Mostafa Mabrouk

• Define policies and procedures that are based on risk assessments and ensure that information security is addressed through the life cycle of each organizational information system
• And ensure the Confidentiality, Integrity and Availability
• Develop new policies that aligned with the business objectives, and organization vision and mission
• Review information security policies and updated as needed
• Perform periodic assessments of risk including the magnitude of harm that could result from the unauthorized access, use disclosure, disruption, modification or destruction of information
• Subordinate plans for providing adequate information security for networks, facilities, information systems, or groups of information systems as appropriate
• Develop, maintain, and improve user security awareness program and its metrics
• Implementing security controls selected based on Information Security Management Program and control life cycle
• Periodic testing and evaluation of effectiveness of information security policies, procedures, practices, and security controls
• Develop and execute procedures for detecting, reporting and responding to security incidents
• Plans and procedures to ensure continuity of operations for organizational information systems
• Develop a Process for planning, implementing, evaluating and documenting remedial actions to address any deficiencies in the information security policies, procedures, and practices of organization
• Develop, end execute risk management system based on ISO 27001 standards (ISMS) and NIST SP800-53
• Implementation of SOC (SIEM) and continuous monitoring the events based on the criticality Matrix
• Designing and implementing strategies, budgets and Security Controls for meeting organizational requirements and growing business needs and implementing need based suitable technologies aligned with business
• Spearheading the organizational department quality assurance activities, managing the complete business cycle including need assessment, preparing IS Blueprint, Strategic Management, and delivering quality technical/Administration/Operation controls
• Accountable for developing all change management initiatives through stakeholder engagement, analysis and participation, preparing and executing readiness tests, establishing points of resistance
• Conduct penetration testing internally to evaluate the effectiveness of the implemented controls
• Managing Vulnerability Management System and do the needed prioritization to remediation plan based on the vulnerability criticality and impact of the business.
• Sourced new and emerging technologies to optimize information services.
• Controlled department budgets by sourcing cost-effective solutions.
• Recommended upgraded technologies to meet evolving business requirements.
• Negotiated cost-efficient prices with vendors for new systems and services.
• Helped develop playbooks and exercises for incident response and remediation.
• Monitored new threats, vulnerabilities and attacks and applied countermeasures to prevent intrusion.
• Assessed application and infrastructure security to find and address vulnerabilities.
• Drafted security governance policies and procedures for company assets.
• Worked with application teams in applying secure practices to software implementation.
• Recommended preventive security measures to decrease attack surfaces.

Job Description:

• Improving operational systems, processes & policies in support of organization's mission, assisting in better management reporting, information flow & management, business process and organizational planning
• Prepared all necessary supplements required to ensure proper operation of a computer environment, ensured successful completion of software development and modification projects within time and budget
• Managed assigned projects and program components to deliver services in accordance with company objectives and documenting change management for major software and infrastructure change
• Ascertained all the Critical and High Priority Incidents are addressed within SLA and sent out the Critical Alerts for such Incidents, thus driving client satisfaction through the delivery of a quality and timely service
• Enhanced infrastructure and ensuring continuous availability of licenses, file systems, support along with maintaining, and analyzing, troubleshooting and repairing server systems for large sized users.
• Managed team of IT support technicians, developing workflows and processes.
• Sourced new and emerging technologies to optimise information services.
• Recruited, trained and managed IT teams to continually meet service user needs.
• Oversaw execution of IT projects from inception to execution.
• Oversaw daily operations to achieve high productivity levels.

• High customer satisfactions results
• Implementing service desk system to manage and follow up the service requests, incidents, and problems with the customers for the pro-active monitoring
• Increasing the sales by 35%.
• Liaised with service users and business managers to meet computing requirements
• Coached junior support staff in delivering responsive, proactive technical support.
• Managed server and network implementation according to agreed deliverables.
• Assessed system performance to advise on possible updates and improvements.

• Upgrade OS system from Windows server 2000 NT to Windows Server 2003
• Upgrade Exchange server 2003 to Exchange server 2007, and then to Exchange server 2010
• Upgrade Citrix Meta frame to XenApp 4.x
• Install and configure corporate office Wi-Fi secured network
• Member of a team that migrate the whole datacenter from Jeddah to Egypt as smooth as switching on/off.
• Organized regular systems testing and maintenance to minimize breakdowns and help-desk queries.
• Improved installation and configuration procedures to maintain stable traffic and response times.
• Evaluated network performance to minimize downtime and address issues.
• Analyzed complex project server issues and worked on large enterprise and business-critical applications.
• Employed cybersecurity knowledge to establish stable connections and firewalls.
• Standardized job tasks and trained junior team members on best practices and standards for optimum systems operations.
• Investigated problems with hardware and software to trace faults.
• Promoted continuous improvement by problem-solving and sharing suggestions to optimize team operations.
• Designed digital and print materials to engage audiences.