MUSTAPHA SAMAN

• Lead the development, implementation, and maintenance of the organization's security architect frameworks and strategies.
• Collaborate with cross-functional teams to identify security risks, assess vulnerabilities, and develop risk mitigation plans.
• Design and deliver security solutions that meet business requirements while ensuring compliance with industry regulations.
• Evaluate and recommend appropriate security technologies, tools, and countermeasures based on industry best practices.
• Manage the organization's vulnerability landscape by conducting regular assessments and developing strategic plans for remediation.
• Investigate and respond to security incidents, including incident triage, containment, and remediation.
• Collaborate with internal teams and external vendors to implement security solutions that enhance the organization’s security posture.
• Conduct regular security assessments and audits to identify vulnerabilities or areas of improvement.
• Actively engage in continuous learning initiatives to stay abreast of the latest trends and standards in the dynamic cybersecurity landscape.
• Contribute to the organization's security awareness by providing training sessions to employees, enhancing overall cyber hygiene.
• Analyze network traffic and logs to identify and mitigate risks, contributing to a proactive risk management approach.
• Develop and implement vulnerability management plans and procedures, ensuring a comprehensive approach to risk mitigation.
• Proficiently utilize innovative security tools, including SIEM (Splunk), CrowdStrike, and Rapid7, to enhance the organization's security posture.
• Create reports and dashboards to present vulnerability findings to stakeholders, utilizing SIEM tools (Splunk), CrowdStrike for Endpoint security, Rapid7 for Vulnerability scanning, and Veracode for application dynamic scanning.
• Conduct risk assessments, collaborate with stakeholders to identify and prioritize critical assets, and define security controls.

• Linux; windows/open Source (PFSense) Firewall, Windows Administrative tools; remote desktop and Hypervisor.
• IT Audit Standards:

Confidentiality, Integrity, Availability, Access Control, Audit and Accountability, Certification and Accreditation, Risk Assessment, OMB Circular A-130 Appendix III, NIST 800-53, NIST series, Cisco Switches-3500, 3750 series, Cisco Internetwork Operating System (IOS), OSI and TCP/IP models, TCP and UDP protocols, Access point, three-tier architecture, Network topologies Star, Mesh, Hybrid. 800-53A, NIST 800-30, NIST 800-37, NIST 800-34, NIST 800-18, FIPS, FISMA, FedRAMP, SaaS, PaaS, IaaS, NIST RMF framework, HIPAA, Cisco Routers – 1841, 2611, 2620

• Troubleshooting and resolving LAN/WAN performance, connectivity, and related network problems. TCP and UDP protocols, SSH, HTTP, DHCP and DNS.VPN, NAT, PAT, and VLAN configuration, Network security and ACL's. Proficient in Windows XP/7/8/8/8.8/10/11, Vista, XP; Mac OS and Linux, Server, OS (Active Directory), Cisco OS.
• Review substantial amounts of log data (e.g., security system, network flow, IDS, and system logs).

• Using Active Directory to reset password, add/remove computer from the domain
• Imaging, updating and deployed desktop, laptop, and Macs with the use of WDS /MDT
• Install software, upgrade memory, replaced hardware and set new workstation
• Maintained records of daily data communication transactions, problems and remedial actions taken and installation activities.
• Set up equipment for employee use, performed and ensured proper installation of cables, operating systems, and proper software.
• Prepared evaluations of software and hardware and recommended improvements and upgrades.
• Referred major hardware and software problems and defective products to vendors and technicians for service.