SAJIMON GEORGE
Cybersecurity Expert
Summary
Experienced Cybersecurity Specialist with more than 28 years of extensive operational expertise in safeguarding enterprise IT environments. Skilled in implementing and managing security operations, including threat detection, incident response, and vulnerability management. Proficient in deploying and optimizing security tools and technologies to mitigate risks and ensure compliance with industry standards and regulatory requirements. Adept at developing and executing security strategies, monitoring IT infrastructures, and addressing evolving cyber threats. Known for a hands-on approach, strong problem-solving skills, and a commitment to enhancing organizational security posture.
Overview
27
27
years of professional experience
8
8
Certifications
Work History
Network and System Analyst
Qatarenergy LNG
- Designing, implementing, and maintaining network infrastructures, including LAN, WAN, VPN, and wireless networks to ensure stable and efficient communication within the organization
- Monitoring the performance of systems and networks, ensuring they are running efficiently, and making necessary adjustments to optimize performance
- Implementing and maintaining network and system security measures, such as firewalls, intrusion detection systems (IDS), proxy, WAF and antivirus software, to protect the organization's data and infrastructure
- Design and implement security controls required to protect corporate network, systems and applications
- Security design for the company external connectivity including secure connections 3rd parties
- Design, configure and manage multi-domain active directory infrastructure
- Knowledge of plant systems and applications including RTIS, DCS, OTN, Data Diode, energy component and LIMS
- Knowledge and experience of working in plants including, safety requirements, change management
Senior Analyst - Cyber Security
Qatarenergy LNG
01.1998 - Current
- Developed and implemented a comprehensive vulnerability management process, leading the operationalization of the vulnerability management solution using Tenable SecurityCenter
- Performed risk basements to Identify risks, prioritizing risks and advising on risk treatment options
- Risk analysis taking into consideration the impact, probability, cost of controls, resourcing
- Responsible for developing security architecture for the IT solutions and developing and maintaining cybersecurity capability framework
- Developing security infrastructure baselines and conducting configuration reviews to ensure security controls were properly implemented and operating effectively
- Initiated embedding of information security best practice within ITDR program
- Member of the DR working group developing Disaster Recovery/Business Continuity policy & procedures
- Extensive experience in developing and maintaining enterprise IT disaster recovery in line with corporate BCM
- Expert advice on information security risks and relevant security controls to minimize the risks to an acceptable level
- Ability to understand business requirements and provide security solutions to enable the business
- Excellent knowledge of current security challenges and their implications on security strategy including cloud, mobile data, APT/Malware
- Developing, implementing, and maintaining security policies and procedures to ensure organizational compliance with security standards and regulations
- Conducting Penetration tests to simulate cyber-attacks and identify weaknesses in systems, applications, and networks
- Educating employees on best practices for security, phishing attacks, password management, and general cybersecurity hygiene
Education
Bachelor of Science - Information Technology
Diploma - Electronics and Telecommunication Engineering
Masters - Cybersecurity
Skills
Vulnerability Management : Proficient in identifying, assessing, and mitigating security vulnerabilities across diverse IT systems and networks Experienced in implementing and managing Tenable vulnerability management solutions and aligning vulnerability management practices with industry standards Skilled in risk prioritization through strong analytical capabilities and effective communication to bridge technical findings with non-technical stakeholders Expertise includes coordinating patch management, performing regular assessments, and ensuring compliance with organizational security policies to protect critical assets
Cybersecurity Assurance : Expertise in ensuring the security and resilience of IT systems through comprehensive assurance activities Skilled in conducting configuration reviews and developing baseline configurations to enforce secure system standards Proficient in coordinating and overseeing penetration testing and breach assessments to identify vulnerabilities and validate security controls Adept at analyzing findings, recommending actionable improvements, and ensuring alignment with industry best practices and regulatory requirements Experienced in collaborating across teams to enhance the overall security posture and maintain robust cyber defense mechanisms
Risk Management: Expertise in identifying and addressing enterprise-wide IT risks, including evaluating application and system-specific vulnerabilities as well as overarching issues such as security awareness, compliance with organizational control standards, and adherence to regulatory requirements Skilled in providing strategic advice to mitigate risks effectively and ensure robust IT governance
Security Management: Skilled in overseeing IT operations to ensure infrastructure, systems, networks, and applications are securely configured and maintained within the established security framework Experienced in implementing security policies, managing tools, mitigating risks, and ensuring compliance with regulatory and organizational standards
Enterprise Security Architecture: Expertise in adopting a holistic approach to information security by integrating diverse architectural components for comprehensive and unified protection Skilled in designing multi-layered security controls to ensure the confidentiality, integrity, and availability of information Development of Cybersecurity capability framework and security blueprints
Certification
CISSP (Certified Information Systems Security Professional)
Timeline
Senior Analyst - Cyber Security
Qatarenergy LNG
01.1998 - Current
Network and System Analyst
Qatarenergy LNG