عبد العزيز الحمود

• Worked as Analyst Cyber Security and Risk Analyst to prepare execute ISO/IEC 27001 internal audits for Symantec business units.
• Plan to remediates IT security risks and vulnerabilities.
• Create Risk Assessment Report and provide a feedback to senior team members and management.
• Leading the process of governance administration and maintenance; ensuring compliance with Symantec Information Security policies, standards, procedures and best practices.
• Security Awareness and vulnerability assessment.
• Planning and Conducting ISO 27001 Compliance assessments for Iaas, Paas and Saas.
• Conducting vulnerability assessment and remediation plan

• Supporting in a project with (15M K.D) in 5 Years contracts for Kuwait Airways (KAC).
• Supervised 9 staff across 3 divisions: Security Operations Centres (SOCs), IA and Compliance, and Information Security.
• Worked closely with CEO in the development of ERM balance scorecards, IT Security Governance, and executive dashboards for key security metrics.
• Partnered with organization management and administration, Privacy Oversight Committee, and legal counsel to design, implement, and update privacy policies/procedures. Confirmed ongoing compliance with all contractual security requirements and applicable government regulations.
• Continually monitored security metrics of logical/physical systems for controlling building and system access. Architected remediation controls to neutralize system vulnerabilities.
• Conducted reviews and oversaw enterprise security training for users and IT administrators. Directed small security team charged with implementing for many clients some Cybersecurity solutions and more.
• Provided expert consultation to external customers on security and security-related integration projects within medium and large commercial and government organizations. Completed risk assessments and gap analyses on clients’ architecting solutions to identify/mitigate vulnerabilities.
• Conducted network, security, compliance and risk management assessments for corporate infrastructure and mentor organizations to implement improved processes and technologies. Referenced ISO 27001/27002, ITIL as benchmarking tools to support clients in operating within industry best practices.

Page 2 of 6

Major Achievements
• Improving the availability, integrity and confidentiality of internal business as well as for the clients.
• Work closely with security operations centre & drive through service improvements for ASC customers & Business Maintain security policies & compliance, adhere to ISO 27001 and 27005 compliance, planning and implementing, and raise security awareness and manage a security risk register.
• Develop all security documents are maintained and chair & manage Security meetings & maintain minutes.
• Build a Cyber Security Incident Response Analyst, Digital media forensic, Vulnerability assessment and pentest, and Cyber intelligence analysis

 Computer repair;
 Making backup copies;
 Ensuring the protection of the network and computers;


 Formatting computers;
 Protecting the networks Installation;
 Management of anti-virus software;
 Training the staff on how to produce invoices, the client database software, Microsoft Word and Excel;
 Dealing with customers and organising car shows.

 Writing articles for the Science and Technology section with the focus on hazard materials in computers, software, technology, communication solutions, securing data against infections and intrusions from the Internet.

 Synthesizing available information from English scientific journals, the Internet, science websites and IT forums.