Led, oversaw, and supported a 4-members team to manage the assessment and implementation of IT security and business operation controls, processes, and policies using global best practices standards and frameworks (ISO series, NIST, IT Governance, SAMA, NCA, etc.) to ensure alignment with the organization objectives and regulatory compliance.Led the establishment of operating security risk management processes: risk assessment design, risk treatment, issue, and action management portfolio oversight and reporting. Develop deliverables and presentations for leadership which include program maturity, program roadmap, gap analysis, and recommendations.

• Overseeing the development and implementation of comprehensive cybersecurity GRC standards for clients across various industries, ensuring alignment with industry-specific regulatory frameworks and international standards. These frameworks include ISO 27001, ISO 22301, ISO 31000, PCI DSS, SAMA, NCA, etc.• Conducting risk assessments and gap analyses to identify vulnerabilities and compliance gaps, providing actionable recommendations to enhance security posture and regulatory adherence.• Collaborating closely with clients’ cross-functional teams, including IT, legal, and compliance departments, to establish robust governance structures, policies, and procedures.• Conducted training workshops and awareness programs for client stakeholders to foster a culture of cybersecurity awareness.• Conducted in-depth analysis of emerging cybersecurity threats, industry trends, and regulatory changes, ensuring clients remained informed about evolving risk landscapes and potential impacts on their operations.• Perform security architecture review, maturity assessment, and develop a 3-year cybersecurity roadmap aligned with the corporate strategy for various clients. • Conduct audits for multiple clients of SBP ETGRM, PTA-CTDISR, and SECP Circular no 15 of 2022.• Continuously monitor and evaluate the effectiveness of GRC programs. Propose and implement improvements to enhance compliance and risk management.• Stay informed about changes in laws and regulations related to governance, risk, and compliance. Ensure that the organization remains compliant with evolving requirements.

• Vulnerability Assessment and Penetration Testing of Web, Mobile, API, Networks, and Systems of local and international clients.• ISO 27001 and SAMA CSF compliance documentation and gap assessment. • Configuration assessment against CIS compliance benchmarks.

• Provide technical assistance to end-users, addressing hardware, software, and network-related issues. Respond to inquiries, troubleshoot problems, and offer solutions to ensure seamless operations.• Install, configure, and maintain computer systems, peripherals, and hardware components. Perform hardware upgrades, repairs, and replacements as needed.• Install, configure, and troubleshoot software applications and operating systems. Provide guidance and assistance to users in software usage.• Ensure that systems and software adhere to security protocols and policies. Monitor and report any security breaches or vulnerabilities.