Information Security Manager
Resume:
Tariq Al-Bugaey
Dammam, Saudi Arabia
Mobile: +966-********* E-mail: ******-****@*******.***
PROFILE – Cyber Security Director
Senior entrepreneurial executive with more than (25) years of experience with (5) years in managing regional and local sales, marketing, operations, personnel, training institutes, as well as (20) years in IT departmental management, project management, consultancy, and executive background in security, operations, troubleshooting, networking for both start-up and established Oil and Gas, Shipment, and Educational industries.
Major World Accomplishments:
1. Certified by King Fahd University for Petroleum and Minerals in 1994 to have Singly built the World First IT Complete, Modern, and Security-Based infrastructure.
2. Former Aramco Cyber Security Consultant form 12.5 years, in which Aramco is the biggest company in the world. 3. Built the world's most complete Cyber Security Database of tools in 2013, in which I have built and composed over 1,500+ Cyber Security (Remote) scanning tools bundled into one interface which can be accessed with one mouse click and requires NO installation, configuration or setup
4. Nominated in 2014 as the CEO of Petronas, which has 48,000+ Employees and a total asset of US$135.63 billion. Cyber Security IT Role (World-Class) Project Management Business Development Training and Development Sales and Marketing C-Level Executive SKILL SUMMARY
Strategic Planning
Organizational Development
Budget Development &
Management
Contract Negotiations &
Management
Process Improvements & Best
Practices
Infrastructure Design &
Implementation
Project Management
Continuous Improvement
Cost Containment
System Architectures
Large Scale
Migration/Deployments
Structured Methodologies
Data Center Management
Change Management
Risk Management
Vulnerability Management
TECHNICAL SUMMARY – IT, Examples but not limited to
Databases such as SQL
Web Services such as IIS
Antivirus systems such as McAfee's ePO
Deployment systems such as SCCM
Security Log systems such as SCOM
Vulnerability systems such as MVM
Windows Network Infrastructure, such as (Active Directory)
Network Hardening solutions, such GPO
Extending security to portals, extranet and website threats
LAN and WAN Network Coverage in:
Firewalls, Whitelisting, Hardening
SSL, VPN, TCP/IP, DNS, DHCP, SMTP, SNMP
EDUCATION
Bachelor’s Degree in Computer Engineering (1998)
King Fahad for Petroleum and Minerals University, Saudi Arabia PROFESSIONAL EXPERIENCE – (20) Years of Information Technology Technical Career Cyber Security Technical Experience Discussed in Pages (3 & 4) King Fahad for Petroleum and Minerals, Dhahran
IT Supervisor Assistant – (November 1993 – February 2000)
Building, Operating, Maintaining, Upgrading, Securing all University PC Labs to support the IT teaching environment for all Collages.
Achievements:
Innovated the WORLD first Modern and Complete IT infrastructure in 1994, where my IT systems operated for 2 years to support the teaching environment of 5,000+ students and have been operating for over 1,000+ computers. The major IT systems covered in my IT infrastructure in 1994 are:
Client/Based Operating System, with modern security authentication and privileges.
Designed to be operated remotely.
Built-in Intelligent Anti-Hacking system, which requires no additional security such as antiviruses, firewalls, etc..
Built-in Intelligent Disaster Recovery system, that requires no human interaction to troubleshoot.
iCloud based system.
Globe Marine Services, Dammam
IT Manager – (February 2000 – March 2001)
Built an IT Center for the company to support branches across the kingdom
Installed, operated, maintained, and upgraded all franchise Shipment worldwide IT Systems SAUDI ARAMCO, Dhahran
IT Consultant – (April 2001 – July 2013)
Consulting in building the entire IT Center of Saudi Aramco locally and worldwide, where the IT Center is composed of Departments, the Departments are composed of Divisions, the Divisions are composed of Sections, and the Sections are composed of Groups.
Building, Migrating, Securing, Operating, and Innovating Automated Protection Solutions for the following infrastructure:
58,000+ workstations. 75,000+ email and user accounts.
3,500+ servers. Network span from America to the Philippines.
1,500+ sub-networks (Routers/Switches).
Achievements:
Innovated:
FIRST Security Vulnerability System Mar 2001 – Sep 2011
FIRST Windows Security Patching System Jun 2001 – Aug 2007
FIRST Antivirus Updating System Mar 2001 – Jun 2004
The WORLD Powerful Encyclopaedia-Like Security
Database of (1,500+ Tools) Jun 2004 - Aug 2012
PROFESSIONAL EXPERIENCE – (5) Years of Information Technology Training Career New Horizons (Al-Khaleej for Training & Education), Khobar Institute Manager – (March 2015 – March 2017)
Training IT, English, Health & Safety, and Management Courses for both corporate and consumer. Achievements:
Achieved a revenue of SAR 17+ Million for the Corporate Branch in Khobar, with a profit range of %10+.
Achieved a revenue of SAR 3+ Million for the Consumer Branch in Dammam, with a profit range of %5+.
Trained 500+ Summer Training students in each year of 2015 and 2016. Alamiah for Education & Training, Dammam
Regional Manager for Company Institutes – (March 2017 – March 2018)
Training IT, English, Health & Safety, and Management Courses for both corporate and consumer. Achievements:
Achieved a revenue of SAR 1.5+ Million for the Corporate Branch in Khobar, with a profit range of %10+.
Trained 500+ Summer Training students in the year 2018. MindMerge Training, Khobar
General Manager for Company Institutes – (March 2018 – December 2018)
Established the IT and English training institutes.
Training IT, English, Health & Safety, and Management Courses for both corporate and consumer.
Elevated the training facility from a Center to an Institute. Saudi Global & Harvest English Training, Dhahran
Institute Manager for Both Company Institutes – (November 2018 – October 2019)
Established the IT and English training institutes.
Training IT, English, Health & Safety, and Management Courses for both corporate and consumer. CERTIFICATES
Microsoft Certified Systems Engineer, 2001
World Innovation Certificate for the First Modern and Complete IT Infrastructure, 1999.
TVTC Certified Institute Manager in 2015, 2016, 2017, 2018.
Ministry of Education Certified Institute Manager in 2015, 2016, 2017, 2018, 2019. PERSONAL DETAILS
Nationality: Saudi, Date of Birth: 12/19/1971 Marital Status: Married Technical Experience (1/2) – Cyber Security
Develop, Maintain, Enhance and Implement:
1) Strategic enterprise IT security and risk management program to ensure that the integrity, confidentiality and availability of information.
2) Information security related policies, standards and procedures. 3) Information security budget.
4) Information Security Framework based on the IT infrastructure design and systems.
Create, Manage, Communicate and Execute:
1) A risk-based process for vendor risk management, including the assessment and treatment for risks that may result from service providers.
2) Information security and risk management awareness training programs for all employees, contractors and approved system users.
3) Frameworks for roles and responsibilities to information ownership, classification, accountability and protection.
4) Unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations. 5) Information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance management and annual performance reviews. 6) Security incidents and events to protect IT assets, including intellectual property, and business data. 7) relevant threat intelligence feeds and monitor the external threat environment for emerging threats. Advise relevant stakeholders on the appropriate courses of action.
Liaise with:
1) External agencies, such as law enforcement and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture.
2) The solution architecture and planning and design team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures. 3) The information security team and enterprise compliance, audit, legal and HR management teams as required. 4) Directly with the departments and divisions to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk. 5) the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas.
Coordinate with:
1) the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources. 2) Information security and risk management projects with resources from the IT organization and business unit teams.
Provide:
1) Regular reporting on the current status of the information security program to the enterprise risk team, senior executives and C-Level management as well.
2) Strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Technical Experience (2/2) – Cyber Security
Others:
1) Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings, by enforcing internal auditing. 2) Oversee and refine effective disaster recovery policies and standards to align with enterprise business continuity management program goals, by enforcing dictator recovery drills. 3) Coordinate the development of implementation plans and procedures to ensure that business-critical services continuity are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas, by enforcing backup redundant technologies. 4) Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including, but not limited to, privacy, risk management, compliance and business continuity management, by enforcing 24/7 vulnerability assessment tools.
Contact this candidate