JAOUHAR MOSBAHI
Information Security Professional
Summary
Information Systems Security Professional with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework such ISO27001
Overview
16
16
years of professional experience
7
7
years of post-secondary education
3
3
Certifications
3
3
Languages
Work History
Information Security Officer
VERMEG
Tunis
04.2021 - Current
- Maintain the security management system and update a safety policy adapted to the company environment.
- Formulate information security needs (including technical needs) and monitor their implementation.
- Monitors Information Security objectives.
- Monitor audit plan and manage ISO 27001 certification.
- Evaluate the existing security measures to achieve the information security objectives.
- Maintain KPIs to measure the effectiveness of the ISMS.
- Participate in the communication Plan.
- Report the progress of the security status to the information security manager.
- In charge of client requests for information security perspective.
- Conduct ISO 27001 internal audits.
- Awareness training programs for all employees.
- Performed risk analyses to identify appropriate security countermeasures.
Head information
MENA CAPITAL PARTNERS
Tunis
01.2012 - Current
- Managed network and system performance, conducting troubleshooting, security patching and maintenance.
- Communicated with executive team and CEO to maximize development efficiencies and resolve technology issues.
- Continue to enhance the monitoring, instrumentation, and other security capabilities of applications
- Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users
- Create the necessary programs to ensure security management tools are working effectively (i.e Patch management program)
- Define and maintain the information security and technology risk management governance framework
- Implement enterprise-wide security awareness initiatives.
- Managing the enterprise's security organization, including hiring, training, talent development and performance management
- Interacted and negotiated with vendors, outsources and contractors to secure products and services.
- Wrote policy, procedure and manuals governing internal IT use.
Information Security Engineer, Senior
TUNISO-SEOUDIENNE D'INVESTESSEMENT "TSI
Tunis
02.2010 - 01.2012
- Date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
- Linux Web servers, traditional and physical security, and additional technology areas
- Monitored computer virus reports to determine when to update virus protection systems.
- Includes maintenance of all technologies, processes and interfaces associated with the storage of data, analysis of data, and alerts and responses
- Provide regular reports on security incidents, service levels, project status, etc
- Conducted security audits to identify vulnerabilities.
IT Systems Administrator
HOTEL MAHDIA PALACE
Tunis, Mahdia
01.2008 - 01.2010
- Assist with managing switches, routers and other network hardware
- Acquire and apply latest Windows updates to
- Servers and Workstations via WSUS server
- Automate software application deployments; create and test workstation images including testing software packages for workstation distribution
- Maintain, monitor, and troubleshoot network infrastructure (, MAHDIA
- LAN/WLAN/WAN hardware and & routing/switching, office/data center cabling)
- Manage servers, including accounting, ERP, e-mail, print, file, and backup servers and their associated operating systems and software
- Perform file system configuration and management
- Responsible for establishing and maintaining user accounts, profiles, file sharing, access privileges and overall network and system security
- Working knowledge of a wide range of datacenter technologies including: Local (LAN) and wide-area networks (WAN); NAS and/or SAN storage technologies
- Oracle technologies, Linux, Microsoft Server, firewalls, and VPNs
- Network protocols such as TCP/IP, WINS, DHCP, DNS, SNMP,
- FTP, HTTP, SMTP, etc
Education
Bachelor of Science - technology
Faculty of Sciences of Monastir
Monastir Tunis 01.2002 - 01.2006
Bachelor of Science - Sciences And Technologies of Information
Virtual University of Tunis
Tunis 01.2019 - 01.2020
Master of Science - New Technologies And Telecommunications Networks
Virtual University of Tunis
Tunis 09.2020 - Current
Skills
Information security technology
Data security
Risk management
Information Governance
Cybersecurity
InfoSec
Certification
CISSP - Certified Information System Security Professional
Timeline
CISSP - Certified Information System Security Professional
10-2021
Information Security Officer
VERMEG
04.2021 - Current
Master of Science - New Technologies And Telecommunications Networks
Virtual University of Tunis
09.2020 - Current
ISO 27001 Senior Lead auditor
03-2019
Certified Ethical Hacker
02-2019
Bachelor of Science - Sciences And Technologies of Information
Virtual University of Tunis
01.2019 - 01.2020
Head information
MENA CAPITAL PARTNERS
01.2012 - Current
Information Security Engineer, Senior
TUNISO-SEOUDIENNE D'INVESTESSEMENT "TSI
02.2010 - 01.2012
IT Systems Administrator
HOTEL MAHDIA PALACE
01.2008 - 01.2010
Bachelor of Science - technology
Faculty of Sciences of Monastir
01.2002 - 01.2006