Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Amin Siddiqui, Cyber Security Executive Director, CISO

Amin Siddiqui

Cyber Security Executive Director, CISO·Events Investment Fund

Saudi Arabia

Bachelor's degree, Information Technology

Work experience

Total years of experience: 22 years, 5 months

Cyber Security Executive Director, CISO

April 2023 - Present

Events Investment Fund

Riyadh, Saudi Arabia

April 2023 - Present

Head of Cyber Security department and CISO

key achievements:

- Established the cybersecurity department
- increased the NCA ECC compliance level
- Developed the cybersecurity policy and procedures without any consultancy help
- Developed the cybersecurity strategy and 3 year road map internally first then had it reviewed by consultants.
- Developed minimum security baselines internally
- Raised the maturity level of the cyber posture of the entity.

Company industry:
Investment, Securities & Funds
Job role:
Management

SVP, Head of cybersecurity GRC

November 2021 - April 2023

Public investment fund

Riyadh, Saudi Arabia

November 2021 - April 2023

Deputised the CISO, and was Head of Governance, Risk and Compliance at PIF
key achievements:
- Managed NCA regulatory compliance program
- Increased the NCA ECC. CSCC, TCC, OSMACC, and CCC compliance level to a satisfactory level.
- Developed and implemented a data classification framework
- managed a team of highly professional cybersecurity engineers
- Implemented and successfully achieved the ISO27001 certification.

Company industry:
Accounting
Job role:
Management

VP, Head of Information Security Governance and Risk

March 2018 - November 2021

Public Investment Fund

Riyadh, Saudi Arabia

March 2018 - November 2021

Vice President, Head of Information Security Governance and Risk at PIF

Key Achievements:
- Helped the CISO establish the cybersecurity department.
- Conducted several risk assessments
- Developed a cybersecurity awareness program
- Helped the CISO in developing a cybersecurity framework, roles, and responsibilities.
- Reviewed and improved and cybersecurity strategy and roadmap.

Company industry:
Accounting
Job role:
Finance and Investment

GM, Head of Information Security Governance Risk and Compliance

January 2018 - February 2018

Banque Saudi Fransi

Riyadh, Saudi Arabia

January 2018 - February 2018

I have achieved the following:
Establishment of sound information security management program, program effectiveness tool ie metrics, clear and conscience information security policies, standards and baselines, and alignment of security with business line objectives, and satisfactory level of compliance with regulatory programs like SAMA cyber security framework, PCI-DSS, and Tadawul.

Company industry:
Banking
Job role:
Banking

Executive Manager, Senior Information Security Officer

September 2014 - December 2017

Banque Saudi Fransi

Riyadh, Saudi Arabia

September 2014 - December 2017

• I Conduct periodic Information Security risk assessment for major applications and critical business processes and major IT Infrastructure and services as per the guidelines of department Head.
• I develop and update the Threats and Vulnerabilities databases and the controls database.
• I Perform detailed threat and vulnerability impact assessment, assign impact ratings and make adjustments in the overall risk ratings for the IT infrastructure being assessed.
• I Identify the impact of the new threats and vulnerabilities on various assets.
• I am Responsible for coordinating and performing periodic internal and external penetration testing for major services.
• I assist the dept. manager for establishing a vulnerability and patch management program and coordinate the required security scan activities with the SOC team.
• I conduct physical security reviews and assessment on major IT infrastructure i.e. Data Center and DRC.
• I perform users profile and role engineering activities with Business lines to identify areas of role conflict and excessive privileges.
• I assist the department manager in defining annual IS strategy, roadmap and objectives in alignment with Business.
• I assist in managing critical information security compliance programs including PCI DSS, ISO 27001, SAMA eBanking rules and other mandates from SAMA, CMA and CA-CIB.
• I am responsible for establishing and maintaining security policies, baselines, standards, checklist and processes and for defining roles and responsibilities of Info. Security within the bank.
• I assist the department manager in establishing a strong and effective Security Governance model and instituting a sound IS GRC platform based on a unified security compliance model .
• I am responsible for the execution of bank-wide information security awareness program and a customer focused IS awareness program with an objective to enhance the awareness level of BSF staff and customers.
• I assist the department head in establishing and maintaining Information Security KPI and metrics and for preparing Management Reports on the status of the security posture of BSF.
• I assist the department head in coordinating activities internal and external auditors including PCI QSA, ISO 27001 external auditor, and internal BSF audit division and with all B/Ls and support divisions.
• I am responsible for maintaining overall security remediation plans and managing Information Security exceptions.
• I am responsible for defining security control enhancement strategy for core banking services in BSF i.e. eChannels, BDS, ATMs, etc as well as defining control effectiveness enhancement strategy for already-implemented critical security controls

Company industry:
Banking
Job role:
Management

E-Banking Risk Officer

May 2013 - September 2014

Arab National Bank

Riyadh, Saudi Arabia

May 2013 - September 2014

Ensure the bank's electronic banking initiatives comply with relevant regulatory requirements and that effective controls are established to manage potential risks to the bank’s earnings and capital from electronic banking services.
1. Keep an updated inventory of eBanking risks for eChannels.
2. Document eBanking risks and controls in the relevant units' risk profiles within the Operational Risk repository and monitor the results of management's self-assessment of these risks/controls.
3. Assess the adequacy of existing controls (design assessment) to mitigate known eBanking risks effectively.
4. Perform periodic assessments, including design and operating effectiveness, of eBanking processes and controls to ensure compliance with regulatory requirements, the E-Banking Risk Management Policy, and other internal policies of the Bank.
5. Coordinate with management for the timely resolution of process and control deficiencies in the electronic banking environment.
6. Research and gather current information on emerging eBanking risks/threats to detect shifts in the risk landscape and suggest improvements to the control environment.
7. Assist the Head of E-Banking Risk with management reporting, special projects, ad hoc management requests, and other administrative tasks.

Company industry:
Banking
Job role:
Information Technology

Information Systems Specialist

June 2010 - May 2013

Arab National Bank

Riyadh, Saudi Arabia

June 2010 - May 2013

I was a member of an extensive team of systems administrators responsible for the maintenance and operation of all the bank's systems.

Key roles as an information systems specialist included:
- Administration of Active Directory and Group Policy.
- Administration of Mailing and Messaging (MS Exchange Administrator).
- Administration of Patching.
- Server-level hardware administration and installation.

Company industry:
Banking
Job role:
Information Technology

Information Security Officer

August 2006 - June 2010

Arab National Bank

Riyadh, Saudi Arabia

August 2006 - June 2010

I was recruited to establish and manage an enterprise-wide information security program, overseeing efforts to identify and evaluate all critical systems across the company. My responsibilities include designing and implementing security processes and procedures, collaborating with internal and external auditors to conduct comprehensive compliance audits, and presenting the results to senior management. I supervise the daily activities of the Computer Security Assistant and Internet Administrator, as well as administer and maintain the SARIE Remittance system.

Key Contributions:
- Actively participated in the security upgrade of SAMA’s SARIE 2 system.
- As an Information Security Specialist, I manage Encryption Devices Host Security Modules (THALES & SWIFTNET), configure HSMs, and generate ZMK & LMK.
- Played a pivotal role in developing and implementing the Business Continuity and Disaster Recovery Plan (BCP & DRP).
- Selected for a specialized task force to address audit issues and comments on the IT group, overseen directly by the CIO.
- As Project Manager, I successfully implemented Symark® PowerBroker®, a UNIX-based security tool.

Company industry:
Banking
Job role:
Information Technology

System Integrator & Tester

October 2005 - April 2006

Riyadh Bank

Riyadh, Saudi Arabia

October 2005 - April 2006

I served as a system integrator and tester in the Quality Control department as part of my bachelor's degree co-op program. In system testing, I was tasked every few weeks with a new system purchased by the bank to conduct thorough testing for errors and bugs, ensuring full integration with existing systems.

During my 28-week tenure at Riyadh Bank, I tested the following systems:
- SADAD Electronic Bill Payment System.
- IBM’s Siebel Call Center System.
- CSR STARS System to replace the current branch front-end system.
- Real Estate Development Fund System.
- IOMSS Investment Order Management & Settlement System.

Company industry:
Banking
Job role:
Information Technology

Computer System Operator

February 1998 - December 1999

Arab National Bank

Riyadh, Saudi Arabia

February 1998 - December 1999

Worked in different departments like: Computer Data Center Operations, Production Support, and Output Control.
I was finally appointed In the Data Center Operations department
where I operated systems like:
o STRATUS
o Base24
o Static Data
o BANK MASTER
o UNIX CLIENTS: Gateway validation and update, and backups.
o FDRL
o HP OPENVIEW: branch monitoring
o SARIE: local wire transfer system
o SWIFT: international wire transfer system

Company industry:
Banking
Job role:
Information Technology

Education

PRINCE SULTAN UNIVERSITY

August 2005

August 2005

Bachelor's degree, Information Technology

Saudi Arabia

Skills

IT Risk
Expert
IT Risk
Expert
System Administration
Expert
System Administration
Expert
Disaster Recovery
Expert
Disaster Recovery
Expert
Risk Analysis
Expert
Risk Analysis
Expert
Information Security Policy
Expert
Information Security Policy
Expert
IT Risk
Intermediate
IT Risk
Intermediate
MS Active directory
Expert
MS Active directory
Expert
MS SharePoint
Intermediate
MS SharePoint
Intermediate
MS Exchange
Intermediate
MS Exchange
Intermediate
Information Security
Expert
Information Security
Expert
(CISM) certified information security manager
Expert
(CISM) certified information security manager
Expert
Compliance
Expert
Compliance
Expert
Governance
Expert
Governance
Expert
Risk Management
Expert
Risk Management
Expert
Strategy Work
Expert
Strategy Work
Expert
Defense
Expert
Defense
Expert
Cybercrime
Expert
Cybercrime
Expert
Cyber Security
Expert
Cyber Security
Expert
Resilianse
Expert
Resilianse
Expert
System Administration
Expert
System Administration
Expert
Disaster Recovery
Expert
Disaster Recovery
Expert
Risk Analysis
Expert
Risk Analysis
Expert
Information Security Policy
Expert
Information Security Policy
Expert

Social profiles

Languages

Arabic

Expert

English

Expert

Training and Certifications

Certifications
GCF Certified Security Leader
Jul 2020
Cybersecurity leader award 2020, Kingdom of Saudi Arabia Edition
Nov 2020
Certified Data Privacy Solutions Engineer
Aug 2020
Certified Information Secuity Manager
Jun 2017 - Jan 2021