IT Audit and Security Manager

Position as a computer business consultant in an international corporation.

EXPERIENCE
AstraZeneca Egypt, IS/IT Manager
January 2006 to Present
•Manage validation and Compliance team for execution and review of all underlying qualification documents and also for handling of possible deviations during related qualification activities.
•Implementing security policy, procedures and awareness.
•Implement corporate policies and convert them into local security operating procedures to meet minimum QA and security standards; ensure compliance and follow-up
•Design, document and implement change management procedures and provide input into Sarbanes Oxley documentation.
Deloitte Egypt. ERS Manager
April 2004 to December 2005
•Developed and implemented a risk-based IS Audit strategy and objectives in compliance with generally accepted standards to ensure that the organization’s information technology and business processes are adequately controlled.
•Planned specific audits to ensure that the IS audit strategy and objectives are achieved.
•Evaluated the design, implementation, monitoring of logical access control, network infrastructure security to ensure the integrity, confidentiality and availability of information assets.
Nestlé. Software Development Programmer
November 1993- April 1999
•Responsible for translating the system user functional requirement into general and detailed system design specification for a computer based application system.
•Implemented accounting and security features of LAN and WAN.
•Developed and tested disaster recovery plans.
•Monitored and controlled the network.

Klynveld Peat Marwick Goerdeler (K P M G) Cairo, Egypt Computer Audit & Consulting
June 1991- October 1993
•Developed and implemented a risk-based IS audit strategy and objectives in compliance with generally accepted standards to ensure that the organization’s information technology and business processes are adequately controlled.
•Planned specific audits to ensure that the IS audit strategy and objectives are achieved.
•Analyzed information gathered to identify reportable conditions and reach conclusions.
•Evaluated the design, implementation, monitoring of logical access control, network infrastructure security to ensure the integrity, confidentiality and availability of information assets.

Computer Science Diploma, American University in Cairo (A.U.C.)
January 1990
Bachelor of Commerce/ Major in Accounting, Ain Shams University
June 1989

• June 2001 Microsoft Certificate System Engineer 2000

• August 1997 Microsoft Certificate System Engineer NT4

• IBM AS/400
October 1996 Peer Communication (IBM AS/400)
Communication Problem Determination (IBM/400)
RPG 400 Programming language
September 1996 Communication Introduction (IBM AS/400)
August 1996 Data Communication Concept (IBM)
May 1992 As/400 System Facilities (IBM AS/400)

• Nestlé Switzerland
May 1998 Planning course (Nestle Switzerland)
November 1997 Nestle financial application technical course (Nestle Switzerland)

• Oracle
September 2000 Oracle Database and Developer/2000 Build Form (League)

• Information System Audit and Controls (ISAC)
Memberships of Information System Audit and Control Association and Foundation.