Independent Consultant
Independent Consultant
مجموع سنوات الخبرة :10 years, 0 أشهر
-SAMA CSF implementation for Leading bank, Riyadh, KSA
-Conducting SAMA Cybersecurity framework domains GAP assessment for all domains
- Developing KPI’s /KRI’s
- Developing and documenting cybersecurity architecture
- Development of security control standards for security solutions
- Conducting Security tool assessment
- Follow-ups on audit findings & action plans for closure for SAMA’s reporting
- Reviewing compliance for bank’s polices, regulatory-SAMA, SWIFT, SARIE, standards-ISO27001, PCI-DSS & evidence collection.
- Reviewing and updating of cybersecurity policies and procedures
- Progress reporting to the Steering committee on Governance, Risk and Compliance
-Re-validation of cybersecurity assessment based on SAMA Cybersecurity Framework, for regulatory body at KSA, Riyadh & Bahrain
-Cybersecurity assessment and reporting for TEMENOS core banking application at a large bank in Dubai, UAE
-Developing and documentation of cybersecurity KPI’s /KRI’s, exception handling & escalation process management for large bank in Riyadh
-Development of cybersecurity architecture based on SABSA concepts mapped to ISO 27001 standard
-BCM/DR consulting for Data center B to B and B to C applications,
-Conduct BCM awareness sessions to internal stakeholders
- BCM Framework development and update DR Framework development and update BCM/DR assessments. Testing contingency plans,
-Timely reporting of BCM/DR key Performance Indicators
ICT and Information & Cybersecurity Security, compliance Consultant
My Responsibilities include:
• Being involved in Business development, sales and support.
• Identifying potential clients and building and maintaining contacts.
• To Provide advisory services with respect to:
• ICT network project planning, designing and installation of information technology systems for the clients
• Usage of information technology in order to meet client business objectives or overcome problems.
• To improve the structure and efficiency of IT systems in various client organizations.
• To provide strategic guidance to clients with regard to technology evaluations, IT infrastructure and enabling major business processes through enhancements to IT.
• To provide guidance during selection and procurement as well as providing highly expert technical assistance in:
• Defining software, hardware and network requirements in;
• Analyzing IT requirements within companies and giving independent and objective advice on the use of IT
• Developing agreed solutions and implementing new systems
• Assist clients with testing and ITIL processes
• Cyber security, threat and vulnerability assessment and Penetration testing.
• Writing reports and documentation.
• Training client users and consulting staff.
• Compiling and presenting information.
• Implementation of ISO 27001 information Security Management System for client organization.
• Drive and conduct ISO 27001 audit program, ISO 9001 QMS audit program, SSAE 16 /ISAE3402 compliance audits
• Project management of ICT projects like data center, Network operation center(NOC), security operation center(SOC), Wide Area and Local Area networks(WAN/LAN)
• Conducting risk management assessment and analysis in accordance to ISO 31000/ISO 27001
• Provide guidance to HIPAA and conducting audits
• To strengthen IT governance and compliance in the organization globally
• Chair Steering committees and Governance meeting for customer development centers
• Develop compliance framework using standard GRC tool
• Tracking security and compliance metrics of various departments contributing to customer’s Master Service Agreement compliance
• Drive Internal audit program and track remediation plans for closure of findings