Bassem Gamal Hanash Qasem

  • Aden Yemen


An Information Technology Systems (ITS) graduated with a strong background in information security concepts, Perform complex–level professional internal audit work, work involves conducting financial, compliance, and information technology audit project; providing consulting services; providing key input to development of the annual audit plan; and providing training and coaching to internal audit staff.

Responsible for identifying and detecting information technology and information security risks and independently evaluating the efficiency and effectiveness of information technology infrastructure and application controls, including security and internal controls, Maintains all organizational and professional ethical standards. I am Friendly, skilled communicator, persuasive and adaptable.

In my work you will find me self-motivation energy, initiative, and hardworking including the ability to work under pressure. Also I am able to learn and develop my capabilities with good time-management


Jan 2011 - Jan 2012

Master Degree in Information Security

Universiti Teknologi Malaysia(UTM)

The main idea of the master final project was how
to evaluate the information security awareness level
among bank’s employees (MayBank Malaysia has
been chosen as a case study).

Dec 2004 - Sep 2009

Bachelor in Compute Science & Information Technology) First Class (Honors) A.G.P.A 88.45

Neelein University(Sudan)
2002 - 2003

Secondary School 90.25%

Khalid Abn Al-Wailed (Yemen)

Work History

Work History
Jul 2013 - Present

Head Of IT Audit

TIIB Bank Yemen
  • Identifies and evaluate TIIB’s risks areas in IT and IS provides key input to development of the annual plan.
  • Performance audit procedures, reviews and testing including identifying and defining IT and IS issues, developing criteria, reviewing and analyzing evidence, and documenting client process and procedures.
  • Conducts interviews, reviews documents, develops and administers surveys, composes summary memos, and prepares working papers.
  • Reviews, tests, identify, develop, and documents audit issues and recommendations using independent judgment concerning areas being reviewed.
  • Communicates and assists in communicating the results of audit and consulting projects via writing reports and oral presentations to management and the board of directors.
  • Provides and assist in providing training coaching and guidance to the internal audit staff in conducting audit and other audit-related issues
  • Plan and execute audit of client/server technology platforms (Oracle) and evaluate IT internal controls and works collaboratively with management to identify actions needed
  • Conducts data extraction, analysis, and security reviews utilizing software tools.
  • Support audit and consulting engagements related to programming, mainframe batch and online processes client-server architecture , Internet and intranet functionality, database  extractions, technology strategy, and data communication and network security.
  • Assesses information technology controls elements to mitigate IT risks recording to the confidentiality, integrity, and availability of business information.
  • Preforms related work as assigned by audit management
Feb 2013 - Jun 2013

IT Auditor

Yemen Kuwait Bank
  • planning and execution of internal audit procedures and the creation of internal audit reports
  • Responsible for the internal controls and risks of a Bank’s technology network
  • Identifying the weaknesses in a systems network and creating an action plan to prevent security breaches.
Oct 2012 - Mar 2013

Assistant Lecturer

Saba University

Teaching the following subjects:

  • Introduction to Cryptography 
  • Advanced Cryptography
  • Modeling and Simulation 
Oct 2012 - Jun 2014

Assistant Lecturer

Future Univeristy

Teaching the following subjects:

  • Neural Network
  • IT project Management
  • Modeling and Simulation
  • Software Engineering 

Oct 2012 - Mar 2013

Assistant Lecturer

Yemen University

Teaching the following subjects:

  • Modeling and Simulation
  • Compiler Design 
  • Network 
  • Advanced Cryptography 
Jan 2010 - Jan 2010


Alpha Panasonic- Yemen

Install and  Configure CCTV Cameras

Participated in Online Courses



Auditing Windows Access ,Permissions and Services and System Information

Auditing Unix Access , Permissions and Services and System Information

Audit Methodology and Risk Management

I Am familiar with the audit process, baselines, time based security concepts, and how risk assessment are used to identify and specify controls.

Auditing Security and Controls of Oracle Databases

Audit the processes and controls in place around the database to ensure the asset is being properly protected and the risks properly managed.

Web Application Overview and Web Server Security

Vulnerability Assessment

Auditing Web Applications

Auditing Network Services and Critical Systems

Auditing Firewalls and Intrusion Detection/Prevention Systems

Having ability to audit Firewall, Intrusion Detection and Intrusion Prevention systems, including architecture reviews, configurations, and testing ACLs and rulesets.


Jan 2014 - Jan 2018

GIAC Systems and Network Auditor (GSNA)

GIAC Systems and Network Auditors (GSNAs) holder have the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems.
Jan 2012 - Jan 2015

Certified Ethical Hacker(CEH v7)

CEH provides a comprehensive ethical hacking and network security-training program to meet the standards of highly skilled security professionals
Jan 2011 - Jan 2015


CompTIA Security+ certification designates knowledgeable professionals in the field of security,

Microsoft Certified Systems Engineer (MSCE 2003

Aptech institute


Sudatal Company for Communication

Other skills

  • Ability for traveling extensively.
  • Working well under pressure.
  • Ability for developing and learning more.
  • Good communication skills with others.



References are available on request.