Maged Youssef

****-* ****** ***** *****, Brampton, ON L6T 4N5 647-***-**** ac0eop@r.postjobfree.com

OBJECTIVE

To obtain a position in information technology

HIGHLIGHTS OF QUALIFICATIONS

Over 10 years’ experience in information technology with specialization in information security, GRC, IT audit, systems administration and technical support

Experienced in Business Process Re-engineering (BPR) as well as corporate administration development, operations, supply chain and warehousing

Conducted business impact analysis, risk assessment and gap analysis

Skilled in Computer Assisted Audit Technique (CAAT) software packages GAS and ACL

Computer skills in MS Word, Excel, PowerPoint, Visio, Outlook and business applications such as ERP and QuickBooks

Excellent analytical, organizational and problem solving skills

TECHNOLOGIES SUMMARY

Operating Systems : Microsoft Windows Server (2012, 2008R2, 2008, 2003R2, 2003, 2000, NT4)

Mail Servers : Microsoft Exchange (2003, 2007, 2010 and 2013)

Server Hardware : HP ProLiant (DL, ML and Blade Systems), Dell Servers and Dell Blade Systems

Networking : TCP/IP, LAN, WAN, NFS, FTP, DNS, DHCP, HTTP

Anti-Virus : Symantec, McAfee ePO, and ESET Smart Security

Network Products : Cisco switches, routers, firewalls and Dell sonic wall

ERP : JDEdwards

SIEM Management : ArcSight, QRadar

GRC : SOX, NIST, PCI-DSS, Basel II, COBIT5, ITIL, ISO

WORK EXPERIENCE

Operations Project Manager 06/2016 – current

TELoIP INC, Mississauga, ON, Canada (www.teloip.com)

Responsible for planning all operations projects, including budget, resources, managing risks,

Work with the CTO and operations director to verify the scope of each project and to set the schedule and milestone for each one

Responsible for documenting all operations processes and procedures

Ensure that all projects are delivered on-time and within the defined scope and budget and any major changes are followed the change management processes

Report weekly to the CTO the project status report

Create and maintain comprehensive project documentation

Develop innovative approaches to completing work, and effectively resolve problems and issues within the project’s mandate

Resolve project specific issues and challenges in a timely manner

Ensure organizational policies and procedures are adhered to

Information Security Manager 06/2015 – 03/2016

M&Z Technology, Dubai, UAE (www.mnztechnology.com)

Managed information security projects for government and private corporations

Project: PCI-DSS Compliance for Abu Dhabi Islamic Bank (www.adib.ae)

Ensured policies, procedures and documentation were PCI-DSS compliant to maintain PCI certification

Project: IT Audit for Health Care Institute (www.57357.com)

Reviewed management controls of IT Department including systems and applications, information processing facilities, systems development, and client/server, telecommunications, intranets, and extranets

Project: IT Risk & Vulnerability Assessment for Financial Service Institute (www.naeemholding.com)

Conducted IT risk assessment and managed cyber security team

Maged Youssef Page 2 of 3

Information Security Manager 09/2013 – 06/2015

ASDC, Hurghada, Egypt (www.somabay.com)

Ensured CIA of ASDC assets physically and logically

Evaluated design, implementation and monitoring of data classification processes and procedures for alignment with ASDC policies, standards, procedures and applicable external requirements

Conducted annual BIA and annual quantitative and qualitative risk assessment (or when needed)

Reviewed ASDC policies and procedures annually including those for architecture, VPN, security, disaster recovery, guidelines, procurements and service provision

Ensured access permission was assigned on need-to-know basis with least privilege

Developed business cases to support investments in information security

Conducted awareness session for all employees on risks and security in order implement risk culture

Met with all stakeholder assigned to new projects to assess project risks

Worked with CSIRT to perform vulnerability and penetration test of ASDC assets

Performed daily monitoring of network security including patch management, anti-virus, Windows security, password violation and VPN

Evaluated processes and procedures used to store, retrieve, transport and dispose of information assets such as backup media, offsite storage, hard copy, print data and softcopy media to determine whether information assets were adequately safeguarded

Analyzed and quantified various types of continuity risks

Engaged business units in business impact analysis workshops to identify critical business resources and dependencies, determined recovery objectives and established specific requirements for BCP planning

Led business areas through identification and evaluation of strategy options to be pursued in facilitating recovery of critical business functions

Developed, scheduled and conducted business continuity program tests in accordance with preparedness targets in collaboration with business areas

Established, monitored, evaluated and reported KGI, KPI, KRI metrics to provide management with accurate information regarding effectiveness of information security strategy

Implemented process to guide business areas in updating business continuity plans and procedures on basis of change events that impact critical business functions, as well as lessons learned from business continuity testing to meet required RTO and RPO

Monitored ArcSight for anomalous behaviour

IT Audit Manager 01/2011 – 08/2013

ASDC, Hurghada, Egypt (www.somabay.com)

Planned and executed audits in accordance with established standards and within prescribed time, budget and scope parameters

Conducted assessments of IT risks and controls, including general IT controls and automated controls embedded within information systems

Prepared summaries and reports of tests performed, identifying and ranking risk issues

Maintained control calendar of IPS, anti-virus, Microsoft licenses and digital certificates

Reviewed all contracts and SLA to ensure all vendors and ISPs complied with ASDC policies

Ensured SoD for all critical processes

Designed and developed audit plans based on ASDC audit risk based approach

Reviewed audit work completed and prepare audit finding grids and audit reports

Information Security Analyst 01/2007 – 12/2010

ASDC, Hurghada, Egypt (www.somabay.com)

Conducted BIA to determine critical processes and resources

Monitored Cisco routers, switches, firewall, ISA server, IPS and remote VPN

Evaluated processes and procedures used to store, retrieve, transport and dispose of information assets to determine whether information assets were adequately safeguarded

Managed and monitored all computer security

Supported ASDC intranet and DMZ

Established effective relationships with technology partners and program/project managers in multiple businesses

Provided backup support for disaster recovery

Developed business cases to support investments in information security

Reviewed policies and procedures regularly and recommended changes aligned with mission and goals

Maged Youssef Page 3 of 3

System Administrator and Technical Support 01/2001 – 12/2006

ASDC, Hurghada, Egypt (www.somabay.com)

Maintained Active Directory (AD) and Exchange server, inventory of hardware and software products

Monitored and maintained server backups

Maintained Windows Servers (NT/2000/2003), inventory of hardware and software products, as well as more than 200 PCs and 10 Servers (DNS,WSUS, DHCP, Send Mail and FTP, exchange servers)

Designed and implemented company VPN to connect head office and branches

Administrated Microsoft SQL Server 2000

Assisted with on-site and remote technical support; supported users with daily issues

Installed, configured and maintained scanners, tape backups, printers and switches

Repaired desktop PCs including IBM, HP, Compaq, Dell, Copiers, Faxes, Monitors

CERTIFICATIONS

Certified information System Auditor (CISA) 2016

Certified Information Security Manager (CISM) 2015

Control Objectives for Information and Related Technology (COBIT5) 2014

Certified in Risk and Information Systems Control (CRISC) 2014

Certified Sonic Wall Security Administrator (CSSA) 2014

Information Technology Infrastructure Library (ITIL V3) 2014

Certified Ethical Hacking (CEH) 2013

Certified Cisco Firewall Specialist 2009

Certified Cisco Network Association 2008

Micro Soft Certified Professional (MCP) 2003

TRAINING

Business Continuity Management (BLC2000) 2015

ISO 27001 Information Security Lead Auditor 2014

Project Management Professional (PMP) 2012

Certified Information Systems Security Professional (CISSP) 2011

MS Exchange Server 2007 2009

COMPTIA Security+ & Network+ 2008

Microsoft Certified System Engineer (MCSE) Windows 2003 2004

Microsoft Certified System Engineer (MCSE) Windows NT 2001

EDUCATION

Bachelor of Science in Engineering, Benha University 1996

MEMBERSHIP

ISACA Toronto Chapter Ongoing

ISC Toronto Chapter Ongoing

PMI Toronto Chapter Ongoing

Contact this candidate