Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Thank you. Your report has been submitted and will be reviewed shortly.
Ali Qassim AlSayoud, Information Security Risk Specialist

Ali Qassim AlSayoud

Information Security Risk Specialist·SABB

Saudi Arabia

Diploma, Computer applications

Work experience

Total years of experience: 16 years, 2 months

Information Security Risk Specialist

May 2010 - Present

SABB

Riyadh, Saudi Arabia

May 2010 - Present

1. Application security assessment.
a) Determining information security team engagement level.
b) Creating application security requirements.
c) Threat modeling the application, identifying potential risk and advising on security controls to mitigate the risk.
d) Penetration testing the application to identify the vulnerabilities
e) Deduce residual risk based on the pen test and advice on the risk action.
f) Enforce other Information security units engagement in the project such as access management and monitoring units.
 
2. Third Party security assessment.
a) Determining information security team engagement level.
b) Review the security of the third party and assessing the potential risk.
c) Advising security controls to mitigate the risk.
d) Deduce residual risk and advice on risk action.
 
3. Infrastructure security assessment:
a) Discovering infrastructure security weaknesses.
b) Recommending a safeguard security control.
c) Coordinating the security control implementation.
 
4. Reviewing and assessing information security exceptions and requests.
a) Refer the exception or request to its policy and standard.
b) Review it against the policy and standard.
c) Recommend none violating solution if possible.
d) If no alternatives are available then I decide on the necessary action such as dispensation or rising risk acceptance.  

5. Coordinating new information security projects.
 
6. Monitoring network configuration changes.
 
7. Monitoring firewall and IDS traffic.
 
8. SARIE second security officer.

Company industry:
Banking
Job role:
Information Technology

Education

King Fahad university

June 2009

June 2009

Diploma, Computer applications

Saudi Arabia

GPA (point): 3.83 out of 4

GPA (point): 3.83 out of 4

Skills

Information Security Management

Expert

Network Security

Expert

Application Security

Expert

application security assessment

Intermediate

Third Party security Assessment

Intermediate

Infrastructure security assessment

Intermediate

Penetration testing

Intermediate

Information Security Management

Expert

Network Security

Expert

Application Security

Expert

Languages

English

Intermediate

Arabic

Expert

Training and Certifications

Certifications
CISSP exam is passed recently and Certification is in progress
GIAC Web Application Penetration Tester (GWAPT)
Mar 2014 - Mar 2018

Training
Advanced Web App Penetration Testing and Ethical Hacking
SANS
Jan 2015
Web App Penetration Testing and Ethical Hacking
SANS
Oct 2013

Hobbies and interests

Reading

I like reading about information security and reading part of my job where I need to read security books and articles to produce my assessment outcome. my reading includes but not limited to the following security books as part self development. 1. Official (ISC)2 Guide to the CSSLP 2. Hacking exposed web applications 3. Secure and Resilient Software 4. Threat Modeling (Microsoft Professional