Mohamed Mohey Elmasry

• Leads the evaluation and implementation of security technologies and SaaS, PaaS, IaaS solutions in multi public cloud providers Oracle Cloud Infrastructure, Azure, AWS and Oracle fusion.
• Performing information security design assessments & gap analysis.
• Strengthened GoS cybersecurity posture by conducting regular risk assessments and implementing security controls.
• Designing and implementing defense-in-depth information security controls and concepts for critical application and data environments.
• Enhanced client satisfaction by providing timely and accurate guidance on Oracle Cloud Security best practices and features.
• Collaborated with cross-functional teams to ensure secure seamless integration of Oracle Cloud solutions into existing IT environments.
• Enhanced Oracle fusion HCM system security controls by conducting thorough analysis and identifying areas for improvement.
• Increased cloud infrastructure efficiency by designing and implementing scalable solutions.

• Trusted Advisor and core customer liaison, creating and maintaining long-term strategic relationships.
• Conducts interviews different key stakeholders such security architects, application architects, infrastructure architects.
• Discovery and understanding of client business operations, models, and footprints to build custom enterprise secure solutions to maximize value.
• Assessing and developing Infrastructure solutions and programs across multiple domains.
• led the implementation and maintenance of NIST Cyber security framework (CSF), CIS controls, AWS Security pillars best practice, Network best practice controls and PCI DSS framework.
• Designs and Implement Infrastructure as a code conformance packs pipelines to continues monitor the environment resources and generate alerts, and automatic remediation for non-compliance resources.
• Working with engagement enablement, including scoping engagements, structuring customized engagements to meet client requirements, proposal writing, and drafting statements of work.
• Working with development teams to ensure that new applications meet all required performance, security, and compliance standards before being deployed to production.
• Having strong experience and hands-on for designing and deploying end-to-end networking infrastructure using infrastructure-as-code and pipelines.

Key Projects:

Design and Implementation of Via Rail booking system.

Customer: Via Rail Canada

Role: Cloud Security infrastructure and DevOps Architect

• Deigned landing zone baseline with multi-account architecture, identity and access management, governance, data security, network design, and logging
• Designed and implemented privileged access management (PAM) solution that support temporary permissions access, tracking actions, store permissions history.
• Designed and Integrated with Azure AD to achieve single sign on (SSO) requirements
• Designed Implemented the DNS firewalls by only allowing only the necessary traffic to specific domains.
• Designed and Implemented next generation firewalls to filter out the traffic and implement specific custom rules.
• Designed and Implemented solution to protect the public end points during the maintenance window by leveraging firewalls capabilities and create custom FW rules.
• Designed and implemented network and security controls by IaC (Infrastructure as code) to expedite replicating the environments to simulate the test scenarios without impacting production environment and avoid human interventions.
• Designed and Implemented Remote access solution using Identity and access management and sessions services to control the access through sessions.
• Applied security controls that monitor the effective of the encryption policies across the environment.
  Ensured the certification rotation at least annually in place and ensuring the certification expiration notifications is effective.
• Implemented best security API security standards, such as protecting the API gateway with Web Application firewalls, enable the access and execution logging, IAM authentications, TLS/SSL Certifications, etc.
• Design and implementation of landing zone multi-accounts environment including workload accounts, data security, network design and logging.
• Designed and Implemented Identity access management (IAM) and privileged access management PAM on Public Cloud platforms.
• Designed and implemented automation CI/CD pipeline with hands on experience in DevOps tools such as Code Pipeline, and Code Build.
• Hands on experience in delivering Microservice, SPA, API gateway, building CI/CD pipelines to manage seamless deployments.
• Strong understanding of containerization and Kubernetes orchestration, Hands on experience with building and deploying containerized applications.
• Automated implementation of NIST security framework in five-function model (identify, protect, detect, respond, and recover)
• Managed implementation and remediation of best practices, CIS and PCI DSS security controls and applied auto remediation strategy.

Project: Manage Farm Credit Canada Infrastructure

Customer: Farm Credit Canada

Role: Cloud and Client Architect

• Work with stakeholders to understand their business requirements and design cloud solutions to meet those needs.
• Deliver, maintain, and own high-level architectural roadmap that is constantly in alignment with Product Management roadmap, to support business growth.
• Evaluate current state of enterprise's IT systems and identifying future state that better meets business objectives of enterprise.

Key Projects:

Design and Implementation of BSS Digital Transformation program.

Customer: Saudi Telecom Company (STC) - KSA

Role: Enterprise Architect

• Created intelligent architectural decisions for Business Support Systems Transformation (BSST).
• Provided detailed guidelines, blueprints, and transitional architecture for transformation program in addition to leading and managing transformation design workshops with architects and designers.
• Led 70+ workshops in client meetings for requirement analysis and information gathering from business users and successfully transformed business requirements into robust solutions ahead of schedule.
• Acted as liaising between marketing team and IT team for designing telecom b2c commercial products, bundles and offers on BSS where successfully delivered BAU 83 projects in first year.

Design and Implementation of Digital transformation.

Customer: Mobily - KSA

Role: Solution Architect

• Supervised deployments and provided troubleshooting and user support.
• Worked with client’s post-implementation on user testing, debugging, support and maintenance.
• Conducted post-sale requirements gathering, analysis and documentation.
• Installed, integrated, and deployed CRM and Billing products in client environments.
• Conducted technical workshops and education sessions for customers and Support teams.

• Defined enterprise processes and best practices and tailored enterprise processes for applications.
• Managed installation, upgrade and deployment projects and provided on-site direction for network engineers.
• Managed and monitored installed systems for highest level of availability.

• Supervised deployments and provided troubleshooting and user support.
• Guided and influenced existing partners on recommended upgrades and enhancements to integrated solutions.
• Managed project planning, resource allocation, scope, schedule, status and documentation.

• Displayed unsurpassed ability in managing the handover of Texas team applications to Egypt team.
• Resolved delivery of systems problems when arise and liaised production releases within a specified SLA.
• Pioneered the development of a process and template for handing over tickets between L2 and L3 teams that created demarcation point.