Bayt.com

Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Siraj Shamsudheen, Information Security Manager

Siraj Shamsudheen

Information Security Manager·Qatar Islamic Bank

Qatar

Bachelor's degree, Computer Application

Work experience

Total years of experience: 16 years, 6 months

Information Security Manager

November 2020 - Present

Qatar Islamic Bank

Doha, Qatar

November 2020 - Present

• Continuously assess and identify vulnerabilities in cloud infrastructure, collaborating with engineers to design and
implement solutions, leading remediation efforts that strengthen the overall security posture and minimize potential data
breaches.
• Lead penetration testing for internal and external applications, documenting and mitigating vulnerabilities, and ensuring
PCI compliance, resulting in enhanced application security.
• Design and implement security architecture for the banks systems, ensuring continuous compliance with industry standards
throughout the lifecycle, which enhances protection against cyber threats and mitigates security risks.
• Conduct threat modeling, risk assessments, and security audits, implementing encryption, authentication, and access
controls to protect sensitive data, thus reducing exposure to potential threats.
• Manage ongoing vulnerability identification and reporting, advising on prioritization and maintaining the vulnerability
management solution to ensure timely remediation and mitigate risks.
• Lead security hardening benchmarks (CIS, NIST), perform regular audits, and provide detailed reports to the Risk
Management Committee, which enhances security measures and strengthens risk mitigation strategies. Integrate security
testing and requirements into the DevSecOps pipeline, minimizing risks and reducing attack surfaces during the application
development cycle, ensuring more secure deployments.
• Monitor the external threat landscape, analyzing findings to adapt security strategies and improve the organizations
security posture based on emerging threats.
• Oversee brand protection measures, providing weekly dashboards and reports with KPIs to track effectiveness and optimize
security initiatives, resulting in better brand security management.
• Document security risk items, vulnerabilities, and audits in the Operational Risk Management System (ORMS), ensuring
accurate and timely reporting, which improves risk visibility and compliance.
• Ensure ongoing compliance with regulatory guidelines and InfoSec policies, maintaining alignment with industry standards,
which minimizes legal and financial risks for the organization.
Company industry:
Banking
Job role:
Information Technology

Information Security Governance Officer

January 2017 - October 2020

Commercial Bank Qatar

Doha, Qatar

January 2017 - October 2020

• Maintained and updated information security policies and procedures, ensuring regulatory compliance and improving
security practices.
• Adjusted scanning strategies to address evolving threats, enabling proactive risk identification and improved threat
mitigation.
• Led the Data Loss Prevention (DLP) system, creating policies, analyzing incidents, and providing forensic evidence to
strengthen incident response.
• Conducted risk assessments, identifying vulnerabilities and recommending improvements to strengthen security protocols
• Resolved security weaknesses, ensuring faster remediation and minimizing security risks.
• Refined information security program policies, ensuring continuous improvement and alignment with best cybersecurity
practices.
• Supported the CISO in strategic planning, risk assessment, and cybersecurity controls, aligning with organizational goals to
enhance security posture.
Company industry:
Banking

Security Analyst

October 2015 - August 2016

ShiftPoint L.L.C

Doha, Qatar

October 2015 - August 2016

• Supported the CISO in strategic planning, risk assessment, reporting, and the implementation of cybersecurity controls.
• Initiated and conducted risk assessments to ensure the adequacy of security protocols.
• Played a key role in maintaining and updating information security policies, procedures, and standards.
• Managed the Vulnerability Assessment (VA) and Penetration Testing (PT) programs using both internal and external
resources. Gathered requirements for threat and vulnerability information, adjusted scanning strategies, and addressed evolving
threat landscapes.
• Led the Data Loss Prevention (DLP) system, including policy creation, incident analysis, and participation in
investigations, providing forensic evidence as needed.
Company industry:
IT Services
Job role:
Information Technology

Information Security Analyst

October 2015 - January 2016

ShiftPoint L.L.C.

Doha, Qatar

October 2015 - January 2016

• Served as an Information Security Analyst, providing hands-on engineering, analysis, and systems integration to implement
authentication and authorization solutions, application onboarding, and PKI-related projects, ensuring robust security
measures and streamlined access control processes.
• Ensured the proper implementation of Public Key Infrastructure (PKI) and certificate management, guaranteeing secure
data transmission and enhanced encryption across the organization.
• Handled information security incidents by creating solution architectures, models, and designs that met client operational
and security needs, resulting in effective mitigation of risks and improved overall security resilience.
Company industry:
Cyber & Network Security

Network Administrator

December 2007 - January 2014

Al Darwish Engineering

Doha, Qatar

December 2007 - January 2014

• Responsible for installing and maintaining firewalls and security software to safeguard personal user data.
• Focused on developing protection plans to prevent accidental modifications and unauthorized access to sensitive files
and data.
• Oversee the planning, configuration, and management of information security procedures, including the
administration of the enterprise antivirus manager.
• Accountable for executing and supporting vulnerability scanning programs, including configuring scan sites,
• Provided effective resolutions to identified security weaknesses.
• Updated and refined information security program policies, procedures, and standards.
scheduling scans, generating reports, and interpreting results.
• Responsible for managing Group Policy to establish user rights and privileges for data access.
Company industry:
Construction & Building

Education

Mahatma Gandhi University

April 2024

April 2024

Bachelor's degree, Computer Application

India

ICFAI University Tripura

December 2021

December 2021

Master's degree, Master of Business Administration in IT and Systems

India

Mahatma Gandhi University

May 2007

May 2007

Bachelor's degree, Computer Applications

India

GPA (rating): Very good

GPA (rating): Very good

Computer Application

Skills

Cyber Security
Expert
Cyber Security
Expert
Security Architecture Design
Expert
Security Architecture Design
Expert
Application Security
Expert
Application Security
Expert
Security Policy Development
Expert
Security Policy Development
Expert
Endpoint Security
Expert
Endpoint Security
Expert
Zero Trust - ZTNA
Expert
Zero Trust - ZTNA
Expert
LEADERSHIP
Intermediate
LEADERSHIP
Intermediate
INFORMATION SECURITY MANAGEMENT
Intermediate
INFORMATION SECURITY MANAGEMENT
Intermediate
INTERIOR ARCHITECTURE
Intermediate
INTERIOR ARCHITECTURE
Intermediate
BUSINESS RISK MANAGEMENT
Intermediate
BUSINESS RISK MANAGEMENT
Intermediate
BANKING SOFTWARE
Intermediate
BANKING SOFTWARE
Intermediate
GOVERNANCE
Intermediate
GOVERNANCE
Intermediate
RISK MANAGEMENT
Intermediate
RISK MANAGEMENT
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
Information Security Architecture
Expert
Information Security Architecture
Expert
Risk Analysis and Mitigation
Expert
Risk Analysis and Mitigation
Expert
Cloud Security
Expert
Cloud Security
Expert
Data Encryption
Expert
Data Encryption
Expert
Security Analytics
Expert
Security Analytics
Expert
Secure System Configuration
Expert
Secure System Configuration
Expert
Security Automation
Expert
Security Automation
Expert
COMPUTER SECURITY
Intermediate
COMPUTER SECURITY
Intermediate
GRAPHIC DESIGN
Intermediate
GRAPHIC DESIGN
Intermediate
COMPONENT BASED SOFTWARE ENGINEERING
Intermediate
COMPONENT BASED SOFTWARE ENGINEERING
Intermediate
NETWORK ARCHITECTURE
Intermediate
NETWORK ARCHITECTURE
Intermediate
CLOUD SECURITY
Intermediate
CLOUD SECURITY
Intermediate
IDENTITY AND ACCESS MANAGEMENT
Intermediate
IDENTITY AND ACCESS MANAGEMENT
Intermediate
Vulnerability Management
Expert
Vulnerability Management
Expert
Web Application Security
Expert
Web Application Security
Expert
Network Security
Expert
Network Security
Expert
Security Governance
Expert
Security Governance
Expert
Intrusion Detection and Prevention Systems (IDPS)
Expert
Intrusion Detection and Prevention Systems (IDPS)
Expert
Security Risk Assessment
Expert
Security Risk Assessment
Expert
Security Patch Management
Expert
Security Patch Management
Expert
Threat Intelligence
Expert
Threat Intelligence
Expert
Security Auditing
Expert
Security Auditing
Expert
Disaster Recovery Planning
Expert
Disaster Recovery Planning
Expert
Security Metrics and Reporting
Expert
Security Metrics and Reporting
Expert
Penetration Testing
Expert
Penetration Testing
Expert
Business Continuity Planning
Expert
Business Continuity Planning
Expert
Security Consulting
Expert
Security Consulting
Expert
Authentication and Authorization
Expert
Authentication and Authorization
Expert
Identity and Access Management (IAM)
Expert
Identity and Access Management (IAM)
Expert
Secure Network Design
Expert
Secure Network Design
Expert
Data Classification
Expert
Data Classification
Expert
Defence in Depth
Expert
Defence in Depth
Expert
Security Incident Response
Expert
Security Incident Response
Expert
Vulnerability Assessment
Expert
Vulnerability Assessment
Expert
Security Awareness Training
Expert
Security Awareness Training
Expert
Security Compliance
Expert
Security Compliance
Expert
Cryptography
Expert
Cryptography
Expert
Firewall Configuration and Managemen
Expert
Firewall Configuration and Managemen
Expert
Web Security
Expert
Web Security
Expert
Secure Software Development
Expert
Secure Software Development
Expert
Application Security
Expert
Application Security
Expert
Data Protection
Expert
Data Protection
Expert
Azure Security
Expert
Azure Security
Expert
SASE
Expert
SASE
Expert
Risk Assessment
Expert
Risk Assessment
Expert
Data Loss Prevention
Expert
Data Loss Prevention
Expert

Languages

English

Expert

Training and Certifications

Certifications
ITIL V3 Foundation
Feb 2010
CompTIA Security+
Mar 2010
Certified Ethical Hacker (CEH)
May 2015
Certified Force-Point DLP Administrator
Jul 2018
Information Systems Security Architecture Professional (CISSP-ISSAP)
May 2023 - Jun 2026
Certificate of Cloud Security Knowledge (CCSK)
Nov 2022
Certified Security Blue Team Level 1
Jun 2023
Certified Information Systems Security Professional (CISSP)
Jun 2019 - Jun 2025

Hobbies and interests

Playing Football

.