Bayt.com
Mohammad Bukhari, Chief Information Security Officer

Mohammad Bukhari

Chief Information Security Officer

Aljazira Takaful Taawuni

Location
Saudi Arabia - Jeddah
Education
Master's degree, Industrial Engineering
Experience
9 years, 8 Months

Share My Profile

Block User


Work Experience

Total years of experience :9 years, 8 Months

Chief Information Security Officer at Aljazira Takaful Taawuni
  • Saudi Arabia - Jeddah
  • My current job since November 2019

1. Development, implementation, and monitoring a strategic cyber
security and IT risk management program .
2. Establishment of policies, standards, and guidelines
3. Managing the operation and implementation of cyber security strategy.
4. Ensures that the security function is tasked with developing and
maintaining up-to-date security policies, standards and guidelines that
align with SAMA cyber security framework.
5. Communicate key risks and required support from management.
6. Conducting a continuous risk assessments of current security practices
and systems and identifying areas for improvement
7. Works with all VP’s and Heads to address their cyber security concerns
and translates them into IS strategic projects.
8. Managing the IS security budget and communicating this with the
appropriate parties
9. Review the agreements with suppliers and vendors and ensure the
services provided are in compliance with Company’s risk standards.
10. Conduct information security committee periodically.
11. Supervise and confirm all security actions involving letters and
circulars.
12. Information Security committee Member.
13. Ensure security awareness and training are delivered to company staff.
14. Participant as Cyber Security Project Owner for Merger and Acquisition
activities and part of M&A steering committee.

Information Security Engineer at SAMREF
  • Saudi Arabia - Yanbu
  • August 2014 to October 2019

GRC Activities:
1- Cyber security NIST Framework implementation.
2- Review for access control.
3- End-user awareness through monthly lessons in addition to phishing tests.
4- Review and follow-up audit items with respect to IT, OT
5- Firewalls, Proxies servers, SANDBOX, and End-point in-depth knowledge and
administration skills
6- Governance, Risk, and compliance activities against IT, OT.
7- Establishing new processes to lay the foundations for new information security
section.
8- Communicate cyber security issues to business and management in a business
language.
9- Evaluation of new cyber security products.
10- Conducting Security Awareness to end-users through various methods: Email, LCD
screen, Desktop pop-up messages.
11- Specify, analyze, engineer, design, support and implement information Security
elements related to Technology, People and Process which protect the confidentiality,
integrity, and availability of SAMREF’s IT/OT and infrastructure, components and
information assets.
12- Implementing policies, standards and procedures relating to data security,
compliance management, incident management, risk management, operations and
maintenance
13- PhishME (Phishing Tool) administration
14- Conducting cyber/IT Risk Assessments
15- Annual Shared Folder access rights Audit
16- Coordination of annual IT audit tasks and follow-up.
17- USB access control.
Cyber Security Operations Activities:
1- SOC qualification for bidders and implementation.
2- Support SOC operation and leading incident response activities.
3- Conduct internal/external vulnerability scanning.
4- Famaliar with SIEM administration
5- NAC (Network Access control) implementation and administration
6- FireEye NX, EX, CMS implementation and administration
7- Symantec Endpoint Protection Manager administration
8- HPE Arcsight Implementation and administration
9- Familiar with Network Monitoring tools
10- Firewalls administration and review.
11- Proxy server administration and review.
12- RSA and Multi-Factor Authentication administration.
IT Operations activities:
1- Routing and Switching, including Switch inventory, management.
2- WSUS patch management.
3- GPO administration
4- Knowledge of virtualization environment and basic administration
5- Virtualization (VMware) administration
6- Domain controller DRP back-up restoration.
7- DRP restore drill coordination
8- LAN Management, Maintenance, administration functions.
9- Active Directory administration.
10- Email gateway Administration.

Education

Master's degree, Industrial Engineering
  • at University of New Haven
  • May 2014

concetration on Six sigma.

Bachelor's degree, applied computer science \ software engineering
  • at Yanbu university college
  • June 2010

third honor list

Specialties & Skills

Science
+Endorse 0
Computer Science
+Endorse 0
Software Engineering
+Endorse 0
Engineering
+Endorse 0
Six Sigma
+Endorse 0
Presentations
+Endorse 0
information security
+Endorse 0
risk assessments
+Endorse 0
SOC Monitoring
+Endorse 0
IT skill
+Endorse 0

Languages

English
Expert
Arabic
Expert

Training and Certifications

Certified Information Security Manager (CISM) (Certificate)
Date Attended:
November 2019
- Certified EC-Council Incident Handler V2 (Jun 2019) (Certificate)
Date Attended:
June 2019
Certified Ethical Hacker Certification CEH V9 (Certificate)
Date Attended:
April 2018
CompTIA security + Certification (Certificate)
Date Attended:
October 2017
Six Sigma Green Belt (Certificate)
Date Attended:
May 2014

Hobbies

  • Cooking