Senior Consultant - Security & Privacy

• Jun 2022 - Present

GRC - Cyber Security Specialist

• May 2019 - Jul 2022

Cybersecurity Assessment, Maturity Assessments ,Security technologies, Design Reviews, Gap Assessments, Cybersecurity frameworks implementation, network solutions, Cybersecurity Consultation and Management ,IT Infrastructure that involves Technology Management, SAMA Framework, NCA - ECC. Develop and implement company policies and regulations Assess the efficiency of control systems and recommend effective improvements. Manage policies and procedures relevant to compliance and regulations build internal awareness with compliance practices, conduct reviews and monitor company compliance levels. Lead regulator inspections - such as SAMA - and act on audit observations Worked on security standards like SAMA CSF, NCA-ECC, ISO27001 Managed Cybersecurity Matrix, Risk Register, Appetite & Reporting Show less

Information Security Analyst

• Sep 2016 - Apr 2019

• Conducting regularly scheduled assessments on internal systems, applications and subject areas. • Hosting third-party audits as required in order to maintain certifications and compliance certificates. • Using security audit systems to assess the capability of the environments under review. • Implementing and overseeing enforcement of security policies and procedures. • Reviewing Role Based Access Privileges and advises on noncompliance to policy on access matrices identified. • Reviews changes made within the environment to identify nonconformance with policy. • Reviews Change Requests and Release requests to ensure they comply with all the relevant required controls. • Review requests for access to ensure they comply with segregation of duties requirements and are in line with security requirements. • Security Risk Assessments on the organization environment and raise findings as per bank adopted control and risk frameworks. Show less

Information Security Analyst

• Aug 2012 - Aug 2016

• Implemented Security technologies such as Email security. • Improved entire enterprise security by adding effective security measures. • Implemented data classification products. • Worked on tools for security awareness. • Performed a review of existing procedures and updated when appropriate. • Provided maintenance and operational support in areas of firewall and network security infrastructure daily. • Performed vulnerability assessment with the help of various tools like Nmap, Nessus release assessment report. Show less

Associate Financial Service Manager

• Jul 2009 - Jul 2012

● Researched insurance policies, coverage plans, conditions, and prices on behalf of the client ● Recommended solutions that fit the client’s requirements the best. ● Researched insurance policies, coverage plans, conditions, and prices on behalf of the client ● Recommended solutions that fit the client’s requirements the best.