Insaf Abdelbagi Hussain Mohamed

,

• Audit and Reporting: Conducted in-depth audits of IT processes and systems, focusing on areas such as data security, access controls, and system configurations. Generated comprehensive audit reports, identifying vulnerabilities and recommending technical fixes that improved system security and compliance.
• Internal Control Assessment: Performed detailed assessments of internal IT controls, including network security protocols, data encryption methods, and access management systems. Implemented enhanced controls, such as multi-factor authentication and automated monitoring tools.
• Risk Management: Led the risk management process by analyzing IT infrastructure risks, such as hardware failures, cyber threats, and software vulnerabilities. Developed risk mitigation plans, including regular system backups, patch management schedules, and incident response protocols, ensuring minimal impact on IT services.
• Policy and Procedure Development: Developed clear and comprehensive IT policies and procedures, covering areas like data privacy, change management, and disaster recovery. Ensured these policies were aligned with international standards and integrated into the daily operations of the IT department.
• Framework Implementation: Successfully implemented ITSMS and governance frameworks by setting up structured processes for change management, incident response, and service level management. This involved deploying ITSM tools, automating workflows, and creating dashboards for real-time monitoring and reporting.
• Compliance with International Standards: Ensured that IT systems and processes met rigorous international standards by conducting regular gap analyses, updating IT documentation, and training staff on compliance requirements. Maintained consistent compliance during external audits, achieving certifications with no major issues.
• KPI Management: Designed and tracked Key Performance Indicators (KPIs) such as system uptime, incident resolution times, and user satisfaction rates. Used these metrics to identify areas for improvement, optimize IT operations, and report on IT performance to senior management.
• Stakeholder Collaboration: Worked closely with IT teams, project managers, and senior executives to ensure that IT governance, risk, and compliance strategies were integrated into all IT projects. Facilitated workshops and training sessions to enhance understanding of GRC principles across the department.
• Implementation of international standards and frameworks: ITIL V3 Information Technology Infrastructure Library, ISO/IEC 20000-1:2018 Information technology — Service, COBIT 5 (Control Objectives for Information and Related Technologies). Also, supported in (ISO/IEC 27000, ISO/IEC 5501 and ISO/IEC 9001)

• Handle first level response for security events: IDS / IPS alarms, malware (alerting, not triage), account misuse, network security events, etc.

• Able to effectively weed out false positives and make decisions on triage steps.

• Assist in creating new processes and automations for Level 1 events.

• Analyze risk alarms, events and continuous monitoring.

• Use a SIEM solution for event investigation.

• Keep up on the latest security news and events, and effectively communicate them to team members.

• Oversee daily operations of the IT support team.
• Manage and resolve escalated support issues.
• Develop and implement IT support policies and procedures.
• Train and mentor IT support staff.
• Monitor and report on team performance metrics.
• Ensure timely and effective resolution of support requests.
• Coordinate with vendors and service providers as needed.
• Conduct regular team meetings and performance reviews.
• Ensure compliance with company policies and industry regulations.
• Identify and implement process improvements.
• Provide technical guidance and support to team members.
• Handle customer complaints and feedback.
• Ensure high levels of customer satisfaction.
• Assist with IT projects and initiatives as needed.
• Prepare and present reports to senior management.