SAM
+971 55 822 0877
ABOUT ME
The ability to serve as
Information Security Senior
Consultant/Manager with
10+ years of experience in
Security Devices
Management, SOC
Operations, Security Audit,
Security Architecture
Review, Vulnerability
Assessment, User Access
Review, Database Security,
and strong expertise in
Networking (Firewalls,
Routers, Switches, VPN,
Dynamic Routing, etc.)
EDUCATION
Bachelor of Engineering in
Computer Science
NMAMIT
Karnataka, India
2008 – 2012
CBSE Board
INDIAN SCHOOL AJMAN
Ajman, UAE
1995 – 2008
CERTIFICATION
CISM – Certified Information
Security Professional
ITIL V4 – Foundation
Certificate in IT Service
Management
IBM Certified Deployment
Professional - IBM QRadar
SIEM V7.3.2
Dubai, UAE
LOPEZ samslopez@hotmail.com
ASSISTANT MANAGER – CYBER SECURITY
WORK EXPERIENCE
Assistant Manager – Cyber Security
 Manage SOC Team and security solutions such as SIEM, SOAR,
NDR, etc. for GCC clients
ERNST & YOUNG (EY)
 Manage Security Monitoring and Incident Handling, Security
Dubai, UAE
Architecture Reviews, Cyber Analytics, Threat Hunting, Threat
Aug 2018 - Present
Intelligence, Automation, etc. related engagements
 Provide support as an L3 analyst based on business needs
 Conduct CPA maturity assessments, build reports and recommend
initiatives to reach a better future state
 Develop and manage RFPs for new business opportunities,
including the creation of proposals, pricing models, and timelines
to meet client needs
 Provide project management support by coordinating with
internal teams and vendors on deliverables such as scope
statements, schedules, etc., to ensure that all parties are aligned
on expectations from the start of a project through completion
 Develop and maintain processes and procedures used to manage
incident response and provide guidance to analysts based on
leading practices such as ISO 27001, COBIT, ITIL, etc.
 Monitor and proactively mitigate information security risks
 Provide reports, dashboards, and briefings at various levels of
management regarding ongoing security incidents
 Provide effective solutions based on analytical and critical thinking
 Manage detection use cases to enhance the security posture
Information Security Consultant
 Conduct security reviews for network and security devices,
business applications, and architecture
FIRST ABU DHABI BANK  Perform change review to ensure changes are authorized
(FAB)  Prepare reports on security findings and provide
Abu Dhabi, UAE recommendations for correcting unsatisfactory conditions,
May 2017 – Aug 2018 improving operations, and reducing the compliance cost
 Conduct audits to determine compliance with PCI DSS, GIA, MAS,
RBI, etc.
 Manage & deliver projects scoped for Information Security Risk
Management on a global scale for standards like – NESA, FFIEC,
PCI DSS, etc.
 Conduct scans on databases to identify presence of sensitive
information such as PII, credit card details, etc. that are
unscrambled (unmasked) as part of GDPR
 Work closely with internal/external auditors in gathering and
providing evidence of following standard procedures for each
process and following up on suggested corrective actions
SKILLS  Manage Threat Intelligence feeds, research ongoing and
upcoming threats, involve relevant teams to patch the
vulnerabilities, block the Indicators of Compromise (IOCs), and
INFORMATION SECURITY
provide awareness inputs to the security awareness team, etc.
SIEM – IBM QRadar  Create and maintain Standard Operating Procedures (SOPs) to
NDR – Vectra include policies and procedures for Security Review, Threat
SOAR – DFLabs IncMan Intelligence, and APT Monitoring
EDR – SentinelOne
DAM – IBM Guardium
DLP – Forcepoint Information Security Consultant
WAF – F5 Networks  Manage SOC Team, security monitoring and SIEM tool
PAM – Dell TPAM ABU DHABI COMMERICAL  Work on data loss alerts triggered by Websense DLP (Forcepoint)
IPS – Cisco, Snort BANK (ADCB) and other security alerts from EDR, IDS/IPS, Guardium, etc.
DDoS – Arbor Peakflow Abu Dhabi, UAE  Investigate potential or actual security incidents to identify issues
AlgoSec Feb 2015 – May 2017 and areas that require new security measures or policy changes
FireMon  Identify vulnerabilities, recommend corrective measures, and
Nipper ensure the adequacy of existing information security controls
HP Network Automation  Develop and maintain processes and procedures used to manage
IBM Site Protector incident response processes and provide guidance to the SOC
analysts based on Standard Operating Procedures (SOPs)
NETWORKING  Continuously monitor levels of service as well as interpret and
Basics of TCP/IP prioritize threats through the use of SIEM, IDS/IPS, firewalls, etc.
Network Protocols  Monitor and proactively mitigate information security risks
Dynamic Routing Protocols  Provide briefings at various levels of management regarding
VPN ongoing security incidents
NAT  Provide effective solutions based on analytical and critical thinking
Redundancy (HA)  Creation and periodic fine-tuning of use cases
Firewalls  Develop code to integrate SIEM with 3rd party tools through APIs
Routers  Write Regex-based parsers (LSX) to integrate custom log sources
Switches
Information Security Analyst – Harley Davidson

INFOSYS LTD  Responsible for supporting security operations functions including

PERSONAL DETAILS Pune, India Threat and Vulnerability Management
Feb 2013 – Feb 2015  Identify and investigate the root cause of all security incidents
Date of Birth  Monitor the network and investigate attacks and vulnerabilities
12th Feb 1990 present in network devices, and respond within SLA
 Detect, block, and work on reducing phishing mails
Nationality  Conduct vulnerability assessments and report the findings to
Indian relevant departments based on the criticality
 Creation of daily, weekly, monthly, and quarterly reports
Marital Status  Research the latest information technology (IT) security trends
Married
Network Engineer, TAC Support – Juniper Networks
Driver’s License
 Provide Level 1 support for Juniper customers across the globe
Light Motor Vehicle
 Run remote connection to client Juniper devices and work with
any issues related to switches, routers, and firewalls, and
troubleshoot problems on VPN, clusters, hardware, etc.
 Extensive hands-on training on:
LANGUAGES o Networking basics, TCP/IP, and networking devices such
as routers, switches, and firewall
ENGLISH o Protocols such as TCP, UDP, HTTP, FTP, Telnet, etc.
HINDI o Dynamic routing protocols like OSPF, BGP, RIP, IS-IS, etc.
MALAYALAM o DNS, VPN (route-based, policy-based, remote), and High
ARABIC Availability