Riyadh, Saudi Arabia
I am an IT Security professional with experience in cybersecurity, information security management, and network security. Integrity, transparency, and effective leadership guide my approach to securing IT environments. I have a strong background in implementing security controls, managing IT security operations, and ensuring compliance with cybersecurity requirements. My expertise includes securing network infrastructures, overseeing identity and access management, and enhancing security monitoring capabilities. I excel under pressure, working both independently and collaboratively, while staying updated on emerging security trends to strengthen resilience.
- Led the IT security team to ensure the protection of the organization’s information assets. - Ensured compliance with relevant regulations and standards, such as NCA. - Assisted in managing and responding to security incidents. - Developed and implemented security measures specifically for Internet of Things (IoT) and Operational Technology (OT) environments to protect against cyber threats. - Assisted in designing secure network architectures to safeguard against cyber threats. - Collaborated with cross-functional teams to integrate security best practices into various IT projects and initiatives. - Led the development and enhancement of processes and procedures to support IT security controls, ensuring business continuity, policy conformance, and regulatory compliance - Oversaw the IT Security Implementation, fostering effective collaboration with key internal stakeholders such as procurement, DMO, risk, and Cybersecurity
- Define the required to manage the Information Security Controls within the bank and make sure Information Security Controls meets business continuity, information security policy, change management policies, security baselines and regulatory compliance requirements. - Analyze and translate business requirements to security controls. - Lead processes/procedures development and enhancements that support Information Security Controls business continuity assurance, conformance to polices and regulatory compliance - Establish process and procedure for the team to ensure proper configuration and management of security controls management tools in accordance with polices - Ensures the Security controls are in substantial compliance with its internal operating policies and any external regulatory - Establishes security and compliance requirements framework that facilitates ongoing compliance with internal IS policies and procedures, contractual and regulatory requirements - Participated in assessing security risk of new projects - Ensured compliance with relevant regulations and standards, such as NCA, PCI, SAMA. - Prepare monthly departmental reports of Information Security department to capture the progress, performance and quality in order to verify all the processes that has been implemented through the month.
- Planning, implementing, managing, monitoring, and upgrading security controls for the protection of the bank's data, systems, and networks - Assist in selection and approval of security controls. - Specify and communicate the consequences for violations of established regulations, policies and standards - Implements approved departmental policies, processes, procedures and provides instructions to subordinates and monitors their adherence so that work is carried out in a controlled manner.
• Design, implement, integrate and maintain security control solutions with all PIF applications • Manage control of authentication and authorization for systems, databases and applications • Manage project lifecycle (planning, execution, monitoring, and closure) for software development and technical leadership for every aspect of software • Administration of the security controls in PIF ( Antivirus- Data Leakage prevention - Web Proxy - PAM - Email gateway - Email Sandbox - Multi-factor Authentication - Disk encryption - Database monitoring - Application whitelisting ) Projects: 1. Implementation of DLP system 2. Implementation of PAM 3. Implementation of email security solutions 4. implementation of Database monitoring system 5. implementation of Infrastructure performance monitoring solution 6. implementation of Application whitelisting solution 7. Upgrading the Anti-virus and rolling out to all machines (Laptops & Servers) 8. integrating two factor authentication with PAM and MDM 9. Integrating all PIF security controls with SIEM
• Administer identity and security access for human and functional accounts across multiple systems and applications. • Effectively manage incidents, problems associated with access entitlements • Ensure the timely granting and revoking of Access to end users to the application estate at the right time through standardized policies and processes. • Review privilege and passwords rules, processes and user registration and de-registration procedures for granting and revoking access to information systems and services. • Manage Access management related risks and execute mitigation plans • Provided samples for auditing to ensure compliance. • Consistently met deadlines and requirements for all production work orders. • Perform System Access rights maintenance including user profiles, roles and privileges • Created monthly performance reports for management. • Part of the implementation team for Micro Focus NetIQ Identity Manager.
• Provided Level 1 support, handled troubleshooting and maintenance as well as monitoring and deployment of IT equipment.