Cyber Security governance & architecture analyst
Riyad Bank
Total years of experience :6 years, 4 Months
Responsible for processing all security change requests that affect the Bank systems and infrastructure.
·Good Knowledge of the requirements of the regulation related to the banking sector that comes through SAMA and NCA.
·Develop and update Information Security Policies Based on the requirements form SAMA, NCA, or the bank.
·Responsible for develop and update the Minimum Security Baseline Standard.
·Ensure that Information Security policies and Standards are comply with the requirements of Saudi Arabia Regulators.
·Responsible for developing and monitoring KPIs & KRIs assigned to each department with relevant to cyber security aspect.
·Establish key priorities to develop plans for protecting Bank systems.
·Responsible for Reviewing and approving the business requirements documents (BRDs) with relevant to cyber security perspective side, and ensure cyber security requirement to be implemented within BRDs.
·Responsible for reporting and managing the CISO performance dashboard.
·Responsible to monitor the cyber security Dept. and put plans to enhance and avoid the weakness on each team’s tasks or projects.
• Executes all relevant security policies, processes and standards on ICT systems.
• Operating procedures to ensure that work is carried out in a controlled and consistent manner.
• Good Knowledge of the requirements and applications of international standards such as NIST, ISO 27001, GSMA, ITU and Saudi Arabian standards such as SAMA, CITC and NCA.
• Establishing advanced Cyber Security Compliance assessments.
• Develop Information Security Policies, Guidelines and Standards.
• Strategy planning for Cyber Security in the Organization wide.
• Execute daily operations of ICT systems-based security to ensure that work processes are implemented as designed and compliant with established standards and procedures.
• Identify potential risks (both internal and external) and operational scenarios that may damage company’s operations.
• Establish key priorities and develops proposals for protecting ICT systems environment.
• Providing risk management support including due diligence on vendors, assessment of new processes or software.
• Contributed to the development of solutions to on - going security problems and assists in their successful implementation.
• Evaluating new ICT systems, components, products, etc. from a systems security/business continuity perspective and recommend their implementation.
• Investigates security incidents, such as information system leaks and proposes corrective actions.
• Contributes to create security awareness and training of ICT system users.
• Conduct and facilitate information security risk identification, risk analysis, risk prioritization, risk treatment plan, and risk monitoring.
• Managements of Cyber Security Projects.
• Understanding of RSA Archer modules such as a Compliance Management, Policy Management.
• Good knowledge of Vulnerability scanning, vulnerability management, and vulnerability remediation.
SOC / NOC Analyst.
Firewalls Management.
Network Monitoring & Configuring.
Manage Engine Administration.
Patch Management handling.
Endpoint Management.
ISP Links Monitoring.
Incident Response.
-Security Operation Center (SOC) Trainee.
- Network Designing and configuration.
- Cybersecurity technologies development.
- Linux Servers administration.
- VMware servers designing and Implementation.
-Web Project Developer: (SD Cybersecurity & Vulnerability Assessment Web-App).
-MS Windows Server & Active Directory Training.
-Hands on a vulnerability Scanning.
-Endpoint Integration.
-SIEM Solution Integration.
-Firewalls Configuration.
URL removed due to policy violation. Please contact support for further information.