ممدوح الزهراني

Build a SoC and maintain Incidents management

Risk Assessment Specialist 2011-2012
Alinma Bank, Riyadh, KSA

-Security &Risk management: • Main objectives vary from assessing raising daily external and internal risks to producing quality work that helps in the process of maintaining the
enterprise's security requirements.
• Monitoring systems and applications logs: Security logs.

-Security Awareness: • Increase the security and continuity awareness levels for all the bank's
employees by using emails and training sessions.
• Managing and Operating An awareness program "e-learning" system.

-Internal IT Audit: • Were able to coordinate, manage and assess internal and external
audits requirements towards IT systems and standard.

-Policies&procedures: • To ensure compliance with external requirements from regulators, industry
organisations, and security standards.
• Annual updates of organisational and technical policies and procudres.
• Developing new security document (policy, procedure, standard and guideline) based on needed.
• Maintaining/developing the enterprise's security documents (policies,
standards, guidelines and procedures) based on need.

-Co-operator of PCI DSS Card Scan: • Main task were to managing the process of PCI card scanning and update the scope of PCI DSS on the enterprise assets.

Used to design and implement AQL, HTML, PHP, Java and other coding to websites while administrating more than 10 major websites. Also, Supporting clients in troubleshooting and managing Application.