Riyadh, Saudi Arabia
Experienced cybersecurity professional with 8+ years of experience across SOC operations, security architecture, and GRC — delivering for government defense, banking, and industrial clients in Saudi Arabia and the wider MENA region. I build and run security programs end-to-end: from SOC/DFIR operations, threat hunting, and SOAR automation, to security architecture, zero-trust design, and VAPT, to GRC and compliance against NCA ECC, SAMA CSF, PDPL, and ISO 27001. Along the way, I've advised C-level and government stakeholders, built governance structures from scratch, and worked hands-on across MITRE ATT&CK-aligned detection, incident response, and risk treatment planning. A few things I'm proud of: → Reduced MTTR by 25% and analyst effort by 35% through SOAR automation at SABIC → Closed 90% of VAPT findings within SLA at Al-Rajhi Bank ahead of regulatory audit → Maintained 100% SLA adherence across 10+ enterprise MSSP clients at Rewterz → Built a vCISO governance program from the ground up for Codebase Technologies → Designed secure data center architecture for a classified government intelligence entity, fully aligned to NCA ECC and ISO 27001 → Named Employee of the Year (2022) at SABIC for performance and innovation in SOC/DFIR operations CISSP & CEH certified | MS in Information Security Open to senior cybersecurity, SOC, and GRC opportunities in KSA. Always happy to connect. 📧 [email protected] 📱 +966 50 727 5064
• Lead cybersecurity initiatives for government defense and intelligence technology projects. • Architect secure data center environments and network segmentation designs for classified government defense and intelligence projects, defining layered security controls and governance frameworks from the ground up. • Conduct security assessments and gap analyses ensuring compliance with ISO 27001 and NCA ECC frameworks; develop risk treatment plans with measurable remediation milestones. • Develop and maintain security policies, standards, and procedures aligned to regulatory obligations. • Implement and integrate multi-vendor security solutions — from design and configuration to end-to-end deployment — ensuring alignment with organizational cybersecurity and quality standards. • Collaborate with the Head of Technical in designing, evaluating, and testing new IT solutions — conducting POCs, solution testing, and SATs with vendors and customers. • Oversee vendor performance during deployments to ensure all project requirements and scope deliverables are met effectively. • Document security architectures, technical processes, and quality procedures; provide regular program updates to executive leadership and project stakeholders
• Led VAPT across 3,000+ core banking and digital assets, remediating critical flaws ahead of regulatory audits. • Partnered with Counter Fraud and Digital Crime units to contain account-related incidents, reducing fraudulent account activity. • Supported Red Team operations and coordinated remediation efforts, closing 90% of exploitable findings in defined SLA windows. • Enhanced asset security scoring and dashboard automation, improving threat visibility. • Collaborated with SOC and infrastructure teams to fine-tune SIEM correlation rules and detection use-cases, improving incident response accuracy and reducing false positives. • Developed and enforced security baselines and hardening guidelines across banking infrastructure, ensuring compliance with NCA ECC and ISO 27001 standards.
• Managed end-to-end SOC/DFIR operations for SABIC, handling incidents via XSOAR automation. • Designed and implemented SOAR architecture integrating multiple 3rd-party security products. • Automated analyst workflows, reducing manual effort by 35% and MTTR by 25%. • Developed advanced use-cases for proactive threat detection and incident response. • Collaborated with threat intelligence teams to enrich incident context and improve alert prioritization accuracy. • Recognized as Employee of the Year 2022 for outstanding performance and innovation.
• Managed end-to-end SOC/DFIR operations for SABIC, handling incidents via XSOAR automation. • Designed and implemented SOAR architecture integrating multiple 3rd-party security products. • Automated analyst workflows, reducing manual effort by 35% and MTTR by 25%. • Developed advanced use-cases for proactive threat detection and incident response. • Collaborated with threat intelligence teams to enrich incident context and improve alert prioritization accuracy. • Recognized as Employee of the Year 2022 for outstanding performance and innovation.