IT Security Risk & Compliance Specialist
BAE Systems
Total years of experience :12 years, 11 Months
Complaince lead for DEFARS, DCPP, Global IT SS, Suplly chain Cyber Security.
GRC for KSA Network.
Governance over IT Security Projects.
IT Security Improvment lead.
Working with the UK team to understand, evaluate and improve their IT Security practices and bring the knowledge back to KSA.
IT Security practices include, Risk management, IT Security Operations, incident handling, vulnerability scanning, accreditation and architecture & design.
1- Management of IT related risks by assessing, analyzing and mitigating risks to bring it down to the organization defined acceptable risk level.
2- Coordinating the implementation of identified IT security controls with IT service providers and/or internal parties.
3- Ensuring compliance with global IT security policies and Standards and coordinate with relevant stakeholders to close any identified non-compliance.
4- Work closely with business unite heads to ensure/agree appropriate risk response.
• Participate to maintain ISO27001 / ISMS accreditation.
• Assist in testing, implementation, documentation, operation, maintenance and auditing of business systems and applications.
• Identify risks and system needs, define solutions and appropriate standards and procedures.
• Prepare audit reports and follow-up non-compliance.
• Maintain and preserve information security records/logs.
• Implement, support, maintain, troubleshooting Anti-Virus tools.
• Auditing SAP application systems.
• Handling Information Security Incidents.
• Awareness and training
• Physical security audit and assessment for All Almarai Locations
• Access rights management over Almarai infrastructure.
Practical training, AD administrator, manage