عبد الله الشهري

Responsible for defining and leading the organization’s information security strategy, governance, and cyber risk management framework, ensuring alignment with business objectives and regulatory expectations. Lead and develop a high-performing cybersecurity function covering governance, risk, compliance, and security engineering.

Serve as Secretary of the CEO-chaired Cybersecurity Committee, responsible for agenda setting, decision tracking, and execution oversight of cybersecurity initiatives. Report to the Board Risk Committee on cybersecurity policy, risk posture, regulatory compliance, and material cyber risks, including presentation of policies for review and endorsement.

Drive the establishment and enforcement of cybersecurity policies, standards, and compliance programs aligned with SAMA CSF, NCA ECC, PCI DSS, and other applicable regulations. Oversee security architecture, incident response and resilience capabilities, vulnerability management, and data protection controls to safeguard financial services, customer data, and critical platforms.

Partner closely with executive leadership and technology stakeholders to embed security-by-design into business operations, support growth initiatives, and foster a strong culture of security awareness, accountability, and resilience across the organization.

Lead the establishment of a centralized global cybersecurity defense function, driving defense, governance, and regulatory alignment across 18 branches in 11 countries and setting strategic direction, enabling secure business growth, and ensuring operational resilience.

Key roles include:
• Maintained and led risk governance, policy reviews, and reporting to senior leadership.
• Drive compliance with NCA and international standards, embedding security into global operations.
• Establish Global Security Operation Center (GSOC) rollout across 11 countries, enabling 24/7 monitoring and incident response.
• Leading cross functional teams to elevate security posture and protect organizational integrity.
• Oversee global security architecture, access governance, and change management.

Played a key role in building the bank’s cybersecurity function from the ground up, ensuring compliance with regulatory frameworks and supporting the secure launch of digital banking services. Worked closely with technology, compliance, and vendors to establish processes, select solutions, and operationalize controls aligned with SAMA CSF, NCA, and PCI DSS requirements.

Key roles include:
• Ensured full alignment with SAMA CSF and PCI DSS, embedding security controls into the bank’s foundational architecture.
• Developed required documentation, workflows, and governance frameworks.
• Defined and operationalized KPIs and KRIs for cybersecurity metrics, ensuring continuous monitoring and reporting.
• Designed and streamlined customer and employee secure digital journeys, enabling future automation and improved user experience.
• Led the implementation of cybersecurity solutions, from RFP development and vendor evaluation to procurement and rollout.
• Defined security change processes, reviewed change requests, and ensured alignment with security principles.
• Conducted infrastructure security audits covering both cloud (IaaS) and managed data center environments.

Responsible for incident response, regulatory coordination, and cybersecurity project execution, while driving infrastructure security improvements and awareness across the organization. I worked closely with IT, regulators, and various departments to strengthen defenses and ensure compliance with national frameworks.

Key Roles include:
• Managed cybersecurity projects and delivered detailed assessment reports for senior management.
• Led the implementation of security solutions, ensuring proper integration within existing infrastructure.
• Delivered cybersecurity training to National Cybersecurity Program trainees, contributing to workforce development.
• Chaired weekly coordination meetings with IT Deanship leadership, aligning on technical issues, business needs, and infrastructure security enhancements.
• Prepared and delivered awareness sessions for faculty, staff, and interns to strengthen security culture.
• Conducted infrastructure security audits and ensured alignment with NCA ECC framework requirements.
• Responded to regulator alerts in line with compliance requirements.

Supported the successful rollout of Etimad platform related digital services, working closely with government agencies and internal stakeholders to enable adoption, improve service delivery, and optimize revenue performance.

Key roles include:
• Led the rollout of new Etimad platform services, ensuring smooth enablement across government agencies.
• Delivered training and enablement sessions to government entities to support platform adoption.
• Facilitated workshops for both government and private sector stakeholders to enhance platform understanding and usage.
• Prepared project performance reports for upper management to support strategic decision-making.
• Conducted revenue and pricing analyses for e-products to optimize pricing strategies and track financial performance.
• Documented and improved e-product process designs, ensuring operational efficiency and alignment with business goals.
• Prepared and delivered revenue performance reports to senior management to support planning and forecasting.

.