Experience

• 

  Saudi Air Navigation Services

  • Jeddah, Makkah, Saudi Arabia

  • Cybersecurity Governance and Data Protection Specialist

    • Mar 2024 - Present
    • Jeddah, Makkah, Saudi Arabia

• 

  Elm Company

  • Saudi Arabia

  • Senior Cybersecurity GRC Specialist

    • Mar 2023 - Feb 2024
    • Saudi Arabia

    - Develop a cybersecurity risk management methodologies, procedures, and processes. - Obtain the 3rd parties risk assessment.- Report compliance to cybersecurity regulations ECC, CSCC, TC and DCC on quarterly basis.-Participate and enhance Cybersecurity awareness program and deliver awareness according to schedule.

• 

  Saudia Dairy & Foodstuff Company (SADAFCO)

  • Saudi Arabia
  • Food and Beverage Services
  • 700 & Above Employee

  • Senior Information Security Analyst

    • Oct 2022 - Feb 2023

    - Develop and maintain an integrated cybersecurity Incident Response Plan. - Analyze the external threat landscape and map it to potential SADAFCO impact (NDR).- Test, implement, deploy, and maintain, the software that protects and defends IT systems and networks against cybersecurity threats (EDR).- Use the data collected from cyber defense tools to analyze events that occur within SADAFCO to detect and mitigate cyber threats.- Perform vulnerability assessments of systems and networks. Identifies where they deviate from acceptable configurations or applicable policies.

  • Information Security Governance Specialist

    • Dec 2018 - Sep 2022

    - Identify, assess, and manage SADAFCO's cybersecurity risks, and protect its information and technology assets in line with SADAFCO policies and procedures and related laws and regulations.- Ensure SADAFCO's cybersecurity program complies with requirements, policies, and standards. - Develop, update, and maintain cybersecurity policies and procedures to support and align with SADAFCO's Cybersecurity requirements.- Conduct DR drills in line with SADAFCO's requirements and related regulations and support functions to prepare Business Continuity Plan (BCP) by giving IT input. - Promote user awareness of cybersecurity by providing training campaigns as appropriate among SADAFCO's staff on a regular basis. - Examine and follow up on the existence and implementation of information security governance, based on ISO 27001 standards, NCA Regulations, and Controls.

  • Information Technology Trainee

    • Sep 2018 - Nov 2018

    I joined SADAFCO as a trainee in the IT department which added me a lot of knowledge and expanded my awareness in many technical aspects. After finishing my training period, I became an employee at SADAFCO.

• 

  Mnassa | منصّة

  • Administrative Assistant

    • Aug 2017 - Oct 2017

    I worked in the public relations department at Mnassa. My role was in designing events and communicating with suppliers and participants to ensure everything is complete as required.