Head of Security and Privacy
Majid Al Futtaim
Total years of experience :9 years, 10 Months
information security strategy and program management.
IT GRC Oversight.
IT Security, Risk and Control Performance and ROI.
Top Management and Stakeholders advisory on threats and risk
Information Security, GRC and Privacy Management,
e-Commerce Business Risks and Fraud Management,
Payment Cards Schemes Requirements Implementations and Compliance
IT & Digital Platforms Security Assurance and Enhancement
Operational Technologies Security Controls and Initiatives Management
Security Management of Digital Strategy and Customer Experience Enhancements Initiatives
Vulnerabilities Management
Business Information Security Management
Enterprise IT Security and Risk Management.
Cyber Security Strategies and Initiatives Advisory
Security Awareness Management across the company
IT and Risk Controls Assessments and Assurance Management
Cybersecurity Technologies Architecture and Implementation Management
Enterprise Compliance Management for industry and IT regulatory standards (PCIDSS, GDPR, ISO27001, 22301, 2000 and 9001).
Security Assurance: Provide regular view on security stature of the company to management and stakeholders, through tangible and actionable measurements
Streamline the security technology portfolio and integration with other technologies used at ISA to address cyber risks
Build a security-aware culture across ISA to ensure people are aware of the threats and techniques to address them
Manage internal and external compliance, such as PCI DSS, GDPR and components of CMMi, ITIL.
Services and Vendors Performance Management spanning RFPs, Proposals Reviews, Selection, Contracts/SLA, Status Review & Report, Performance Tracking, Escalations and Penalties, Milestones and Payouts
•Vulnerabilities details reviews and security risk assessments, business impact analysis on clients/internal information systems.
•Investigate major breaches of security, and recommends appropriate control improvements.
•Define Penetration test strategies, Coordinate and manage planning of penetration tests, delivers objective insights into the existence of vulnerabilities, the effectiveness of defenses and mitigating controls - both those already in place and those planned for future implementation
•Provide different teams and direct reports with clear direction and targets to align with business or clients’ needs.
•Continuously monitor and evaluate team workload and organizational efficiency with the support of IT systems, data and analysis and team feedback and make appropriate changes in order to meet business needs.
•Design and reviews of multiple Infoprive’s proprietary solutions: Card Data Discovery, Payment Card Transactions Fraud Detection.
•Responsible for clients engagements management: Strategic Accounts planning, RFP content definitions, Cybersecurity Solutions Proposals, Presales presentations and PoCs organization, definition of SoW
Oct 2008 to design multiple Value Added Services and Solutions around the Payment Switch as part of the Transactions/Payments Switch Enhancement Initiative.
•Managed Systems/Solutions Enhancements and Quality Assurance program as Quality Assurance Analyst in 2009
•Introduced frameworks and standardization to applications, systems, databases and architecture designs (SOA)
•Attained promotions to the position of increasing responsibilities as Unit Head - Information Security /
Implementation and support for clients (commercial banks)
•Risk Based Audit Management Software
•Electronic Financial Analysis and Surveillance System
. -
Masters in Information Technology