A LA D D IN TA Y S IR DA N DI S

PERSONAL INFORMATION Nationality: Jordanian Gender: Male Date of Birth: 11th, Jan, 1977 City of Birth: Cairo Status: Married Others: Non-Smoker CONTACT INFORMATION Address: Amman Jordan PO Box 140806 Amman 11814 Mobile +962788702610; +962796403522 Email: adtdandis@gmail.com Linkedin: http://www.linkedin.com/in/dandis Twitter: @dandis OBJECTIVES Leading position in Information Security and Privacy Governance, Management, Architecture, Engineering, Audit or Consultation, in Public or Private sectors Deep knowledge and wide experience and practice in Information Security and Privacy. EXPERIENCE Since June 2007 till now: Information Security Compliance Officer, Jordan E-Government Program, Ministry of Information and Communications Technology (MoICT), Amman, Jordan Before June 2007: Teacher of Physics and Science at various schools SKILLS Training Skills Team worker Technical writing Strategic planning Typing in English and Arabic PROFESSIONAL MEMBERSHIP Association of Computer Machinery (ACM) (No. 7646819) PROFESSIONAL CERTIFICATIONS Certified Information Security Manager (CISM) (No. 1220108) TOGAF 9 Foundation ACADEMIC CERTIFICATES MSc Computer Based Information Systems, 2006, University of Sunderland, Yarmouk University Office, Amman, Jordan BSc Physics, 1998, Yarmouk University, Irbid, Jordan MSC PROJECT

Title : Applying Security and Privacy Considerations on an Online Information System for Arqam Private School Achievement: Developing light model for Identity and Access Management and Data Privacy called Concurrent Distributed Authentication Model (CDAM)

ATTENDED TRAINING COURSES AND WORKSHOPS Deploying and Managing Public Key Infrastructure (May 2012), STS, Amman Jordan TOGAF 9.1 Foundation and Practitioner Track (Feb 2013), Jodayn, Amman, Jordan MS Project 2010, Managing Projects (Jan 2013), Optimiza, Amman, Jordan Encryption and PKI Workshop (Dec 2012), TRC, Amman, Jordan Cyber Security Drill (Jul 2012), ITU-IMPACT-MoICT, Amman, Jordan E-Authentication Workshop (Jun 2012), TRC, Amman, Jordan E-Government for Leaders SI Workshop (April, 2010), National Information Society Agency, Seoul, South Korea Advanced PETRA Air Conditioning Workshop (April, 2010), PETRA Inc., Sahab, Jordan Certified Ethical Hacker (CEH V6.0 and V6.1) (June 2009), New Horizon, Amman, Jordan Optimizing the Migration to NGN (Aug 2008), ITU, Amman, Jordan Certified Information Systems Auditor (CISA) (Jun, 2008) ESTA, Amman, Jordan PHP 5 Programming (Jan, 2008) MyTekPlus, Amman, Jordan RedHat Linux 9 System Administration (Dec, 2003) ITUniversity, Amman, Jordan RedHat Linux 9 Basics (Nov, 2003) ITUniversity, Amman, Jordan LANGUAGES Arabic language (Native Language- Excellent) English language (Very Good) CONFERENCES Speaker and Panelist in First The Exploratory Seminar on E-Signatures by EU, Amman 11th -12th Nov 2013, Title: Jordan National PKI Speaker in Secure E-Transactions Forum, Amman, 28-29 Oct 2013, Title: Protecting Customers and Building Trust Attributes in E-Transactions Speaker in Secure E-Transactions Forum, Amman, 28-29 Oct 2013, Title: Tutorial on PKI, Digital Signature and Encryption Speaker in Cyber Crime Forum, Amman, 27-28 May 2013, Title: Cyber Crime Practical Workshop Speaker in 2nd E-Transactions Forum, Amman, 18-19 Sep 2012, Title: Building Trust Attributes in E-Transactions Speaker in 2nd E-Transactions Forum, Amman, 18-19 Sep 2012, Title: Tutorial on PKI, Digital Signature and Encryption Speaker in 2nd Information Systems Security Forum, Amman, 10-11 Apr 2012, Title: The Importance of Information Systems Security in Accelerated Technology Development Speaker in 2nd Information Systems Security Forum, Amman, 10-11 Apr 2012, Title: Critical Trends in Application Security Speaker in Security and Safety in the Cyber Space, Amman, 21-23 Nov 2011, Title: Jordan EGovernment Security and Privacy of Information, eServices and Systems Speaker in e-Transactions Forum: Status & Challenges, Amman, 18-19 Oct 2011, Title: Trust, Privacy, Security, Authentication and Non-Repudiation in E-Transactions Speaker and Panelist of Jordan E-Government Program in Second International Electronic Certification Conference (SICE2011), Algeria 28-30 June 2011, Title: Concurrent Distributed Authentication Model (CDAM) Speaker in Information Systems Security Forum, Amman, 23-24 May 2011, Title: The Importance of Information Systems Security Amid Risks Posed by Accelerated Technology Development

Speaker of Jordan e-Government Program in the workshop Internet Law and Legal eTransactions, Amman, 18-20 August 2008, Title: Security Considerations in e-Transactions Law Speaker of Jordan e-Government Program in 4th committee for Information and Communications Security, Damascus, 1-2 July 2008, Title: Jordan Experience in Information Security Representative of Jordan e-Government Program in Cardex 2008, Cairo, 25-27 May 2008

BLOGS AND ESSAYS Information Security

National Critical Infrastructure (In Arabic), http://www.infosecacademy.blogspot.com, 2010 Enhancing National Internet Security, http://www.infosecacademy.blogspot.com, 2008 Top Ten Laws of Security, http://www.infosecacademy.blogspot.com, 2008 Web 2.0, Information Security and Privacy, http://www.infosecacademy.blogspot.com, 2008 Smart Card Technology: Evaluation Approach, with cooperation with Tariq Hamoury, in Wikipedia, 2007

and

PROVIDED TRAINING COURSES CISA Training Course, GCE, Amman, Jordan, Dec 2013 (25 Hrs) IT Audit Practical Course, Al-Taysir Consulting, Amman, Jordan, Aug-Sep 2013 (40 Hrs) CISA Training Course, Al-Taysir Consulting, Amman, Jordan, Sep 2013 (40 Hrs) IT Audit Practical Course, Al-Taysir Consulting, Amman, Jordan, June-July 2013 (40 Hrs) CISA Training Course, Al-Taysir Consulting, Amman, Jordan, June 2013 (40 Hrs) CISA Training Course, GCE, Amman, Jordan, Apr 2013 (25 Hrs) CISSP Training Course, GCE, Amman, Jordan, Mar 2013 (30 Hrs) Fraudulent Techniques for Penetrating Banks and Proactive Actions, GCE, Amman, Jordan, (Feb 2013) (30 Hrs) CISSP Training Course, GCE, Amman, Jordan, Jan 2013 (35 Hrs) CISA Training Course, GCE, Amman, Jordan, Nov 2012 (25 Hrs) CISA Training Course, GCE, Amman, Jordan, Jul 2012 (25 Hrs) Information Security Governance (Jul 2012), MoF, Amman, Jordan (15 Hrs) Information Security Governance (Jul 2012), ExectuTrain Yemen, Sanaa, Yemen (35 Hrs) CISA Training Course, GCE, Amman, Jordan, June 2012 (25 Hrs) Business Continuity and Disaster Recovery, ExectuTrain Yemen, Sanaa, Yemen, Dec 2011 (70 Hrs) CISSP Training Course, Knowledge Arabia, Amman, Jordan, May 2011 (36 Hrs) CISM Training Course (2 Groups), MoICT, Amman, Jordan, April 2011 (40 Hrs) CISA Training Course, AEC Inc., Beirut, Lebanon, April 2011 (18 Hrs) CISA Training Course, Pioneers Inc., Amman, Jordan, March 2011 (20 Hrs) CISA Training Course, Knowledge Arabia Inc., Amman, Jordan, February 2011 (25 Hrs) CISSP Training Course, Knowledge Arabia Inc., Amman, Jordan, February 2011 (32 Hrs) CISA Training Course, Knowledge Arabia Inc., Amman, Jordan, January 2011 (28 Hrs) CISA Training Course, ExectuTrain Yemen, Sanaa, Yemen, June 2010 (35 Hrs) Information Security Governance, Knowledge Arabia Inc., Amman, August 2009 (20 Hrs) Information Security: General Introduction, with Eng. Ayman Ghannoum, Amman Commerce Chamber, Amman, Jordan, April 2009 (15 Hrs) Train The Trainers in Information Security for Information Security Officers in the Government of Jordan (135 Officers in 9 Groups), as part of InfoSec Team in Jordan E-Government Program, MoICT, Amman, Jordan , November 2007 October 2008 (81 Hrs) INTERESTS AND RESEARCH Identity and Access Management.

Information Security and Privacy and Transparency Governance, including Strategies, Policies, Architecture, Standards, Procedures and Guidelines Legal framework for Information Security and Privacy BCP, DRP, SOC, SIEM and CERT Information Security Awareness

COMPUTER SKILLS BackTrack Knowledge of Microsoft Windows (XP/2003/7/2008), Internet and Office. ACHIEVMENTS Participating development of a number of National InfoSec Projects, such as: o National Information Security Policies: 2007, 2013 o E-Government Operations Center Security Policies: 2013 o Security Consultancy Forms: 2013 o Vulnerability Management Solution Project: 2013 o E-Government Business Continuity and Disaster Recovery Consultancy Project: 2013 o Security Guidelines for National Ecommerce Strategy: 2010 and 2013 o Information Security Incident Management Processes: 2013 o Information Security Metrics: 2013 o National CERT Implementation Plan: 2012 o National PKI for Government of Jordan: 2011 (in progress) o National Information Assurance and Cyber Security Strategy: 2011 o NITC Privacy Policy: 2011 o Draft National Information Security Strategy: 2010 o National CERT Strategy: 2009 o Draft National Business Continuity Strategy: 2008 o National Information Security Awareness Program for Government of Jordan: 2007 Participating development of legal framework for information security and privacy, including: o Provisioning of Data Protection Act: 2008, 2013 o Amendments for eTransactions Law: 2010, 2013 o Provisioning of Draft Certification Authorities Licensing and Accreditation Bylaw: 2010- 2013 o Provisioning of Handling eMedicine Record Instructions for Ministry of Health: 2012 Participating Security Testing (Vulnerability Assessment and Penetration Testing) for EServices provided under Jordan E-Government, such as: o E-Payment Gateway: 2009 o E-Government Portal: 2009 o E-Borders: 2012 o MoICT Website: 2012 Providing Security Requirements for a number of Projects for E-Government such as: o E-Government Portal Enhancement (Phase 2): 2013 o Directorate of Borders and Residency E-Services: 2012 o Secure Government Network (SGN IV): 2011 o E-Government Portal Enhancement (Phase 1): 2008 o Secure Government Network (SGN III): 2007 Providing Security Requirements for a number of RFPs in different Government entities such as: o Elections Cards and Systems for Independent Elections Commission (IEC): 2012 o Elections System for Ministry of Interior (MoI): 2012 o E-Commerce Portal for Jordan Enterprise Development Corporation (JEDCO): 2011 o ERP system for Ombudsman Bureau: 2011 Participating envisioning number of initiatives and research regarding InfoSec, such as: o National Security Operations Center (NSOC): 2009 o National IDM in Jordan: 2008

REFERENCES Ready upon request