mahmoud yassin ali moustafa

31
Mahmoud Yassin Ali Moustafa CISA, CISSP, CRISC, MCSE, COBIT, ITIL, PMP Mobile +971-50-8116825 [email protected] [email protected] [email protected] Career objective  To purse a successful career in the IS field based on both my technical and bus iness experience in various ITS Security & infrastructure projects. Professional Snapshot  Professional with more than 15 years of experience in IT Operations with focused exposure in Bankin g & ISP Information Security. IT Infrastructure Mana gement, Project Management, Network Management, Business Continuity Planning, New Technology Implementation, Process Improvement and Team Management. A keen planner, strategist & implementer with demonstra ted abilities in IT operations management and new technology implementation for streamlining IT related operations. Expertise in spearheading numerous IT projects; ensuring delivery of projects compliant to the quality, time and cost parameters. Proven skills in managing teams to work in sync with the set parameters & motivatin g them for achieving business and individual goals. An effective communica tor with excellent relationship building & interpersonal skills. Strong analytical, problem solving and organizational abilities. Possess a flexible and detail oriented attitude.

Upload: mahmoud-yassin

Post on 07-Apr-2018

228 views

Category:

Documents


0 download

TRANSCRIPT

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 1/31

Mahmoud Yassin Ali Moustafa

CISA, CISSP, CRISC, MCSE, COBIT, ITIL, PMP

Mobile +971-50-8116825

[email protected]

[email protected]

[email protected]

Career objective

 To purse a successful career in the IS field based on both mytechnical and business experience in various ITS Security &infrastructure projects.

Professional Snapshot

 Professional with more than 15 years of experience in IT Operations with focusedexposure in Banking & ISP Information Security. IT Infrastructure Management,Project Management, Network Management, Business Continuity Planning, NewTechnology Implementation, Process Improvement and Team Management. A keenplanner, strategist & implementer with demonstrated abilities in IT operationsmanagement and new technology implementation for streamlining IT relatedoperations. Expertise in spearheading numerous IT projects; ensuring delivery of projects compliant to the quality, time and cost parameters. Proven skills in managingteams to work in sync with the set parameters & motivating them for achievingbusiness and individual goals. An effective communicator with excellent relationshipbuilding & interpersonal skills. Strong analytical, problem solving and organizational

abilities. Possess a flexible and detail oriented attitude.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 2/31

Proficiency Forte

Area of expertise

• Project Planning & Management

• IT Operations Management

• Risk assessment and risk management skills.

• Auditing skills.

• Process design and architect and re-architect.

• Business banking infrastructure architect and implementation skills.

• End user training and security awareness sessions.

• Network administration & operation of Different platforms Unix (SCO – SunSolaris) – (windows NT-windows 2000- windows 2003 – windows 2008).

• Web hosting Infrastructure Solution design and implantation of secureenvironment.

• Financial transaction and worldwide stock markets protocols like FIX &

financial transaction security 3D security implementations.

• Technical Support

• Infrastructure Management

• Technology Implementation

• Network Management

• Liaising & Coordination

• Deliverables Management

• Team Management Information Security & Operations support

Technical Summary

• Accurately scope, design, implement and support product based balanced security on

Gateway & perimeter firewalls. IPS, NIDs, Gateway level AV’s, end point security, data

leakage control products and provide daily process based support reporting of the samefor Banking & ISP environment

• Single headedly managing Organization IT Vulnerability Management

• Support for Design and implement centralized log feeding based on leading SIM’s

• Information security Risk assessments and Threat Modeling

• IS Auditing

• Monitoring / tracking projects with respect to budgeted cost, demand forecasts, time

over-runs to ensure timely execution of projects. Designing and implementation of LAN /

WAN system involving design of network layouts and their configuration.

• Suggesting IT measures and safeguarding the information resources of the enterprise

to maintain integrity, confidentiality and availability of data / application specific to

Financial and ISP segments

• LAN & WAN Support & Monitoring - Financial & ISP Business Verticals.

• Windows Server: Administration & support for Web & Mail, Aix 4.1. Mac.• Incident analysis and recommendation for remediation – Process based Support

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 3/31

• Malware Reverse Engineering.

• Remote Users Enforcement Point Connection Compliance – Cyber Gate Keeper.

Juniper SSL

• Information Security Compliance Auditing based on various IT frame works.

• Comprehensive support to protect against DDOS, Phishing, Malware attacks, Spam’s

and IP Abuse. Cyber Security fraud detection. Forensic analysis, and identifying risk

channels(vectors)• Supporting ISO & SIRT Teams in end to end Info Sec requirements.

• Enterprise Vulnerability \ Security Patch Management and Scanning for Windows

clients and Servers -

• Managing IT Compliance requirements in enterprise environment(PCI-DSS,SOX)

• Intrusion Prevention Systems (Both Reactive & Proactive): IPS, NIDS, HIDS

• Pen Testing: For Servers, Database, Clients, Gateway and Perimeter Components.

• Moderate Knowledge in HTML, Perl script, VB Script, SQL Server Administration and

SQL Query.

• Engage with Info Sec Product Vendors (TAM)

• POP for end to Info Sec products.

• Suggesting IT measures and safeguarding the information resources of the enterprise

to maintain integrity, confidentiality and availability of data / application specific toFinancial and ISP segments

• Ensuring provision of technical consultancy to clients for various IT projects /

operations.

• Monitoring & supervising the development of long-term partnerships with suppliers &

vendors; managing day-to-day supplier performance to ensure meeting of service, cost,

delivery and quality norms.

• Comprehensive understanding of end to end data flow architecture for Financial and

ISP organization.

• Recommending recovery strategies and options, and assisting with the

implementation of recovery solutions, coordinate business continuity plan exercises.

• People Management

• Leading, mentoring & monitoring the performance of team members to ensure

efficiency in process operations and meeting of individual & group targets.

• Creating and sustaining a dynamic environment that fosters development

opportunities and motivates high performance amongst team members.

• Product Working Knowledge: Microsoft Servers and Client, Aix, Messaging, Proxy,

Web, Enterprise Server & Client Management, Symantec (SSC). McAfee EPO, Postini,

Confidence Online, CGK, Iron Port, Web Sense, Blue Coat, Found Stone, ISS, Secure

Computing, Tipping Point, Checkpoint, Pix, Moderate exposure in SIM-NFX. Arch sight.

• Log Management Solution (ARCHSIGHT) Implementation & project lead

• Encryption Mechanism for Email & Folder Encryption )

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 4/31

Organizational Experience

National Bank of Abu Dhabi (Abu Dhabi United Arab Emirates) April 2007 tillpresent 

Lead Security & systems Eng- NOC. & SOC. teams lead. April 2007 till present

• Managing & building of the SOC & NOC Monitoring and Operationsteam and taking care of new tasks deliverables

• Monitoring NetIQ SM & Arch sight SIM. Doing correlation analysis of NBAD internal and external Data and voice traffic validating the traffic basedon correlation, identifying any service degradation or outage andrecommending applicable action to operation support

• Managing a Threat Management specific to NBAD ISPsegment(ETISLAT ,DU) configured and managing Symantec threatManagement console

• Closing working with SIRT team to identify risks, and mitigation

• Coming up with Policy procedure based on information securityrequirement

• Vulnerability Management specific NBAD IT production environment.

• Providing daily weekly and Monthly SIEM reports

• Interacting with internal clients for day to day operations support

• Assisting IT auditing and Penetration testing

My responsibility for maintaining the integrity and security of enterprise's servers

and Systems which support the various operating units of the enterprise.

Conducting system analysis and Infrastructure Architect, with limited support anddirection from professional staff, to keep our systems current with changingtechnologies.

Key technical resources for other Senior Staff, providing advice, training andTechnical support for various projects. In addition, technical staff in the ITmanagement team in evaluating current systems and making decisions on futureUpgrades.

I am Managing team of 8 persons for System Monitoring and first Level Support

We monitor the network of 105 remote branches office support 7 countries(London – Paris – Washington – Egypt- Sudan – Kuwait – Oman – Bahrain)

My Team mange AD with 5000+ users

ATMs 670 ATM and Deposit machine

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 5/31

Notable Attainments:

• Part of NBAD Global Security Team - one of the premier groups of 

o Oversaw a basketful of tasks and led.

o Security Operations Capabilityo Cyber Intelligence and Response Program

o Cyber Security Business Intelligence Program

o Vulnerability Management for 5000+ Windows Servers & UNIX

o Abuse Monitoring and response on enterprise level

o SMTP Spam email administration on enterprise level (iron port)

o Found stone Scan – Corporate Administrator - Subject matter expert

o Corporate Virus defense team – Subject matter expert on enterprise

level

o Trend Micro EPO & trend Micro HIPS administration - on enterprise

level

o Supporting ISO team to implement ISO 27001 & Auditing - on

enterprise level

o Tipping Point – Administration for enterprise level

o Supporting global regional team for day to day in Security Operation

support.

o Initiating new Information Security programs on regional levels

o Defining security policy for end point client based on security

compliance policy

• Cyber Global Governance (Cyber Gate Keeper – CGK and AV)

• Maintained Internal Vulnerability Management Program to ensure full

coverage from a system and scanning perspective; External Vulnerability

Management Program to ensure full coverage and timely remediation.

• Patch Management in enterprise environment - for Windows Clients

and Servers.

• Creating Patch Management Policy for NBAD Data Center –Staff workstation – Portable devices

• Implemented multiple layers of controls to protect NBAD networks against

malware.

• Extended support to ISO Team on IT security compliance requirement,

policies, and auditing.

• Took numerous initiative on global on advance threat management and

remediation

• Implemented numerous process on global operation support level

• RSA Secure login for AD and Imprivata Single Sign-On

Projects

Arch-Sight implementation (SOC Team)

• Product evaluation & selection

• Product Requirements preparation (RFP selection Criteria &evaluation Matrix)

• System implementation

Design the monitoring channels

• Define access profiles

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 6/31

• Design Monitoring Policy and Procedure

• Define Escalation Paths based on application Criticality

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 7/31

EMC IONIX implementation (NOC team)

• Product evaluation & selection

• Product Requirements preparation (RFP selection Criteria &evaluation Matrix)

• System implementation

• Design the monitoring channels

• Define access profiles

• Design Monitoring Policy and Procedure

Define Escalation Paths based on application Criticality

• Prepare Service Maps & application Redundancy groups

NETIQ APPMANAGER implementation (NOC team)

• Product evaluation & selection

• Product Requirements preparation

• System implementation

• Design the monitoring channels

• Service map Design

• Define access profiles

• Design Monitoring Policy and Procedure

• Define Escalation Paths based on application Criticality

• Prepare Service Maps & application Redundancy groups

Data Center ALTIRIS operation & Patch Management

• Product evaluation & selection

• Product Requirements preparation (RFP selection Criteria &evaluation Matrix)

• System implementation

• Design the Patching Test environment

• Integration with Change control system

• Define patching polices and procedure per systems ,application , OS

• Define access profiles

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 8/31

• Define Approval & Escalation Paths based on applicationCriticality

Data Center Polices & Procedure

• Commission Policies

• Decommission Policies

• Access Control policies

• Server maintains procedure

Data Center Physical Security

• Surveillance System

Mantrap Door 

• Finger Print Biometric Access

 

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 9/31

Managed File Transfer 

• A new Managed Transferee platform from CFI proj-net to beCompliant with PCI-DSS data in transit Requirements

• An data encryption

Email Encryption

• An IRON-PORT Email Encryption Gateway implementation andintegration PCI-DSS, SOX compliance.

• A NETIQ Security Configuration Manager for Checking the PCI-DSScompliance and Deviations reports to be tracked.

• Working with Deloitte & Touché to meet the PCI-DSS bank wideimplementation and VISA and Master Compliance requirements.

 

Active Directory

• Design Active Directory Security & Group Policy

• Design & documentation of AD DR Recovery Plan and superviseTesting of the Plans

• Maintain Access shields depend on security Clearance of the Objectsand subjects

• Maintain Group Policy Shield from NetIQ to simulate group policydesign and workflow(designer-publisher-approver) before role out inactual environment

• Design Event to be monitored like (high level security groups –objects – domain admin accounts )

• Design an access policy for keeping Critical account access inpassword Vault (striping system admin from domain admin accounts )

Exchange

• Manage Exchange Security & server Security Policy

• Email spam filtering with ironport mail gateway

• Design client to server email encryption

Ad & exchange auditing

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 10/31

• Audit All AD events in Security Management and Generate Alerts onCertain Event that violate or Breaches Security Policy

• Implementing NETIQ SM AD audit module for auditing critical eventsin AD

• Implementing NetIQ SM exchange auditing for auditing critical eventsin exchange servers including backend – CAS – HUP

• Audit all Exchange events and user access including on behalf mail boxaccess

Email Encryption

• Design PKI system for 4000 plus Email user 

• Including Managing Auto Enrollment

• Managing Revocation

• KEYS Management 

Dealing Room

• Build & Design the Most up to data Dealing room with user furnishing Enough Network Points and IP telephony and Singleprocessing unit manage 4 Screens.

• Including central connectivity for Dealer to powerful processing unit

and 4 screens per each dealing position.

• FIX Encrypted traffic for Dealers.

• Reuter Service Architect and Design and Integrate internally acrossNBAD Network can be accessed from any Remote Branch theinfrastructure includes (third-party fire wall FortiGate) RMDS servers,DACS Servers , Satellite Feeders

• Reuters Dealing System implementation

• Reuters EIKON upgrade for 3000 Extra dealing systemimplementation and security Design

• Bloomberg Service architect and design and integrate the serviceinternally across NBAD networks

Data Base Activity Monitoring (IBM GARDIUM)

• Build & Design the Database activity monitoring which one of PCI-DSS requirement for (Microsoft SQL servers ,Oracle 9 I, 10 G , 11 Gservers ,Sybase servers.) the project have the following activities:-

1. Database discovery.

2. Databases logging policy design and implementation.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 11/31

3. Databases user's activity logging.

4. Database Administrators activity logging.

Forensic Investigation

• Design and build incident handling polices & procedure for Nationalbank of Abu Dhabi

• Define Tools and Steps of any forensic Investigation tomitigate Security Risks

• We test some tools like Case but we are followingmanual Procedure

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 12/31

DMZ Security’s Password Auto Repository (PAR)

• Design and build access control & password polices & procedure for National bank of Abu Dhabi

• Design Remote Session Video Recording System EGP

• Security Enhancement

1. No Console and/or Console Access.2. Only access is via associated “role3. Based” secure web interface(s).4. Embedded Hardware Firewall5. Encryption for Stored Passwords6. Full Hard Drive Encryption7. Secure Communication8. Database Security

9. Application Security 

VAL IT COBIT implementation IT Infrastructure Team

• Adaptation and implementation of VAL IT concept In It infrastructure

• Follow Cobit Risk evaluation matrix

INNOKAT (innovation knowledge & advanced technology) Dec 2004 tillmarch-2007

Senior Infra Structure and Security Consultant

• Infrastructure architect &Security architect

• Data center building & design

• Risk Assessment for E-government AJMAN Government

• Risk assessment of Abu Dhabi Ministry of Finance Payment Systems

• Stock market interfaces (Abu Dhabi stock market – Dubai stockmarket) with Alsafwa Finance company and Full System penetrationtesting

• Preparing Feeders connectivity & infrastructure (Reuter –Bloomberg ) and Secure third party infrastructure within Abu DhabiIslamic bank

• FIT Trading platform & infrastructure security assments andpenetration testing

• Dubai Stock Market Security assessment and enhancements

• Etisalat Web Hosting platform Architecture Review and assessmentfor C-panel control Panel security Functionality

• Managed several "full cycle" infrastructure projects. Devolve projectplans, wrote RFP, lead design session and coordinated testing, trainingand implementation.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 13/31

• Facilitate process improvement sessions to close gaps betweenexisting and proposed business processes and system architecture.

• Lead infrastructure architect & design, implementation projects of windows 2003 active directory, SMS 2005, exchange 2003 , ISA server and migration to exchange 2007 , web application hosting solutions .

• Architect and design network infrastructure for web hosting platform

including security measurements, risk mitigation, availability and 24/7

SLA requirements of the said environment.

• Security Architect Handled the following functions :

o Consolidation of Internet Gateway & Security Gateways.

o Implementation of Content Filter and Proxy Filtering; Trend

Micro Anti Virus Gateway Solution; Pix firewall (Rule base and

LAN zoning).

o Drafting of Policy for Content Filter & Spam Filter.

o Drafted, designed and implemented end to IT security

infrastructure along with the team (Firewall, Anti Virus, Spam,

IPS/IDS, etc.) based on GSD311.

o Presentation of detailed IT security implementation

architecture.

o Managed the project applying PMI (first time).

o Proxy gate way consolidation – Reduction of administrative

time, cost and dependency

o Supporting ISO team to implement ISO 27001 & Auditing -

on enterprise level

o Tipping Point – Administration for enterprise level

o Supporting global regional team for day to day in Security

Operation support.

o Initiating new Information Security programmes on regional

levels

o Defining security policy for end point client based on securitycompliance policy

o Cyber Global Governance (Cyber Gate Keeper – CGK and

AV)

o Maintained Internal Vulnerability Management Program to

ensure full coverage from a system and scanning perspective;

External Vulnerability Management Program to ensure full

coverage and timely remediation.

o

• Design scripts to automate repetitive tasks automate applicationdeployments and streamline OS migrations.

• Implementation of Altiris automation and imaging

• Research new technologies and helped developed comprehensivesolutions for clients requirements.

• Developed operation & security policies and procedure, standardizeddocumentation and designed business continuity solutions.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 14/31

• Leading Security penetration test to many enterprise

Summary of projects with INNOKAT

 Aus (American university SHARGAH)

Architected and design and implementation of a BDD 2.0 (business desktopdeployment using SMS 2005 SP2, desktop imaging and scripting.

Dubai British School (5 branches Dubai )

• Analyzed business needs and designed technical solutions to meetthe gathered requirements using Microsoft and third party solutions.

• Design Data Center Architecture and infrastructure requirements.

• Hp Blade Bl20 selection and deployment as infrastructure.

• This include AD directory design & exchange 2003 Design andimplementation.

• HP San storage capacity of 2 TB as central storage repository for allschool information

• Implementing services like DHCP, DNS, WINS.

• Implementing SMS 2005 for software distribution and batchmanagement.

• Design communication & Network & security Requirements.

• Online system for student enrollment and knowledge baseinfrastructure deployment including web based design and security.

• Online exam system deployment and security deployment for thesaid solution.

 Americana head quarter 

• Analyzed business needs and designed technical solutions to meetthe gathered requirements using Microsoft and third party solutions.

• Database replication, DFS, SAN storage solutions, load balancing,and clustering.

• Architected and Implemented DNS, WINS, DHCP, Windows 2003Active Directory,

• Exchange 2003, MOM 2005 and SMS 2003. Migrated - in parallel -from NT 4.0

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 15/31

• Domain and Exchange 5.5 to Windows 2003 AD and Exchange 2003

• Designed an application hosting solution for the Restaurant networkwebsite. This is an internationally accessed website with a 24X7 uptimerequirement.

•Design Full Security for point of sale communication to Head office in

Sharja

• Design Security Access mechanism for All AD users and apply RSAtokens for Cashers and supervisor logins

• The architecture was based on a highly available and highly securerequirement that included designing a hardened installation of Windows 2003server, IPSec, firewall port configuration for a pix front end and a checkpointbackend, clustering database servers, and load balancing web servers usingF5 load balancer.

INNOKAT Data Center 

• Analyzed business needs and designed technical solutions to meetthe gathered

• Requirements using Microsoft and third party solutions. This includedhardware

• Firewall, File replication, Database replication, DFS, SAN storagesolutions, network

• Structure, load balancing, and clustering. Architected andImplemented DNS, WINS,

• DHCP, Windows 2003 Active Directory, Exchange 2003, MOM 2005and SMS 2003.

And Exchange 2003

• Design solution for VPN connection between INNOKAT data center and its branches

 Ajman E-government Data Center 

• Design, Architected and implemented a solution to migrate user datafrom a standalone SQL to consolidated SQL server FARM

• Design Database Security include Data encryption

• Database to active directory and provided a web front end for 

account provisioning and password resets.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 16/31

• Analyzed business needs and designed technical solutions to meetthe gathered

• Requirements using Microsoft and third party solutions. This includedhardware

•Firewall, File replication, Database replication, DFS, SAN storage

solutions, network

• Structure, load balancing, and clustering. Architected andImplemented DNS, WINS,

• Full Security and Risk Assessment for the whole E-governmentprogram including review of the payments interfaces with Ajman Bank

• DHCP, Windows 2003 Active Directory, Exchange 2003, MOM 2005and SMS 2003.

• And Exchange 2003

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 17/31

Dec 2004 till Dec 2005 ETISALAT E-company web hostingsolution design and proposing manager.

• Design the technical solution built on Microsoft WEB HOSTING 3.5platform

• Designed an application hosting solution for the Company to allowEtisalat users to

• Dynamically Host their applications website. This is an internationallyaccessed website with a 24X7 Uptime requirement. The architecture wasbased on a highly available and highly secure requirement that includeddesigning a hardened installation of Windows 2003 Server, IPSEC, firewallport configuration for a pix front end and a checkpoint backend, Clusteringdatabase servers, and load balancing web servers and san access.

Security assessment of C-Panel Control panel of the web hosting and SecurityAccess mechanism for the C-Panel

• Manage customer presentation and demo

• Participating in writing the RFP

• Lead the implementation team

• Lead solution acceptance from customer 

• Lead Internal and external security penetration in white-box and

black-box mode using SAINT penetration tools

• Draft the legal agreement for the Web hosting users highlighted theEtisalat responsibility and customer responsibilities in term of security

• Prepare and introduce implementation team

 Ajman E-government portal design project manager 

• Design the customer requirements document

Participating writing the RFP

• Lead solution acceptance from customer 

• Lead deployment project for first phase of Ajman free market portal

National bank of Oman Security as service assessment and lead RFP process project 

• Define customer requirement from implementing the Google securitysolution

• Leading the integration team to integrate the core banking DB to

Encrypted traffic thru all application layers.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 18/31

• Applying Data Classification and writes management with MicrosoftRMS

• Lead solutions acceptance from customer 

Jan-2005 till DATE Senior technology consultant (Abu Dhabi department of 

finance (DOF)

• E-government project Migrate DOF Active directory with Customdepartment in one forest using federation services

• Define E-government GPO's participating with /ADS IC

• Supervise and manage implementation project

E-government project Exchange server 2005 mail system(DOF& Custom department)

• Define the current mail system

• Define the scope of the E-government initiative for mail system

• writing the RFP for vendors to apply

• Choose best vendor 

• Supervise and manage implementation project

• National E-Payment gateway consultation project

• Prepare the RFP for vendors to apply highlight the securityrequirements from payments solution

• Supervise the proposing phase on behave of DOF

• Choose best vendor 

• Supervise and manage implementation project

• Study the change management process & reengineering to deploynew value added payments services with NBAD

MTC ATHEER at Iraq Infrastructure

• Prepare the technology platform for the ISP

• Design Company security Policy and procedure

• Design the Data Center Hardware and Physical Security

Lead the security testing across all layers

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 19/31

• Lead the security Program certification from Regulation authority inIRAQ

• Design the full Physical Security in the company and design logicalaccess control

•Risk Assessment and Manage internal Controls to mitigate risks

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 20/31

Microsoft 

Dec 2002 Nov 2004

Microsoft Security consultant ( Online Services Division )Internal division for Microsoft Data Center 

Online Services Division

Microsoft Online Services Security and Compliance (OSSC) is Department that leadand manage all logical & physical security design, survey, audit, and related securityconsulting services Microsoft worldwide critical infrastructure including data centers,leased collocations, and other types of facilities. My Role as Security Consultinginclude working directly with other internal teams as well as provides direction to adedicated vendor team in such areas as security system design, projectmanagement, risk analysis, and Infrastructure surveys. My role is also responsiblefor working directly with numerous external security vendors as well as other vendor organizations like architects, engineers, and construction / project managers toensure accurate and timely delivery of services.

Notable Attainments:

Part of the SOC Monitoring and Operations team and taking care of new tasks deliverables

• Monitoring nfx & SCOM SIM. Doing correlation analysis of Microsoftinternal and external Data and voice traffic validating the traffic based oncorrelation, identifying any service degradation or outage and recommendingapplicable action to operation support

• Managing a Threat Management specific to Datacenter segment,configured and managing Symantec threat Management console.

• Closing working with SIRT team to identify risks, and mitigation

• Coming up with Policy procedure based on information securityrequirement

• Responsible for the coordination, installation, upgrade andconversion or servicing of alarm systems, access controls, video cameras,burglary, radio systems and all other types of physical security equipment.

• Approve/modify all security contractor designs.

• Oversee all projects to ensure they are delivered in accordance withestablished requirements and deadlines and within budget.

• Provide system solutions of specific security concerns identifiedthrough contract, legal, regulatory or industry requirements.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 21/31

• Develop, manage, and maintain security related processes,procedures, system baselines, training, and improvement plans.

• Document and improve work processes in order to make workflowmore efficient and productive.

•Collaborate across groups such as Data Center Operations, Data

Center Development, Security Operations, Global Security Operations Center (GSOC) and other Security Consulting groups to overcome challenges anddeliver results.

• Lead a team of vendor Security Consultants/Project Managers todesign security systems, manage projects, and conduct risk assessment or site surveys while maintaining currency with industry best practices and stateof the art design guidelines utilized by the Security program.

• Direct external relationships to ensure the viability of all securitysystems, legacy and new, with the goal of minimal business disruptions asthe result of failed or improperly configured or installed systems.

• Implement technology solutions aligned with Microsoft securitystrategy and budget guidelines.

• Research and recommend appropriate technical security physicalsystems (CCTV, access control, alarm, etc.) and design and/or engineer such systems for specific applications to achieve security program goals.

• Ensure state-of-the-art physical security programs, methods andequipment by conducting research through benchmarking and evaluation of vendor-provided products and services.

• Develop and administer processes for internal and external security

system audits and serve as primary contact for such audits when required.Represent the security capabilities and operations procedures to internal andexternal auditors and be accountable for ensuring those capabilities aredesigned in conformance with audit requirements.

• Act as primary contact for security system emergency issues.

• Participate in OSSC Security budgeting process as well as contributeto others budgeting processes for security system needs in other groups.

Projects

Microsoft Dubai Data Center 

Data Center Physical Security Project Evaluation

1- CCTV  

2- Access card system

3- Access procedures and control 

Staff login and access Rights thru VPN 

1- VPN Access use policy 

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 22/31

2- VPN security measure

3- Use Smart Card access

4- Quick and Efficient mechanism for Access

MS Data Center Dubai Join the EMEA private Cloud 

1- Define the requirements

2- Define security gaps

3- Define access rights policy 

Password management appliance

1- Enterprise Password Vault 

2- Remote Access firewall for external parties’ 

Local Forensic Team

1- Act as local forensic team in cases of MS staff violation

2- Include Redmond Forensic Team in any case need to beescalated.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 23/31

Fujitsu (Egypt-UK-USA)

 Jan 2001 – 30 Nov 2002 Senior Infrastructure &

security Consultant 

• Total Project manager for Infrastructure ,security of the core bankingsystem

• Implementing security during SDLC of the core banking system fromold system UNIX & Oracle to windows & Oracle using PowerBuilder interface(the project implemented at agriculture & development bank of Egypt firstphase 200 branch delivered 100 branches up till now.

• Manage the Internet banking security platform for the bank.

 Job Accountabilities:

• Building and managing the infrastructure & security team

• Actively involved throughout the qualification process; takes a leadrole in the Assessment of the commitment of the company (including 3rdparties) and the Customer and the associated risk prepare and validate theproject plan.

• Acquires, assesses, assigns and manages the resources required(the company and/or 3rd parties/suppliers) for the project.

• Plans, monitors and controls project. Decides and appliesmethodology. Build and

• Maintain project plan using project planning tools (prince 2) andtechniques. Implement project review, change control and acceptanceprocedures that conform the chosen project methodology.

• Identifies issues and assesses risk pre-bid throughout the project life.Identifies and executes a course of actions designed to minimize or avoidrisk. Develop risk models.

• Take accountabilities for the project financials. Produce and maintain

the project P&L. produces revenue, profit, cash flow actual, and forecasts.Ensure and authorize

• Revenue-earning deliverables to be processed for payment.

• Defines the quality management system and overall Quality Plan.This plan will contain and identify Quality control responsibilities for allaspects of the project, including the audit process.

• Provides input to the contract negotiations between the company andthe customer and 3rd parties. Defining the key milestones / attributes /deliverables / planning / reporting and review process.

• Manages conformance to the contract and delivery of commitments.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 24/31

• Defines and agrees with the client needs for ongoing supportservices.

• Define and adheres to a regular reporting process both internally andconfirming to the corporate requirements.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 25/31

Technical Responsibility Highlights

• Maintain Secure High Availability CITRIX farm to over 1800

Concurrent Connections for Bank employees with NFUSE, XML and CSGservices in an ASP environment.

• Implement and Manage Microsoft Cluster servers for File/Printservices and SQL servers.

• Provide team leadership and management skills on software andhardware

• Implementations.

• Work with security internal systems to provide intrusion detection,audit capabilities, a secure environment.

• Design, implement, and administer Patch Deployment plan usingBigFix.

• Implement SOL 2000 Reporting services to provide custom reportsfor internal services as well as end users.

• Provide Application Design guidelines for new custom applications inan ASP environment.

• Manage multiple environments for application testing during variousstages from alpha release to production.

• Work with management to create deployment processes andprocedures to create a stable production environment.

• Troubleshoot and document new application implementations in aCitrix environment.

• Manage deployment of new servers to allow for growth of Citrixenvironment.

• Create Document Standards for all team documentation.

• Manage Central Storage point of all documents created by asp teamusing Microsoft SharePoint 2003 services.

• Create disaster recovery plan for quarterly testing all enterprisesystems within Provide high level troubleshooting skills for resolving complexhardware and application.

• Issues within a multiple team conflict resolution CAT.

• Work with network operations to manage 4 terabyte SAN provide titleplant image services and SOL 2000 database storage.

• Manage and verify SOL 2000 backups and redundancy on MicrosoftCluster Servers.

• Create custom SOL scripts for data migration and data manipulation.

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 26/31

• Create and manage custom reports using SOL 2000 reportingservices for internal services

• Work with WAN team to implement firewall updates for new softwareimplementations and troubleshoot connectivity issues.

• Provided management of assigned projects that allowed on timeenvironment and application rollouts.

• Lead software-design sessions from design recommendations toproduction requirements.

• Designed, created, and managed complete parallel test environmentfor alpha testing new software application implementation.

• Evaluate and review new software applications and Hardware for enterprise implementations

• Implement and manage Web Trends reporting for multiple enterpriseweb site trend analysis

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 27/31

System Engineer (Fujitsu Egypt)

• Part of Project team for implementation 8. customization of Core

Banking system for Bank Of Alexandria Implementing, and customizing thepackage for core banking system Unix & Informix (the project implemented atbank of Alexandria 90 branches all over Egypt).

• Sharing in implementation, Data Conversion 8.. Staff supervision inBank of Alexandria Project Phase 1.

• Introduce technical consulting in Cairo Far East bank Project.

• Technical Project Manager for RAFDAIN Bank in Abu-Dhabi, and

• Introduce technical consultant to ICL-Emirates.

Sharing in Pre-sales activities for ARA-Bank Applications (Proposalsand presentation).

- Feb,1998- Jan2001 (Technical project Manager international computer limited (I.C.L) Egypt,

• Analysis, design, development, training and support of the Automaticswitch System for the ATM system Cairo Bank of Egypt, the main objective of this project is to enhance the performance of the implemented SLM-SOFTATM network allover Egypt.

Participating at design & analysis for I.C.L banking switch andmanage development team.

• Analysis and development was done for both member nodes and thecentral node.

• Analysis, design, development, training and support of the credit &ATM Card Issuance System for maintaining the personal of Cairo bank'scardholders. The application generates cards and PIN numbers for each newclient.

• Pre-sales support for both of the above systems.

• During my last working year in the company I took over themanagement of the Automatic Teller machine.

• Visual Basic 6.0, and Visual C++, as well as MS-SQL Server 7, andAccess 97 &

• Informix as database engines were used in the previous two

systems.

- Feb,1996- March 1998 (InformationSystem Specialist Al-AHRAM News Paper Management and computer Center (A.M.A.C)

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 28/31

• One of the largest software house for commercial computer servicesenterprises.

• Analysis, design, development, training and support of the billingsystem for electric company of Egypt which deals with data over 30,000,000records per month the system implanted on IBM 9000 mainframe with

language COBOL & db2 database.

• Analysis, design, development, training and support of thedistribution System for maintaining the distribution of AL-AHRAM newspaper presses at Egypt and outside Egypt.

• Analysis, design, development, training and support of theAdvertising System for maintaining the advertising accounting at AL-AHRAM.

• During my last working year in the company I took over themanagement of the electric billing system.

• COBOL, Visual Basic 6.0, and Visual C++, as well as MS-SQL

Server 7, and Access 97 & 082 for mainframe as database engines wereused in developing the previous three systems.

Free Lancer consultant:

- General Company for telecommunication

o Oracle DBA performance & tuning on HP UNIX servers

- Prima soft (Egypt)

o Design Data Warehousing system for ERP System(Heat)

- Arab contractors (Osman Ahmed Osman)

o Design & Development for Enterprise web site

o Design & Development for human resource system

- General Motors Egypt

o Inventory control for spare parts

- GAZEL ELMAHLA (textiles &weaving)(graduationproject)

o analysis, design, development & implementing online

internet

o Retail system for hyper markets (multi branches).

Education

- B.Sc. in Of Business Administration (ManagementInformation System)Cairo University 1996 – English section

Certification Status

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 29/31

  Title Date Achieved

Oracle Certified DBA VER 8 Oct 31, 2002

Microsoft Certified Professional Dec 24, 2000

Microsoft Certified Systems Engine Feb 28, 2001

HP blade infra structure certification 2002

Certified Sun Solaris Administrator version 7 June .2003Certified CISSP 2004

Certified ITIL VER 1 2005

Certified PMP 2005

Certified COBIT 2009Renew Certification CISSP 2010CISA Certification 2011Certified for CIRSC 2011Applied for ISO 27001 Lead auditor in process 2011

Training (management & planning courses)

- Project Planning.

- Practical Project Management.

- Business Report Writing Skills.

- Effective Presentation Skills.

- Project Management.

- Practical Business Risk Management.

- Effective Management Skills.

- Effective Time Management.

Technical courses

- Windows 95. (MCP CERT[FIED)

- MS-SOL Server 7.0 Course, Microsoft Egypt, September1999.

- Implementing and Supporting NT Server 4.0. (MCP)

- Implementing And Supporting NT 4.0 Workstation.(MCP)

- SOL Server 7.0 Administrating. (MCP)

- SOL Server 7.0 Implementing. (MCP)

- UNIX courses I.C.L Egypt

- Oracle administrating courses 3t version 7

- Informix administrating & development

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 30/31

- Security courses for Racal[ system at banking

- TCP/IP course (MCP)

Banking technical courses

Payment institute (Organized By! NACHA –National automated Clearing house Associations): Washington University  –Seattle

- Check Technologies

- Online Retail Payments.

- Cross Border Payments. Wire Transfer Systems.

- Risk Management.

- Electronic Data Interchanges (EDI).

- Swift operations & technologies.

Courses related to IBM mainframe operatingsystem:

• VSE/ESA OS

• COBOL mainframe

• Assembler mainframe

• CICS (online programming for application

• DB2

•Nonstop operating system

• Nonstop S.Q.L

 

Personal Information:

• Nationality: Egyptian

8/4/2019 Mahmoud Yassin Ali Moustafa

http://slidepdf.com/reader/full/mahmoud-yassin-ali-moustafa 31/31

• Visa status: resident

• Dale of birth : 14/05/1975

• Marital Status: Married

• Personal e-mail: [email protected] 

o [email protected]

o [email protected]

• Work-mail: [email protected] 

• Mobile No.: 0508116825 -0556776977

• Languages

o Arabic Native Speaker  English – Excellent Deutsch: fair 

French : beginner