Head – Cybersecurity Governance
Bank Muscat
Total years of experience :25 years, 0 months
Cybersecurity Governance
Develop and implement holistic Cyber Security Framework comprising Infosec Policy, Security standards, Enterprise Security Architecture, Identity Governance, Change Control, and Security Awareness
Follow predictive risk analysis model by performing technology risk assessments, data privacy impact assessment, third-party risk review, concept design & BRD reviews
Implement security standards such as ISO 27000, PCI DSS, Swift CSP, and other regulatory programs specific to Banking and Finance
Design and define cloud security architectures and frameworks for Cloud services (especially for AWS) and use adequate set of security controls for shaping security posture in IaaS and PaaS based environments
Develop and implement various initiatives for continuous improvement of Strategic & Operational effectiveness in IT Security Operations Management with measurable KPIs
Design and implementation of Enterprise Security Architecture for financial institutions
Conduct numerous third-party risk assessments and control monitoring for continuous improvement of security posture and compliance
Assess, design, implement, automate, and document solutions leveraging third-party cloud solutions
Ensure critical data elements are identified analyzed and appropriate data protection mechanisms are applied as per the bank data calcification and protection standards
Instrumental in formulating SSC (Security Steering Committees), develop SSC charter, and obtain consensus and support from executives for effective coordination on corporate security affairs
Design and implement an integrated Unified Compliance Framework (UCF) within the organization to streamline risk registration and control mapping by utilizing NIST800-53A and ISO-27001 controls catalog, along with ISO-27005 and PCI-DSS controls