Cyber Security Information Technology
Resume:
MOHAMED ABDEL RAOUF MOHAMED CV MARCH ****
PROFILE
Cybersecurity Consultant identify, assess, and mitigate cybersecurity risks, develop and implement security policies, procedures, and training programs. Help organizations respond to security incidents and breaches. Strong understanding of cybersecurity principles and practices, experience with variety of cybersecurity tools and technologies additionally,
OBJECTIVES
Conduct vulnerability assessment’s and penetration test to identify weakness in organizations security posture, develop and implement security policies and procedures to protect an organizations asset from cybersecurity, monitor network traffic and security logs for signs of suspicious activity, respond to security incidents and breach experience in network security and incident response. Proven ability to design, implement, and maintain security controls to protect organizations from Cyber attacks. Expertise in using a variety of cybersecurity tools and technologies, including firewalls, intrusion detection systems, and security information and event management (SIEM) systems. Seeking a challenging role in a fast-paced environment where I can use my skills and experience to help protect organizations from cyber threats. EXPERIENCE
Nov.2023 –
Present
Baker Tilly Consulting Company
Assistant Manager Information Technology Consulting Duties:
• Cybersecurity audits are crucial for organizations to assess their current security posture and identify vulnerabilities that could be exploited by attackers. The specific duties of a cybersecurity auditor can vary depending on the size and complexity of the organization, the scope of the audit, and the industry
• Define the audit objectives and scope: This involves determining what systems and data will be audited and what risks will be assessed.
• Develop an audit plan: This outlines the methodology and procedures that will be used to conduct the audit.
• Identify resources and tools: This includes selecting the appropriate personnel MOHAMED ABDEL RAOUF MOHAMED
Cyber Security & Network Expert
ISMS Consultant, Tutor, and Lead Auditor
CONTACT
Salmiya, Block 9 Helal Al Mutairi St. - Kuwait.
Zizinia compound, Al Mostakbal City, New Cairo, Cairo – Egypt.
ad4boz@r.postjobfree.com
linkedin.com/in/mohamed-abdel-raouf-aa6982a8
linkedin.com/in/mohamed-abdel-raouf-452270131
https://www.credly.com/users/mohamed-abdel-raof-mohamed-mokhtar MOHAMED ABDEL RAOUF MOHAMED CV MARCH 2024
and software tools to perform the audit.
Policy and Procedure Review:
Review security policies and procedures: This involves ensuring that the organization's policies and procedures are up-to-date, comprehensive, and appropriate for the business needs.
• Assess compliance with relevant regulations: This involves ensuring that the organization is compliant with all applicable security regulations, such as HIPAA, PCI DSS, and GDPR.
• Identify and address policy gaps: This involves identifying areas where the organization's policies and procedures are lacking and recommending improvements.
• Document audit findings: This involves writing a comprehensive report that outlines the vulnerabilities identified, the risks associated with those vulnerabilities, and recommendations for remediation.
• Prioritize remediation efforts: This involves working with the organization to prioritize the vulnerabilities that need to be addressed first.
• Monitor and track progress: This involves monitoring the organization's progress in addressing the identified vulnerabilities and tracking the effectiveness of the implemented security controls. Nov. 2021 –
October 2023
Middle East Telecommunication Company for SLA Projects Senior Cyber Security & Network Engineer, Kuwait
Duties:
• Designs, implements, maintains, and operates information system security controls and countermeasures.
• Spearheads the development and implementation of the organization's cyber security tools, ensuring alignment with business objectives and compliance requirements.
• Analysis and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance.
• Monitors network traffic and security alerts to detect and respond to potential security incidents.
• Conducts forensic investigations and root cause analysis for security breaches, providing detailed incident reports to stakeholders.
• Implements and maintains security tools, including firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
• Contributes to the creation of security policies, procedures, and guidelines to ensure compliance with industry standards and regulations.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
• Installs and configures Palo Alto Firewall & XDR, intrusion prevention system
(IPS), web filtering, mail filtering, and malware solutions.
• Conducts studies that evaluate, recommend, and implement security solutions to enhance core security capabilities in the areas of security infrastructure, access management, networking, databases, and servers. Success criteria:
• Internal Lead Auditor for towel holding 27001 ISO.
• Deploy and configure Palo Alto firewall, XDR, Fortinet firewall and Bit Defender Gravity Zone for MOI projects.
• Deploy and configure checkpoint firewall for MOH and government hospitals.
• Deploy and configure Aruba Clear pass and AP for MOD and Ministry of Awqaf.
• Deploy and configure Aruba SD Wan for PAMP.
• Deploy and configure Fortinet fire wall and Forti Switch for Ali al Ghanim BMW MOHAMED ABDEL RAOUF MOHAMED CV MARCH 2024
Jahra branch.
• Deploy and configure Forti mail and Forti sandbox for PAMA.
• Deploy and configure Fortinet Firewalls for Towell holding and its company for Kuwait, Oman, Iraq.
• Deploy and configure Fortinet firewall for AUB.
• Project Planning and Resources: Plan and manage the ISMS implementation project effectively.
• Technical Offers: Tailor technical offers to the client's specific needs.
• Gap Analysis and ISMS Training: Identify gaps in the client's current security posture and deliver ISMS training to raise awareness and knowledge.
• ISMS Documentation and Implementation: Design and establish ISMS documentation and guide the client through implementation.
• Performance Monitoring and Reporting: Monitor the ISMS performance and report to the client management team.
June 2021 – Oct.
2021
Zak Solutions for Computer systems project MOA (Ministry Of Awqaf) Information Security Specialist, Kuwait
Duties:
• Designs, implements, and maintains information system security controls and countermeasures.
• analysis and recommends security controls and procedures throughout the system lifecycle.
• Monitors information systems for security incidents and vulnerabilities and develops monitoring and visibility capabilities.
• Manages security responsibilities for various security devices.
• Creates and reviews reports on security incidents, vulnerabilities, and trends.
• Develops and maintains security policies and raises awareness of security policies and procedures.
• Performs information security assessments and audits of internal networks and systems.
• Facilitates new electronic data interchanges between other financial firms.
• Assists in the enforcement and monitoring of Compliance regulations.
• Investigates and responds to security violations.
• Defines security requirements and reviews systems to determine if they have been designed to comply with established security standards. Develops new standards as necessary.
• Analyses business needs, research, and recommends solutions.
• Establishes and manages relations with vendors and related equipment suppliers.
• Performs other related duties incidental to the work described herein.
• Responsible for driving vision and laying out roadmap for security technologies.
• Assists in the implementation of logical user access policies, standards, and guidelines that balance business requirements, risk tolerance, and the client's policies.
• Conducts risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs.
• Maintains the regulatory systems about ISMS policy (Information System Management Systems).
Success criteria:
• Detect and analyse vulnerabilities for both system and network by Nexus Vulnerability scanner and provide solution for each.
• Deploy ZTNA for Network and firewall.
June 2015 – Feb.
2021
Zak Solutions for Computer systems project COM – GPF (Government Performance Follow- up Agency)
Senior Security & Network Engineer, Kuwait
MOHAMED ABDEL RAOUF MOHAMED CV MARCH 2024
Duties:
• Designs, implements, maintains, and operates information system security controls and countermeasures.
• analysis and recommends security controls and procedures throughout the system lifecycle and business processes.
• Monitors information systems for security incidents and vulnerabilities and develops monitoring and visibility capabilities.
• Manages security responsibilities for various security devices.
• Creates and reviews reports on security incidents, vulnerabilities, and trends.
• Develops and maintains security policies and raises awareness of security policies and procedures.
• Performs information security assessments and audits of internal networks and systems.
• Assists in the enforcement and monitoring of Compliance regulations and designs and conducts training for corporate security education and awareness programs.
• Responsible for driving vision and laying out road map for security technologies.
• Develops overall strategy and implements different security technologies. Success criteria:
• Deploy and configure Fortinet firewall for main and DR site.
• Deploy and configure Forti Waf.
• Deploy and configure centralized End point protection.
• Deploy and configure Force point web proxy and DLP solutions.
• Deploy and configure Trend Micro anti-spam.
• Deploy and configure Centralized Malware bytes anti malware. Oct. 2013 – May
2015
Zak Solutions for Computer systems SLA Projects
Network Security Engineer, Kuwait
Duties:
• Designed and implemented a SIEM (Security Information and Event Management) system, enhancing real-time threat detection and incident response capabilities. Resolving the existing security issue including hardware malfunctions
• Generating and maintaining the virtual private network, firewalls, web protocols and email security decorum.
• Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA- 5050 and the PA-5260).
• implement security measures to resolve data loss vulnerabilities, mitigate risk and recommend security changes or system components as needed.
• Implement advanced Palo Alto Firewall features like URL filtering, User-ID, App- ID, Content-ID on both inbound and out bund traffic.
• implement the Global Protect VPN, IPsec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity Status reports of hardware and software products as per designated policies.
• Supervising the installation of new software’s and hardware’s
• Recommend modifications in legal, technical and regulatory areas that affect IT security.
• Monitoring of web security gateways, perimeter security, network access controls, endpoint security
• Configured, managed, monitored, and analysed IDS/IPS Signatures Attacks, Firewalls log, Systems, Applications and Security Event Log for comprehensive security monitoring and vulnerability management.
• Intrusion Prevention System (IPS)Web filtering-mail filtering, including protection against spam and Crapware Data Leak Prevention (DLP)Application Control ICAP.
MOHAMED ABDEL RAOUF MOHAMED CV MARCH 2024
• Install and configuring Symantec, McAfee Enterprise AV End Point Protection.
• Install and configure Solar Winds Network performance monitoring Switching protocols (spanning tree, CST, MISTP, PVST, RPVST+, VTP, DTP, GVRP, MAB, VLAN and private VLAN).
• L2 – L7 protocols such as Ethernet, IP, TCP, UDP, RTP, HTTP/S, FTP, SMB, etc. Feb. 2013 –
Sep. 2013
Zak Solutions for Computer systems project KOC
Network Engineer, Kuwait
Duties:
• Implements data connectivity for local area network (LAN) and wide area network (WAN) systems.
• Installing, Managing and implements data connectivity for local area network
(LAN) and wide area network (WAN) systems.
• Ensure compatibility of all communications and computer hardware/software.
• Viewed as technical SME in network analysis, design, and engineering.
• Manage network projects related to technology pilots, conversions, implementations.
• Troubleshoot the most complex network issues as level 2/3 engineering support.
• Full knowledge of the business and architecture of the network.
• Manage the installation of data communication lines, networking and security equipment.
• Ensure Network Operations notification and escalation procedures are accurately followed.
• Effectively communicate network event status and impact to management. Jan. 2010 –
Jan. 2013
Zak Solutions for Computer systems project MOE Project System Engineering
Duties:
• System Administrator for Active Directory, Exchange Server DHCP, DNS.
• Install and configure VMware, Hyper-V, and SCCM.
• Network Planning, Installation and Administration.
• Installing and configuring windows clients and Antivirus
• System Administrator for Active Directory & SQL & ISA.
• Network Monitoring, Performance & Security.
Jan. 2007 –
Dec. 2009
Zak Solutions for Computer systems project MOE
Computer engineering
Duties:
• As technical support engineer for Dell & HP Servers and computers
• Technical support for LAN and Cisco switches
• Console server, Managing Antivirus (Symantec, MacAfee, Kaspersky) software, systems, and applications to identify and correct malfunctions and other operational difficulties. Develop and conduct various training and instruction for system assist users which maximizing use of networks and computing.
• systems. Anticipate communication and networking problems and implement preventive measures.
EDUCATION
MOHAMED ABDEL RAOUF MOHAMED CV MARCH 2024
1996 - 2001 BSC in Information Systems
High Institute for specialized technological studies, Future Academy Cairo, Egypt
Certificate
Cisco Certified Network Professional Security
Cisco Networks
Cisco Certified Specialist – Network Security Fire Power Cisco Networks
Certified Information Security Manager (CISM)
ISACA
Palo Alto Certified Network Security (PCNSE)
Palo Alto Networks
Cisco Certified Specialist - Security Core
Cisco Networks
Fortinet NSE7 Network Security Architect
Fortinet
Fortinet NSE7 SD-Wan Architect
Fortinet
Information Security Management System ISO/IEC 27001:2022 Migration ISOQAR Egypt
Cloud Computing, Virtualization according to ISO 27017:2015 & ISO 27018:2019
ISOQAR Egypt
ISO/IEC 27701:2019 Security techniques
ISOQAR Egypt
Certified Ethical Hacker (CEH)
EC - COUNCIL
Risk Management training course
ISOQAR Egypt
Microsoft Azure Solution Architect Expert
Cyber Security Foundation Professional Certificate (CSFPC) CertiProf
Cisco Introduction to Cyber Security
Cisco Networks
Microsoft Azure Security Engineer Associate
Microsoft
Microsoft 365 Certified Security Administrator Associate Microsoft
Microsoft 365 Certified Enterprise Administrator Expert Microsoft
Microsoft Azure Administrator Associate
Microsoft
Cyber security engineer ITI
ITI
Project Management Professional (PMP)®
PMI
Cisco Certified Specialist – Enterprise Core.
MOHAMED ABDEL RAOUF MOHAMED CV MARCH 2024
Cisco Networks
Fortinet NSE 1 - Corporate Overview - Threat Landscape and Network Security - Next Generation Firewall - Management and Analytics - Data Center Firewall – Wireless Concepts
Fortinet
Fortinet NSE 2 – Data Center Application Security Solution- Secure Access Solution – Palo Alto Networks Competitive Training Fortinet
Fortinet NSE 3 – FortiGate Firewall Entry-Level Products - FortiGate Firewall Chassis Product – Forti Mail – FortiDDos – Wireless Infrastructure Products valid
Fortinet
Fortinet NSE7 Enterprise Firewall
Fortinet
GDPR and DPA Training Course
TQCSI Egypt
IT service Management system ISO/IEC 20000-1 and ITIL Awareness training course
MQA certification UK
Information Security Management System ISO/IEC 27001:2013 Lead Auditor Course (Exemplar Global Accredited Course).
John L. Bates, Australia
Information Security Management System ISO/IEC 27001:2013 Implementation.
TQCSI Egypt
Microsoft certified system Engineer Cloud Platform and Infrastructure Microsoft
Cisco Certified Specialist - Enterprise Advanced Infrastructure Implementation.
Cisco Networks
Cisco Certified Network Professional Enterprise (CCNP). Cisco Networks
Cisco Certified Network Associate (CCNA).
Cisco Networks
Microsoft Certified Solution Expert
Microsoft
Microsoft Certified Solution Associate
Microsoft
Microsoft Certified Professional
Microsoft
Symantec Technical Specialist.
Symantec
McAfee Certified Product Specialist (MCPS).
McAfee
ISMS ISO 27001:2013 Internal auditor
TQCSI Egypt
Microsoft certified system Engineer (MCSE) 2012
Microsoft
Microsoft Certified Technology Specialist (MCTS)
Microsoft
SKILLS
MOHAMED ABDEL RAOUF MOHAMED CV MARCH 2024
Technical Skills Language Skills
Threat Intelligence Analysis Arabic Language (Native) Network Security English Language (Speaking) Incident Response & Investigation. English Language (Reading) Security Operations. English Language (Writing) Risk Assessment and Management Leadership Skills Identity and Access Management. Communication Encryption and Cryptography. Strategic thinking Cloud Security (Azure). Creativity
Compliance Management Positivity
Project Management Flexibility
Conflict resolution
Contact this candidate