MUHAMMAD KHALID

P. O. Box 90703, Dubai, U.A.E Tel: 056-6010817 - mksalah@yahoo.com

SUMMARY

Over 17 years of experience in IT with 9+ years in IT Security, Audit and Compliance Management. Having hands on experience in all major areas from Development and Training to Networking and Security assures capabilities vertically and horizontally in Network Security Audit, Risk Assessment, Compliance Design and Implementation. Able to analyze requirements, optimize business process and design implementation plan. Have Excellent presentation skills. Fluently speak English, and Arabic Language.

EXPERIENCE DETAILS
Mar 2009 to date

U.A.E
EMIRATES POST GROUP, DUBAI

Information Systems & Security Auditor

Responsibility include Information Technology Security & Audit of five companies of the group. Achievements: Developed and implemented Information Systems Audit Charter, Risk based Audit policy, Risk Assessment procedure and Compliance architecture. Analyzed and Monitored KPIs and SLAs. Implemented Information Security Management infrastructure based on ISO 27001:2005 ITIL processes to standardize business operations. Conducted Penetration Tests, Vulnerability Assessments and Business Process Analysis to provide Information Systems Risk Assessment and Mitigating techniques Analyzed IT Projects and Tenders to ensure business feasibility from planning to implementation

June 2007 Feb 2009

Networks & Systems Security Specialist

EMIRATES POST, DUBAI

Responsibilities included managing the governance, compliance and security audit of the Network Operation Center. Achievements: Successful implementation of ISO 27001 Security Certification project. Development of Information Security Audit procedures, policies and standards. Managed and implemented Secure Network Architecture and Re-Design of Data Center, Major Network Systems, Servers & Security Appliances. Analyzed Vulnerabilities & Security Risks with current Application Systems. Developed and Implemented Change Management Process. Managed Network and Application Servers Availability. Implemented Network and Performance monitoring solution using CA eHealth and Spectrum. Planning and Migration of Leased & ISDN Circuits to IP-VPN. Implementation of BMC Remedy Incident Management System. ITIL v3 implementation and business process redesigning.

May 1997 June 2007 10 Years

Senior IT Security Engineer

Managed following projects:

PRIVATE DEPARTMENT OF SHEIKH ZAYED BIN SULTAN AL NAHYAN

Responsibilities included managing the governance, compliance and security aspects of the Datacenter Operations. Achievements: Designed Security and Auditing procedures and managed compliance. Analyzed Vulnerabilities & Security Risks with current Application Systems. Managed & Implemented Business Continuity Project. Managed Information Technology aspects in athletic events organized by DPA. Audited IT infrastructure and Systems in collaboration with external auditors. Managed Department Internet and Intranet application projects. ISMS Implementation at 9 Sites & Head office

EXPERIENCE DETAILS
October 1993 Aug 1997 3 Years 10 Months

U.A.E

Technical Support & Software Development Officer

ADNOC FOD

Duties include : Systems Development : In ORACLE : Lubes Standard Costing Quality Control System Visual Basic : Dispatch Operations Management with back-end data on ORACLE. MS Access Arabic: Training Management System in Arabic. Lotus Notes : Developed TechSupport/Help Desk Database with work flow. In-House Staff Training : Prepared & Conducted Training for In-house developed systems as : Introduction to Computers, Spreadsheets, Networking, Presentation etc. Sales System, Payables Lubes Blending & QC Systems, Inventory Control, Maintenance. Lubes Costing Systems Technical Support :. Duties included: Network Support (Novell Netware & Windows NT): Diagnosing Netware & MS Network related issues with both client & server sides. Software Support: Provided support for MS Office .products & well as Lotus Notes System Optimization: Periodically performed System Optimization tasks assuring optimal performance of over 200 PCs company wide. Designed system to Pole client information like SMS server. Rectified Hardware related issues Preventive Maintenance: Devised procedures to prevent HW/SW malfunctions

UNITED STATES
March 1990 August 1991

Computer Programmer / PIONEERING SERVICES CORPORATION, Systems Operator BOSTON, MA Designed several applications to accommodate daily business needs. 1 Year 6 Months Used standard structured programming techniques to develop & maintain programs. Maintained networks of Mini Computers & PCs, resolved line failures. Kept inventory of computer parts. EDUCATION Wentworth Institute of Technology, Boston, MA, USA. Bachelor of Science in Computer Science, High Honors, Grade Point Average 3.7 out of 4.0 system. Honorary Deans list CERTIFICATIONS IRCA Certified Information Security Management Systems Lead Auditor ISO 27001 (Achieved Internal Auditor Status ) ISACA: CISA - Certified Information Systems Auditor ITIL : IT Service Management Foundation Cisco : Cisco Certified Security Professional (CCSP) Information Systems Security (INFOSEC) Professional Cisco Qualified Specialist - Cisco IDS,PIX,VPN Specialist Cisco Certified Network Professional (CCNP Routing & Switching) Cisco Certified Network Associate (CCNA) Microsoft : Microsoft Certified Systems Engineer (MCSE + Messaging) CIW : Certified Internet Webmaster (CIW) Master Administrator TRAININGS Cisco Certified Network Professional (CCNP) Cisco Certified Internetwork Expert (CCIE Routing and Switching) SGS-UK Information Security Management Systems Lead Auditor Achieving ISO27001 Certification: Designing framework for organizations to comply with the Security Standards & Requirements of ISO 27001 Certification Cutting Edge Hacking and Defense Certified Information Systems Security Specialist Certified Licensed Penetration Testing Specialist

REFERENCE References are available upon request.