Senior Cybersecurity Engineer
Total years of experience :9 years, 8 Months
Extensive experience in designing, architecture and implementing Information Security programs utilizing ISO 27001, ISO 27005 and NIST framework.
•Implementing information security and risk management frameworks along with an internal audit for largest real estate management company (King Abdullah Financial District Management Company (KAFD) largest real estate project in the world) based upon ISO 27001, ISO 27005, NIST SP 800-30 and KSA NCA-ECC.
•Perform cybersecurity maturity gap assessment and successfully implement information security management system based on -ISO 27001, SAMA Cybersecurity Maturity Framework (CSF, CRFR and MVC) and CMA- Cyber Security Guidelines for Capital Market institutions.
•Facilitated and enacted the Assessment and Authorization (A&A) processes under the risk management framework (RMF) for new and existing information systems.
•Assisted in the internal review of corporate information security policies in cooperation with key systems administration departments in alignment with NCA regulatory frameworks utilizing ECC as a guideline.
•Managing the team to implement PCI DSS for a fintech company which provides services and products for startups to large enterprises to manage company expenses.
•Performed information/cybersecurity audits to identify potential vulnerabilities in the computing environment.
•Supervised, mentored, managed, and trained personnel to support efforts for information security departments for many organisations.
•Implement organizational security policies for cloud security and provide information security training and awareness program for all users.
Successfully implement various Information Security Management System (ISMS- ISO 27001) and risk management framework (RMF- ISO 27005) engagements end to end.
•Performing internal audit of information security frameworks as per ISO 27001 standard for information security management system and Saudi Arabian National Cybersecurity Authority (NCA).
•Assisted in implementing of information security policies, procedures for various financial and insurance clients.
•Implementing business continuity standard for oil gas sector client against ISO 22301:2019
•Assisted in gap assessment and conducting Business Impact Analysis (BIA) identifying critical systems and Functional Recovery Plans (FRP) to facilities organizations and processes in case of disaster.
•Implementing Information Security Awareness program and designed a complete Information Security Awareness Framework.
•Conducting regular internal audits in compliance with all ISMS policies and procedures on behalf of the Information Security Governance Team.
•Assisted banking client for in implementing Information security best practices for their core banking application, World Check One (AML alternative) operational risk management (ORM) as per Central Bank Bahrain (CBB) compliance requirements.
•Analyzed security controls, performing data privacy impact assessment (DPIA) for banking clients for Personal Data Protection Law (PDPL).
•Supervised SWIFT internal audit -SWIFT customer security program (CSP) and gap assessment for banking client.
•Supervised team performed Aramco Cybersecurity Compliance Certificate (CCC) assessment for third parties.
•Supervised consultants for performing VAPT activities.
Bachelor in Software Engineering
URL removed due to policy violation. Please contact support for further information.