كلما زادت طلبات التقديم التي ترسلينها، زادت فرصك في الحصول على وظيفة!

إليك لمحة عن معدل نشاط الباحثات عن عمل خلال الشهر الماضي:

عدد الفرص التي تم تصفحها

عدد الطلبات التي تم تقديمها

استمري في التصفح والتقديم لزيادة فرصك في الحصول على وظيفة!

هل تبحثين عن جهات توظيف لها سجل مثبت في دعم وتمكين النساء؟

اضغطي هنا لاكتشاف الفرص المتاحة الآن!
نُقدّر رأيكِ

ندعوكِ للمشاركة في استطلاع مصمّم لمساعدة الباحثين على فهم أفضل الطرق لربط الباحثات عن عمل بالوظائف التي يبحثن عنها.

هل ترغبين في المشاركة؟

في حال تم اختياركِ، سنتواصل معكِ عبر البريد الإلكتروني لتزويدكِ بالتفاصيل والتعليمات الخاصة بالمشاركة.

ستحصلين على مبلغ 7 دولارات مقابل إجابتك على الاستطلاع.


تم إلغاء حظر المستخدم بنجاح
أمين صديقي, Cyber Security Executive Director, CISO

أمين صديقي

Cyber Security Executive Director, CISO·Events Investment Fund

المملكة العربية السعودية

بكالوريوس, Information Technology

الخبرة العملية

مجموع سنوات الخبرة: 22 سنوات, 5 أشهر

Cyber Security Executive Director, CISO

أبريل 2023 - حتى الآن

Events Investment Fund

الرياض، المملكة العربية السعودية

أبريل 2023 - حتى الآن

Head of Cyber Security department and CISO

key achievements:

- Established the cybersecurity department
- increased the NCA ECC compliance level
- Developed the cybersecurity policy and procedures without any consultancy help
- Developed the cybersecurity strategy and 3 year road map internally first then had it reviewed by consultants.
- Developed minimum security baselines internally
- Raised the maturity level of the cyber posture of the entity.

مجال الشركة:
الاستثمار والضمانات والصناديق المالية
الدور الوظيفي:
الإدارة

SVP, Head of cybersecurity GRC

نوفمبر 2021 - أبريل 2023

Public investment fund

الرياض، المملكة العربية السعودية

نوفمبر 2021 - أبريل 2023

Deputised the CISO, and was Head of Governance, Risk and Compliance at PIF
key achievements:
- Managed NCA regulatory compliance program
- Increased the NCA ECC. CSCC, TCC, OSMACC, and CCC compliance level to a satisfactory level.
- Developed and implemented a data classification framework
- managed a team of highly professional cybersecurity engineers
- Implemented and successfully achieved the ISO27001 certification.

مجال الشركة:
المحاسبة
الدور الوظيفي:
الإدارة

VP, Head of Information Security Governance and Risk

مارس 2018 - نوفمبر 2021

Public Investment Fund

الرياض، المملكة العربية السعودية

مارس 2018 - نوفمبر 2021

Vice President, Head of Information Security Governance and Risk at PIF

Key Achievements:
- Helped the CISO establish the cybersecurity department.
- Conducted several risk assessments
- Developed a cybersecurity awareness program
- Helped the CISO in developing a cybersecurity framework, roles, and responsibilities.
- Reviewed and improved and cybersecurity strategy and roadmap.

مجال الشركة:
المحاسبة
الدور الوظيفي:
التمويل والإستثمار

GM, Head of Information Security Governance Risk and Compliance

يناير 2018 - فبراير 2018

Banque Saudi Fransi

الرياض، المملكة العربية السعودية

يناير 2018 - فبراير 2018

I have achieved the following:
Establishment of sound information security management program, program effectiveness tool ie metrics, clear and conscience information security policies, standards and baselines, and alignment of security with business line objectives, and satisfactory level of compliance with regulatory programs like SAMA cyber security framework, PCI-DSS, and Tadawul.

مجال الشركة:
البنوك
الدور الوظيفي:
البنوك

Executive Manager, Senior Information Security Officer

سبتمبر 2014 - ديسمبر 2017

Banque Saudi Fransi

الرياض، المملكة العربية السعودية

سبتمبر 2014 - ديسمبر 2017

• I Conduct periodic Information Security risk assessment for major applications and critical business processes and major IT Infrastructure and services as per the guidelines of department Head.
• I develop and update the Threats and Vulnerabilities databases and the controls database.
• I Perform detailed threat and vulnerability impact assessment, assign impact ratings and make adjustments in the overall risk ratings for the IT infrastructure being assessed.
• I Identify the impact of the new threats and vulnerabilities on various assets.
• I am Responsible for coordinating and performing periodic internal and external penetration testing for major services.
• I assist the dept. manager for establishing a vulnerability and patch management program and coordinate the required security scan activities with the SOC team.
• I conduct physical security reviews and assessment on major IT infrastructure i.e. Data Center and DRC.
• I perform users profile and role engineering activities with Business lines to identify areas of role conflict and excessive privileges.
• I assist the department manager in defining annual IS strategy, roadmap and objectives in alignment with Business.
• I assist in managing critical information security compliance programs including PCI DSS, ISO 27001, SAMA eBanking rules and other mandates from SAMA, CMA and CA-CIB.
• I am responsible for establishing and maintaining security policies, baselines, standards, checklist and processes and for defining roles and responsibilities of Info. Security within the bank.
• I assist the department manager in establishing a strong and effective Security Governance model and instituting a sound IS GRC platform based on a unified security compliance model .
• I am responsible for the execution of bank-wide information security awareness program and a customer focused IS awareness program with an objective to enhance the awareness level of BSF staff and customers.
• I assist the department head in establishing and maintaining Information Security KPI and metrics and for preparing Management Reports on the status of the security posture of BSF.
• I assist the department head in coordinating activities internal and external auditors including PCI QSA, ISO 27001 external auditor, and internal BSF audit division and with all B/Ls and support divisions.
• I am responsible for maintaining overall security remediation plans and managing Information Security exceptions.
• I am responsible for defining security control enhancement strategy for core banking services in BSF i.e. eChannels, BDS, ATMs, etc as well as defining control effectiveness enhancement strategy for already-implemented critical security controls

مجال الشركة:
البنوك
الدور الوظيفي:
الإدارة

E-Banking Risk Officer

مايو 2013 - سبتمبر 2014

Arab National Bank

الرياض، المملكة العربية السعودية

مايو 2013 - سبتمبر 2014

Ensure the bank's electronic banking initiatives comply with relevant regulatory requirements and that effective controls are established to manage potential risks to the bank’s earnings and capital from electronic banking services.
1. Keep an updated inventory of eBanking risks for eChannels.
2. Document eBanking risks and controls in the relevant units' risk profiles within the Operational Risk repository and monitor the results of management's self-assessment of these risks/controls.
3. Assess the adequacy of existing controls (design assessment) to mitigate known eBanking risks effectively.
4. Perform periodic assessments, including design and operating effectiveness, of eBanking processes and controls to ensure compliance with regulatory requirements, the E-Banking Risk Management Policy, and other internal policies of the Bank.
5. Coordinate with management for the timely resolution of process and control deficiencies in the electronic banking environment.
6. Research and gather current information on emerging eBanking risks/threats to detect shifts in the risk landscape and suggest improvements to the control environment.
7. Assist the Head of E-Banking Risk with management reporting, special projects, ad hoc management requests, and other administrative tasks.

مجال الشركة:
البنوك
الدور الوظيفي:
تكنولوجيا المعلومات

Information Systems Specialist

يونيو 2010 - مايو 2013

Arab National Bank

الرياض، المملكة العربية السعودية

يونيو 2010 - مايو 2013

I was a member of an extensive team of systems administrators responsible for the maintenance and operation of all the bank's systems.

Key roles as an information systems specialist included:
- Administration of Active Directory and Group Policy.
- Administration of Mailing and Messaging (MS Exchange Administrator).
- Administration of Patching.
- Server-level hardware administration and installation.

مجال الشركة:
البنوك
الدور الوظيفي:
تكنولوجيا المعلومات

Information Security Officer

أغسطس 2006 - يونيو 2010

Arab National Bank

الرياض، المملكة العربية السعودية

أغسطس 2006 - يونيو 2010

I was recruited to establish and manage an enterprise-wide information security program, overseeing efforts to identify and evaluate all critical systems across the company. My responsibilities include designing and implementing security processes and procedures, collaborating with internal and external auditors to conduct comprehensive compliance audits, and presenting the results to senior management. I supervise the daily activities of the Computer Security Assistant and Internet Administrator, as well as administer and maintain the SARIE Remittance system.

Key Contributions:
- Actively participated in the security upgrade of SAMA’s SARIE 2 system.
- As an Information Security Specialist, I manage Encryption Devices Host Security Modules (THALES & SWIFTNET), configure HSMs, and generate ZMK & LMK.
- Played a pivotal role in developing and implementing the Business Continuity and Disaster Recovery Plan (BCP & DRP).
- Selected for a specialized task force to address audit issues and comments on the IT group, overseen directly by the CIO.
- As Project Manager, I successfully implemented Symark® PowerBroker®, a UNIX-based security tool.

مجال الشركة:
البنوك
الدور الوظيفي:
تكنولوجيا المعلومات

System Integrator & Tester

أكتوبر 2005 - أبريل 2006

Riyadh Bank

الرياض، المملكة العربية السعودية

أكتوبر 2005 - أبريل 2006

I served as a system integrator and tester in the Quality Control department as part of my bachelor's degree co-op program. In system testing, I was tasked every few weeks with a new system purchased by the bank to conduct thorough testing for errors and bugs, ensuring full integration with existing systems.

During my 28-week tenure at Riyadh Bank, I tested the following systems:
- SADAD Electronic Bill Payment System.
- IBM’s Siebel Call Center System.
- CSR STARS System to replace the current branch front-end system.
- Real Estate Development Fund System.
- IOMSS Investment Order Management & Settlement System.

مجال الشركة:
البنوك
الدور الوظيفي:
تكنولوجيا المعلومات

Computer System Operator

فبراير 1998 - ديسمبر 1999

Arab National Bank

الرياض، المملكة العربية السعودية

فبراير 1998 - ديسمبر 1999

Worked in different departments like: Computer Data Center Operations, Production Support, and Output Control.
I was finally appointed In the Data Center Operations department
where I operated systems like:
o STRATUS
o Base24
o Static Data
o BANK MASTER
o UNIX CLIENTS: Gateway validation and update, and backups.
o FDRL
o HP OPENVIEW: branch monitoring
o SARIE: local wire transfer system
o SWIFT: international wire transfer system

مجال الشركة:
البنوك
الدور الوظيفي:
تكنولوجيا المعلومات

التعليم

PRINCE SULTAN UNIVERSITY

أغسطس 2005

أغسطس 2005

بكالوريوس، Information Technology

المملكة العربية السعودية

Skills

IT Risk
Expert
IT Risk
Expert
System Administration
Expert
System Administration
Expert
Disaster Recovery
Expert
Disaster Recovery
Expert
Risk Analysis
Expert
Risk Analysis
Expert
Information Security Policy
Expert
Information Security Policy
Expert
IT Risk
Intermediate
IT Risk
Intermediate
MS Active directory
Expert
MS Active directory
Expert
MS SharePoint
Intermediate
MS SharePoint
Intermediate
MS Exchange
Intermediate
MS Exchange
Intermediate
Information Security
Expert
Information Security
Expert
(CISM) certified information security manager
Expert
(CISM) certified information security manager
Expert
Compliance
Expert
Compliance
Expert
Governance
Expert
Governance
Expert
Risk Management
Expert
Risk Management
Expert
Strategy Work
Expert
Strategy Work
Expert
Defense
Expert
Defense
Expert
Cybercrime
Expert
Cybercrime
Expert
Cyber Security
Expert
Cyber Security
Expert
Resilianse
Expert
Resilianse
Expert
System Administration
Expert
System Administration
Expert
Disaster Recovery
Expert
Disaster Recovery
Expert
Risk Analysis
Expert
Risk Analysis
Expert
Information Security Policy
Expert
Information Security Policy
Expert

حسابات مواقع التواصل الاجتماعي

الموقع الشخصي
الموقع الشخصي

اللغات

العربية

متمرّس

الانجليزية

متمرّس

التدريب و الشهادات

الشهادات
GCF Certified Security Leader
Jul 2020
Cybersecurity leader award 2020, Kingdom of Saudi Arabia Edition
Nov 2020
Certified Data Privacy Solutions Engineer
Aug 2020
Certified Information Secuity Manager
Jun 2017 - Jan 2021