- Collaborative security professional adept at working with business application owners and infrastructure teams stakeholders to build and maintain a secure and effective highly available and scalable technology platform that can meet business needs with the focus of protecting confidentiality, integrity, and availability of information assets.
- Perform vulnerability and policy compliance assessments for Critical Services, Applications, Infrastructure and other assets.
- Prioritize remediation activities based upon the assessment results of the enterprise - wide vulnerabilities assessments, compliance program, or internal/external audits.
- Amassed proficiency in PCI, ISO 27001, HIPAA, and FISMA compliance standards, and industry standard scoring models including CVSS and CCSS.
- Generate reports on assessment findings/patch compliance and summarize information to facilitate remediation tasks
- Coordinate security controls on Windows systems using Active Directory, Organization Unit, and Group Policy Objects.
- Functioned as the primary facilitator of internal and external IT audits, automated tasks to large count vulnerabilities expediently, and served as the Security focal point for the Infrastructure department at SABIC, the largest petrochemical manufacturer in Saudi Arabia.
- Measure enterprise-wide compliance with organizational security policies and standards using various toolsets.
- Monitor and coordinate with business teams for applicable security patches and configuration standards
- Work on Qualys Asset View, Vulnerabilities Management, Policy Compliance, Indicator of Compromise, Web Application Scanning, Reporting, and Threat Protect modules
- Assess IT risks and security posture and develop plan for improvement
- Liaise internal and external audits
- Perform CIS controls’ policy compliance audits
- Performs vulnerabilities assessments
- Assist in resolution of information security incidents
- Coordinate remediation plans with stakeholders
- Conduct security awareness sessions
- Prepare security policies and procedures
- Familiar with Qualys SAQ eGRC module
- Excellent communication and troubleshooting skills
- Review users accounts access on regular basis
- Interfaced with largest petrochemical customer regarding Infrastructure systems support and work on their cyber security issues including vulnerabilities assessment, risk mitigation, deployment of security standards, event management, and application of Center of Internet Security (CIS) benchmark standards for Unix and Windows systems.
- Authored system information policies, procedures, and standards.
- Stayed abreast of current and emerging regulatory standards such as SOX, PCI, and HIPAA.
- Created reports that impacted security key performance indicators (KPIs), sustained amiable vendor relationships, and executed firewall tuning and content filtering.
- Coordinated and deployed remediation plans, Qualys vulnerabilities assessment, Firewall tuning, content filtering, and reconciled technical issues related to Qualys, HP-UX, Redhat, and Windows servers.
- Oversaw the implementation of ISS security SIEM solution tools including Real Secure Site Protector console for event management Proventia (A, G, and M) gateway firewall applications, host, network sensors, and scanner modules.
- Spearheaded all aspects of assessment, design, and implementation of IT operations, security issues, and system infrastructure.
- Ensured high availability of ERP business applications through the management of HP-UX cluster systems.
- Diagnosed panic reboot issues through the execution of crash dump analysis.
- Analyzed syslog, cluster package logs, flight recorder logs, and processor logs for hardware failure issues and cluster issues.
- Developed and managed vPar (Virtual systems) on the Superdome-2 system, deployed system patch bundles on HP-UX Servers, and authored shell scripts for alerts management.
- Allocated/de-allocated Online CPU and memory hardware resources for virtual partitions (vPar).
- Created a patching process lifecycle for business team and system owners to roll out patches regularly to reduce business impact and achieve patching compliance with corporate policy.
- Developed volume groups, logical volumes, and file systems utilizing Unix systems for SAN storage.
- Executed script writing and shell programming to drive automation.
- Ensured both HP-UX OS bundles and security patches remained current.
- Championed the configuration and maintenance of HP-UX PA-RISC and Itanium based Unix systems.
- Utilized sendmail to implement event monitoring system and auto-notification of alerts.
- Configured kernel parameters and tuned file systems spacing as needed.