improvement and Team Management. A keen planner, strategist & implementer with demonstra ted abilities in IT operations management and new technology implementation for streamlining IT related operations. Expertise in spearheading numerous IT projects; ensuring delivery ofprojects compliant to the quality, time and cost parameters. Proven skills in managing teams to work in sync with the set parameters & motivatin g them for achieving business and individual goals. An effective communica tor with excellent relationship building & interpersonal skills. Strong analytical, problem solving and organizational abilities. Possess a flexible and detail oriented attitude.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
To purse a successful career in the IS field based on both mytechnical and business experience in various ITS Security &infrastructure projects.
Professional Snapshot
Professional with more than 15 years of experience in IT Operations with focusedexposure in Banking & ISP Information Security. IT Infrastructure Management,Project Management, Network Management, Business Continuity Planning, NewTechnology Implementation, Process Improvement and Team Management. A keenplanner, strategist & implementer with demonstrated abilities in IT operationsmanagement and new technology implementation for streamlining IT relatedoperations. Expertise in spearheading numerous IT projects; ensuring delivery of projects compliant to the quality, time and cost parameters. Proven skills in managingteams to work in sync with the set parameters & motivating them for achievingbusiness and individual goals. An effective communicator with excellent relationshipbuilding & interpersonal skills. Strong analytical, problem solving and organizational
abilities. Possess a flexible and detail oriented attitude.
National Bank of Abu Dhabi (Abu Dhabi United Arab Emirates) April 2007 tillpresent
Lead Security & systems Eng- NOC. & SOC. teams lead. April 2007 till present
• Managing & building of the SOC & NOC Monitoring and Operationsteam and taking care of new tasks deliverables
• Monitoring NetIQ SM & Arch sight SIM. Doing correlation analysis of NBAD internal and external Data and voice traffic validating the traffic basedon correlation, identifying any service degradation or outage andrecommending applicable action to operation support
• Managing a Threat Management specific to NBAD ISPsegment(ETISLAT ,DU) configured and managing Symantec threatManagement console
• Closing working with SIRT team to identify risks, and mitigation
• Coming up with Policy procedure based on information securityrequirement
• Vulnerability Management specific NBAD IT production environment.
• Providing daily weekly and Monthly SIEM reports
• Interacting with internal clients for day to day operations support
• Assisting IT auditing and Penetration testing
My responsibility for maintaining the integrity and security of enterprise's servers
and Systems which support the various operating units of the enterprise.
Conducting system analysis and Infrastructure Architect, with limited support anddirection from professional staff, to keep our systems current with changingtechnologies.
Key technical resources for other Senior Staff, providing advice, training andTechnical support for various projects. In addition, technical staff in the ITmanagement team in evaluating current systems and making decisions on futureUpgrades.
I am Managing team of 8 persons for System Monitoring and first Level Support
We monitor the network of 105 remote branches office support 7 countries(London – Paris – Washington – Egypt- Sudan – Kuwait – Oman – Bahrain)
• A NETIQ Security Configuration Manager for Checking the PCI-DSScompliance and Deviations reports to be tracked.
• Working with Deloitte & Touché to meet the PCI-DSS bank wideimplementation and VISA and Master Compliance requirements.
Active Directory
• Design Active Directory Security & Group Policy
• Design & documentation of AD DR Recovery Plan and superviseTesting of the Plans
• Maintain Access shields depend on security Clearance of the Objectsand subjects
• Maintain Group Policy Shield from NetIQ to simulate group policydesign and workflow(designer-publisher-approver) before role out inactual environment
• Design Event to be monitored like (high level security groups –objects – domain admin accounts )
• Design an access policy for keeping Critical account access inpassword Vault (striping system admin from domain admin accounts )
Exchange
• Manage Exchange Security & server Security Policy
• Audit All AD events in Security Management and Generate Alerts onCertain Event that violate or Breaches Security Policy
• Implementing NETIQ SM AD audit module for auditing critical eventsin AD
• Implementing NetIQ SM exchange auditing for auditing critical eventsin exchange servers including backend – CAS – HUP
• Audit all Exchange events and user access including on behalf mail boxaccess
Email Encryption
• Design PKI system for 4000 plus Email user
• Including Managing Auto Enrollment
• Managing Revocation
• KEYS Management
Dealing Room
• Build & Design the Most up to data Dealing room with user furnishing Enough Network Points and IP telephony and Singleprocessing unit manage 4 Screens.
• Including central connectivity for Dealer to powerful processing unit
and 4 screens per each dealing position.
• FIX Encrypted traffic for Dealers.
• Reuter Service Architect and Design and Integrate internally acrossNBAD Network can be accessed from any Remote Branch theinfrastructure includes (third-party fire wall FortiGate) RMDS servers,DACS Servers , Satellite Feeders
• Reuters Dealing System implementation
• Reuters EIKON upgrade for 3000 Extra dealing systemimplementation and security Design
• Bloomberg Service architect and design and integrate the serviceinternally across NBAD networks
Data Base Activity Monitoring (IBM GARDIUM)
• Build & Design the Database activity monitoring which one of PCI-DSS requirement for (Microsoft SQL servers ,Oracle 9 I, 10 G , 11 Gservers ,Sybase servers.) the project have the following activities:-
1. Database discovery.
2. Databases logging policy design and implementation.
• Design and build access control & password polices & procedure for National bank of Abu Dhabi
• Design Remote Session Video Recording System EGP
• Security Enhancement
1. No Console and/or Console Access.2. Only access is via associated “role3. Based” secure web interface(s).4. Embedded Hardware Firewall5. Encryption for Stored Passwords6. Full Hard Drive Encryption7. Secure Communication8. Database Security
9. Application Security
VAL IT COBIT implementation IT Infrastructure Team
• Adaptation and implementation of VAL IT concept In It infrastructure
• Follow Cobit Risk evaluation matrix
INNOKAT (innovation knowledge & advanced technology) Dec 2004 tillmarch-2007
Senior Infra Structure and Security Consultant
• Infrastructure architect &Security architect
• Data center building & design
• Risk Assessment for E-government AJMAN Government
• Risk assessment of Abu Dhabi Ministry of Finance Payment Systems
• Stock market interfaces (Abu Dhabi stock market – Dubai stockmarket) with Alsafwa Finance company and Full System penetrationtesting
• Preparing Feeders connectivity & infrastructure (Reuter –Bloomberg ) and Secure third party infrastructure within Abu DhabiIslamic bank
• FIT Trading platform & infrastructure security assments andpenetration testing
• Dubai Stock Market Security assessment and enhancements
• Etisalat Web Hosting platform Architecture Review and assessmentfor C-panel control Panel security Functionality
• Managed several "full cycle" infrastructure projects. Devolve projectplans, wrote RFP, lead design session and coordinated testing, trainingand implementation.
• Facilitate process improvement sessions to close gaps betweenexisting and proposed business processes and system architecture.
• Lead infrastructure architect & design, implementation projects of windows 2003 active directory, SMS 2005, exchange 2003 , ISA server and migration to exchange 2007 , web application hosting solutions .
• Architect and design network infrastructure for web hosting platform
including security measurements, risk mitigation, availability and 24/7
SLA requirements of the said environment.
• Security Architect Handled the following functions :
o Consolidation of Internet Gateway & Security Gateways.
o Implementation of Content Filter and Proxy Filtering; Trend
Micro Anti Virus Gateway Solution; Pix firewall (Rule base and
LAN zoning).
o Drafting of Policy for Content Filter & Spam Filter.
o Drafted, designed and implemented end to IT security
infrastructure along with the team (Firewall, Anti Virus, Spam,
IPS/IDS, etc.) based on GSD311.
o Presentation of detailed IT security implementation
architecture.
o Managed the project applying PMI (first time).
o Proxy gate way consolidation – Reduction of administrative
time, cost and dependency
o Supporting ISO team to implement ISO 27001 & Auditing -
on enterprise level
o Tipping Point – Administration for enterprise level
o Supporting global regional team for day to day in Security
Operation support.
o Initiating new Information Security programmes on regional
levels
o Defining security policy for end point client based on securitycompliance policy
o Cyber Global Governance (Cyber Gate Keeper – CGK and
AV)
o Maintained Internal Vulnerability Management Program to
ensure full coverage from a system and scanning perspective;
External Vulnerability Management Program to ensure full
coverage and timely remediation.
o
• Design scripts to automate repetitive tasks automate applicationdeployments and streamline OS migrations.
• Implementation of Altiris automation and imaging
• Research new technologies and helped developed comprehensivesolutions for clients requirements.
• Developed operation & security policies and procedure, standardizeddocumentation and designed business continuity solutions.
• Domain and Exchange 5.5 to Windows 2003 AD and Exchange 2003
• Designed an application hosting solution for the Restaurant networkwebsite. This is an internationally accessed website with a 24X7 uptimerequirement.
•Design Full Security for point of sale communication to Head office in
Sharja
• Design Security Access mechanism for All AD users and apply RSAtokens for Cashers and supervisor logins
• The architecture was based on a highly available and highly securerequirement that included designing a hardened installation of Windows 2003server, IPSec, firewall port configuration for a pix front end and a checkpointbackend, clustering database servers, and load balancing web servers usingF5 load balancer.
INNOKAT Data Center
• Analyzed business needs and designed technical solutions to meetthe gathered
• Requirements using Microsoft and third party solutions. This includedhardware
• Firewall, File replication, Database replication, DFS, SAN storagesolutions, network
• Structure, load balancing, and clustering. Architected andImplemented DNS, WINS,
• DHCP, Windows 2003 Active Directory, Exchange 2003, MOM 2005and SMS 2003.
•
And Exchange 2003
• Design solution for VPN connection between INNOKAT data center and its branches
Ajman E-government Data Center
• Design, Architected and implemented a solution to migrate user datafrom a standalone SQL to consolidated SQL server FARM
• Design Database Security include Data encryption
• Database to active directory and provided a web front end for
Dec 2004 till Dec 2005 ETISALAT E-company web hostingsolution design and proposing manager.
• Design the technical solution built on Microsoft WEB HOSTING 3.5platform
• Designed an application hosting solution for the Company to allowEtisalat users to
• Dynamically Host their applications website. This is an internationallyaccessed website with a 24X7 Uptime requirement. The architecture wasbased on a highly available and highly secure requirement that includeddesigning a hardened installation of Windows 2003 Server, IPSEC, firewallport configuration for a pix front end and a checkpoint backend, Clusteringdatabase servers, and load balancing web servers and san access.
Security assessment of C-Panel Control panel of the web hosting and SecurityAccess mechanism for the C-Panel
• Manage customer presentation and demo
• Participating in writing the RFP
• Lead the implementation team
• Lead solution acceptance from customer
• Lead Internal and external security penetration in white-box and
black-box mode using SAINT penetration tools
• Draft the legal agreement for the Web hosting users highlighted theEtisalat responsibility and customer responsibilities in term of security
• Prepare and introduce implementation team
Ajman E-government portal design project manager
• Design the customer requirements document
•
Participating writing the RFP
• Lead solution acceptance from customer
• Lead deployment project for first phase of Ajman free market portal
National bank of Oman Security as service assessment and lead RFP process project
• Define customer requirement from implementing the Google securitysolution
• Leading the integration team to integrate the core banking DB to
Microsoft Security consultant ( Online Services Division )Internal division for Microsoft Data Center
Online Services Division
Microsoft Online Services Security and Compliance (OSSC) is Department that leadand manage all logical & physical security design, survey, audit, and related securityconsulting services Microsoft worldwide critical infrastructure including data centers,leased collocations, and other types of facilities. My Role as Security Consultinginclude working directly with other internal teams as well as provides direction to adedicated vendor team in such areas as security system design, projectmanagement, risk analysis, and Infrastructure surveys. My role is also responsiblefor working directly with numerous external security vendors as well as other vendor organizations like architects, engineers, and construction / project managers toensure accurate and timely delivery of services.
Notable Attainments:
•
Part of the SOC Monitoring and Operations team and taking care of new tasks deliverables
• Monitoring nfx & SCOM SIM. Doing correlation analysis of Microsoftinternal and external Data and voice traffic validating the traffic based oncorrelation, identifying any service degradation or outage and recommendingapplicable action to operation support
• Managing a Threat Management specific to Datacenter segment,configured and managing Symantec threat Management console.
• Closing working with SIRT team to identify risks, and mitigation
• Coming up with Policy procedure based on information securityrequirement
• Responsible for the coordination, installation, upgrade andconversion or servicing of alarm systems, access controls, video cameras,burglary, radio systems and all other types of physical security equipment.
• Approve/modify all security contractor designs.
• Oversee all projects to ensure they are delivered in accordance withestablished requirements and deadlines and within budget.
• Provide system solutions of specific security concerns identifiedthrough contract, legal, regulatory or industry requirements.
• Develop, manage, and maintain security related processes,procedures, system baselines, training, and improvement plans.
• Document and improve work processes in order to make workflowmore efficient and productive.
•Collaborate across groups such as Data Center Operations, Data
Center Development, Security Operations, Global Security Operations Center (GSOC) and other Security Consulting groups to overcome challenges anddeliver results.
• Lead a team of vendor Security Consultants/Project Managers todesign security systems, manage projects, and conduct risk assessment or site surveys while maintaining currency with industry best practices and stateof the art design guidelines utilized by the Security program.
• Direct external relationships to ensure the viability of all securitysystems, legacy and new, with the goal of minimal business disruptions asthe result of failed or improperly configured or installed systems.
• Implement technology solutions aligned with Microsoft securitystrategy and budget guidelines.
• Research and recommend appropriate technical security physicalsystems (CCTV, access control, alarm, etc.) and design and/or engineer such systems for specific applications to achieve security program goals.
• Ensure state-of-the-art physical security programs, methods andequipment by conducting research through benchmarking and evaluation of vendor-provided products and services.
• Develop and administer processes for internal and external security
system audits and serve as primary contact for such audits when required.Represent the security capabilities and operations procedures to internal andexternal auditors and be accountable for ensuring those capabilities aredesigned in conformance with audit requirements.
• Act as primary contact for security system emergency issues.
• Participate in OSSC Security budgeting process as well as contributeto others budgeting processes for security system needs in other groups.
• Total Project manager for Infrastructure ,security of the core bankingsystem
• Implementing security during SDLC of the core banking system fromold system UNIX & Oracle to windows & Oracle using PowerBuilder interface(the project implemented at agriculture & development bank of Egypt firstphase 200 branch delivered 100 branches up till now.
• Manage the Internet banking security platform for the bank.
Job Accountabilities:
• Building and managing the infrastructure & security team
• Actively involved throughout the qualification process; takes a leadrole in the Assessment of the commitment of the company (including 3rdparties) and the Customer and the associated risk prepare and validate theproject plan.
• Acquires, assesses, assigns and manages the resources required(the company and/or 3rd parties/suppliers) for the project.
• Plans, monitors and controls project. Decides and appliesmethodology. Build and
• Maintain project plan using project planning tools (prince 2) andtechniques. Implement project review, change control and acceptanceprocedures that conform the chosen project methodology.
• Identifies issues and assesses risk pre-bid throughout the project life.Identifies and executes a course of actions designed to minimize or avoidrisk. Develop risk models.
• Take accountabilities for the project financials. Produce and maintain
the project P&L. produces revenue, profit, cash flow actual, and forecasts.Ensure and authorize
• Revenue-earning deliverables to be processed for payment.
• Defines the quality management system and overall Quality Plan.This plan will contain and identify Quality control responsibilities for allaspects of the project, including the audit process.
• Provides input to the contract negotiations between the company andthe customer and 3rd parties. Defining the key milestones / attributes /deliverables / planning / reporting and review process.
• Manages conformance to the contract and delivery of commitments.
• Maintain Secure High Availability CITRIX farm to over 1800
Concurrent Connections for Bank employees with NFUSE, XML and CSGservices in an ASP environment.
• Implement and Manage Microsoft Cluster servers for File/Printservices and SQL servers.
• Provide team leadership and management skills on software andhardware
• Implementations.
• Work with security internal systems to provide intrusion detection,audit capabilities, a secure environment.
• Design, implement, and administer Patch Deployment plan usingBigFix.
• Implement SOL 2000 Reporting services to provide custom reportsfor internal services as well as end users.
• Provide Application Design guidelines for new custom applications inan ASP environment.
• Manage multiple environments for application testing during variousstages from alpha release to production.
• Work with management to create deployment processes andprocedures to create a stable production environment.
• Troubleshoot and document new application implementations in aCitrix environment.
• Manage deployment of new servers to allow for growth of Citrixenvironment.
• Create Document Standards for all team documentation.
• Manage Central Storage point of all documents created by asp teamusing Microsoft SharePoint 2003 services.
• Create disaster recovery plan for quarterly testing all enterprisesystems within Provide high level troubleshooting skills for resolving complexhardware and application.
• Issues within a multiple team conflict resolution CAT.
• Work with network operations to manage 4 terabyte SAN provide titleplant image services and SOL 2000 database storage.
• Manage and verify SOL 2000 backups and redundancy on MicrosoftCluster Servers.
• Create custom SOL scripts for data migration and data manipulation.
• Part of Project team for implementation 8. customization of Core
Banking system for Bank Of Alexandria Implementing, and customizing thepackage for core banking system Unix & Informix (the project implemented atbank of Alexandria 90 branches all over Egypt).
• Sharing in implementation, Data Conversion 8.. Staff supervision inBank of Alexandria Project Phase 1.
• Introduce technical consulting in Cairo Far East bank Project.
• Technical Project Manager for RAFDAIN Bank in Abu-Dhabi, and
• Introduce technical consultant to ICL-Emirates.
•
Sharing in Pre-sales activities for ARA-Bank Applications (Proposalsand presentation).
• Analysis, design, development, training and support of the Automaticswitch System for the ATM system Cairo Bank of Egypt, the main objective of this project is to enhance the performance of the implemented SLM-SOFTATM network allover Egypt.
•
Participating at design & analysis for I.C.L banking switch andmanage development team.
• Analysis and development was done for both member nodes and thecentral node.
• Analysis, design, development, training and support of the credit &ATM Card Issuance System for maintaining the personal of Cairo bank'scardholders. The application generates cards and PIN numbers for each newclient.
• Pre-sales support for both of the above systems.
• During my last working year in the company I took over themanagement of the Automatic Teller machine.
• Visual Basic 6.0, and Visual C++, as well as MS-SQL Server 7, andAccess 97 &
• Informix as database engines were used in the previous two
systems.
- Feb,1996- March 1998 (InformationSystem Specialist Al-AHRAM News Paper Management and computer Center (A.M.A.C)
• One of the largest software house for commercial computer servicesenterprises.
• Analysis, design, development, training and support of the billingsystem for electric company of Egypt which deals with data over 30,000,000records per month the system implanted on IBM 9000 mainframe with
language COBOL & db2 database.
• Analysis, design, development, training and support of thedistribution System for maintaining the distribution of AL-AHRAM newspaper presses at Egypt and outside Egypt.
• Analysis, design, development, training and support of theAdvertising System for maintaining the advertising accounting at AL-AHRAM.
• During my last working year in the company I took over themanagement of the electric billing system.
• COBOL, Visual Basic 6.0, and Visual C++, as well as MS-SQL
Server 7, and Access 97 & 082 for mainframe as database engines wereused in developing the previous three systems.
Free Lancer consultant:
- General Company for telecommunication
o Oracle DBA performance & tuning on HP UNIX servers
- Prima soft (Egypt)
o Design Data Warehousing system for ERP System(Heat)