Hesham Nasr Hamed Ali

• Capable of securely coordinating user access to systems and platforms across various departments. I took on the responsibility of developing and implementing supportive enhancements for network operations. I analyzed network security and current infrastructure, identifying areas in need of improvement. I organized and maintained the technology and software budget. I supervised the lifecycle renewal of hardware and software. I excelled in identifying computer and network system issues, utilizing troubleshooting techniques for resolution.
  
  Throughout my career, my extensive experience included collaborations with leading companies such as Aramco and Sabic. I successfully worked with Aramco on projects in Al-Ju'aymah and the Yanbu Petroleum Refinery, enhancing my skills in the field of cybersecurity. Additionally, I collaborated with Sabic, where my effective contributions included projects like the Jubail Manufacturing and Yanbu Petrochemical Complex, further specializing in the cybersecurity sector within the chemical industry.
  
  Crafting strategic business plans outlining the need for departmental information technology resources, I led technical upgrade projects for clients by coordinating with consultants and developers to ensure seamless integration. I maintained regular communication with other departments to minimize network interruptions and potential downtimes. Regular interactions with customers regarding data exchange and technology integration sharpened my interpersonal skills.
  
  I built positive relationships with colleagues, completed administrative paperwork, identified discrepancies, and promptly addressed them for resolution. I demonstrated success in working under pressure and in a fast-paced environment. Efficient time management allowed me to complete all tasks within deadlines. Self-motivated, I possess a strong sense of personal responsibility. In group projects, I took on the role of a team leader, delegating tasks and providing feedback.
  
  My extensive experience in cybersecurity applications includes risk assessments, iDMZs, continuous threat detection, and endpoint protection. I effectively manage the execution of vulnerability management controls, programs, and standards. This involves overseeing the execution and distribution of vulnerability assessments, reports, and metrics. I collaborate with infrastructure and business teams to define hardening standards and ensure compliance across the environment. Managing the vulnerability exception request process, proposing, implementing, and documenting process improvements are among my responsibilities.
  
  I actively contribute to driving internal processes for prioritization and resolution of vulnerability findings. I identify attack vectors and new threats, assisting in directing IT teams and collecting/formatting audit artifacts for successful completion of any audit findings. Ensuring the enforcement of cloud (AWS, Azure) security policies using tools like CloudWatch, Prisma Cloud, and others is part of my expertise.
  
  My experience extends to penetration testing and interpreting the results to provide risk-based recommendations for remediation. In the realm of vulnerability management, I possess five years of experience in services for complex applications, network systems, operating systems, system hardening, and secure configuration frameworks.
  
  Familiarity with security and risk standards, including ISO 27001-2, PCI DSS, NIST, ITIL, and COBIT, is part of my skill set. I have hands-on operational experience with vulnerability management tools such as Qualys, Tenable, and Rapid7, including the ability to architect, deploy, configure, and operate these tools. Understanding various operating systems (Windows, Unix, MacOS, etc.) and cloud concepts (secure build images, ephemeral workloads, cloud patching, etc.), along with knowledge of networking fundamentals, adds to my proficiency.
  
  I possess knowledge of general cybersecurity concepts and methods, including secure configuration management, data protection and privacy, security monitoring, incident response, governance, risk and compliance, patch management, enterprise security strategies, and architecture. Experience in driving vulnerability management reporting and providing guidance to IT teams in patching and solutions to mitigate security threats is part of my skill set.
  
  Demonstrated in-depth knowledge of concepts, best practices, and controls in various information security areas/domains, including risk management, access control, cryptography, physical security, security architecture and design, network security, application & operations security, and compliance/incident management, showcases my expertise. I understand cybersecurity frameworks such as CVSS, OWASP, the MITRE ATT&CK framework, and the software development lifecycle.
  
  Familiarity with common vulnerabilities, CVEs, and CWEs is part of my knowledge base. I am familiar with additional tools such as Qualys, Tableau, PowerBI, PowerShell scripting, Python scripting, Splunk, Confluence, or Jira, which could be advantageous for potential employers. My experience includes security compliance and vulnerability management across various cloud technologies, including AWS, Azure, GCP, and familiarity with third-party rating tools such as BitSight, Security Scorecard, and Xpanse. Additionally, I am acquainted with WAF (Web Application Firewall) or API Security platforms."

As the IT Manager at Al Taknia for Telecommunications, I assumed a pivotal role in directing and overseeing all facets of IT operations, with a particular focus on cybersecurity. With a strong team of over 30 administrative and technical professionals, I played a central role in optimizing IT infrastructure, ensuring the reliability of hardware and software, and enhancing the overall efficiency of the organization's technology ecosystem My tenure as IT Manager at Al Taknia for Telecommunications was marked by a relentless commitment to elevating IT standards, enhancing operational efficiency, and fostering innovation, with a strong emphasis on cybersecurity, ERP implementation, and effective team management. I look forward to leveraging my cybersecurity, ERP, and management expertise and experience to drive technology excellence in my future endeavors.

Key Roles and Responsibilities:

• Cybersecurity Expertise: Leveraging my extensive knowledge in cybersecurity, I implemented robust measures to safeguard our critical data and systems. I spearheaded the development and enforcement of cybersecurity policies and practices, ensuring compliance with industry standards and protecting the organization from potential threats.

IT Infrastructure Management: Oversaw the maintenance and development of critical IT infrastructure and databases, ensuring the seamless flow of information and data accessibility.

• Hardware and Software Maintenance: Spearheaded hardware and software maintenance and repair initiatives, mitigating disruptions and ensuring uninterrupted business operations.
• Preventive Maintenance: Implemented proactive measures to perform preventive maintenance on systems and software, minimizing downtime and optimizing system performance.
• Budget Oversight: Strategically set the IT budget and allocated resources for hardware and software acquisitions, aligning expenditures with organizational objectives.
• Audit and Recommendations: Conducted comprehensive audits and studies to identify opportunities for system improvements, providing actionable recommendations for enhancements.
• Reporting and Collaboration: Collaborated closely with the IT Director and Chief Executive, offering critical insights and reporting on IT performance and achievements.
• Server Management: Managed server software and established robust backup routines to safeguard critical data and ensure business continuity.
• Project Evaluation: Evaluated, tested, and provided expert advice on various I.T. related projects, offering guidance, training, and support.
• Procurement Expertise: Spearheaded the procurement of IT hardware, software, and maintenance products and services, optimizing cost-efficiency and technology investments.
• Talent Management: Assumed responsibility for the recruitment and training of new staff, nurturing a skilled and knowledgeable IT workforce.
• Documentation Mastery: Authored comprehensive documentation for ICT procedures, security protocols, and disaster recovery plans, ensuring clarity and adherence to best practices.
• Network Management: Maintained and managed the internal and hosted network infrastructure, including firewalls, servers, switches, and telephony systems, optimizing network performance and security.
• Analyzed network security and current infrastructure, assessing areas in need of improvement.
• Implemented and maintained technology and software budget.
• Communicated regularly with customers concerning data exchange and technology integration.
• Coordinated secure system access of users to various department systems and platforms.
• Managed life cycle replacement of hardware and software.
• Interacted and negotiated with vendors, outsourcers and contractors to secure products and services.
• Coordinated IT operations activities to deliver smooth flow of daily business needs.
• Managed network and system performance, conducting troubleshooting, security patching, and maintenance.
• Oversaw IT department operations and training.

• Orchestrated integration and communication of software upgrades.
• Implemented internet and intranet applications on multiple platforms.
• Detailed upcoming software upgrades and system sprints to team members.
• Integrated and updated software products to boost system compatibility.
• Network Troubleshooting: I effectively addressed connectivity issues, performed troubleshooting, and ensured seamless operations for our users.
• Infrastructure Management: I installed, configured, and maintained critical servers, backup systems, file servers, Ethernet networks, and related equipment.
• Performance Monitoring: I utilized tools like HP Procurve Manager, PRTG, and Spiceworks to monitor network performance, proactively identifying areas for improvement and future changes.
• Security Administration: I managed and administrated security solutions, including MacAfee ePO server, TrendMicro HTTP proxy, and Mail Gateway virtual Appliance, ensuring robust cybersecurity measures.
• Virus Protection: I implemented and monitored antivirus solutions on all computers, ensuring up-to-date signature files and promptly addressing any virus-related incidents.
• Patch Management: I owned and streamlined the patch management process, guaranteeing that all systems were correctly patched to mitigate vulnerabilities.
• Testing and Evaluation: I conducted simulations of potential issues, testing and evaluating solutions in a secure environment to minimize risks.

• Managed network and system performance, conducting troubleshooting, security patching, and maintenance.
• Oversaw IT department operations and training.
• Coordinated IT operations activities to deliver smooth flow of daily business needs.
• Customized and repaired technology based on staff requests.
• Understood key product management roadmap objectives and requirements to develop product technology strategy.
• Collaborated with other departments to help meet IT needs and properly integrate and secure systems.
• Implemented and maintained technology and software budget

• Provided secondary training to personnel struggling with technological tools and systems.
• Executed troubleshooting and server support in both in-person and remote situations.
• Wrote instruction manuals and technical guidance for preventive maintenance of Dell -HP- IBM.
• Monitored ongoing technical compliance with applicable laws and regulations.
• Maintained service schedule for software and hardware.
• Performed scheduled service work, installations, testing and repairs.
• Implemented and managed a large-scale, enterprise-class network featuring the latest technologies, including Cisco Triple Play (IP, VOIP, IPTV) network.
• Utilized cutting-edge Microsoft applications such as Exchange 2007 and SCCM 2007, supported by Dell servers (PowerEdge 2900, 1950, and 860).
• Part of the opening team staff during the resort's launch.
• Troubleshot, repaired, and maintained servers, network components, and desktop equipment.
• Ensured timely closure of assigned tasks and fault resolution calls within the required Service Level Agreement (SLA).
• Provided assistance and ad hoc training to users when needed.
• Implemented, operated, and troubleshooted Micros workstations, printers, and IP printers for 17 outlets within the resort.
• Played a crucial role in the network (Data, Voice, and IPTV) handover, overseeing a network consisting of 5100 endpoints.
• Implemented workstations and printers for the entire resort and created Windows images for them.
• Installed and managed Active Directory.
• Operated and troubleshooted Exchange 2007.

• Proficiency in Cisco network infrastructure and Triple Play technologies (IP, VOIP, IPTV).
• Expertise in Microsoft applications, including Exchange Server and SCCM.
• Strong troubleshooting skills for servers, network components, and desktop equipment.
• Knowledge of Micros workstations, printers, and IP printers.
• Experience with network handovers and management.
• Windows image creation and deployment.
• Active Directory administration.
• Proficient in implementing, operating, and troubleshooting Exchange Server 2007.