Cybersecurity & Resilience ConsultantI specialize in end-to-end cybersecurity consulting encompassing:Cybersecurity & Resilience: Comprehensive analysis of a company's current cybersecurity activities, assessing associated risks within the broader threat landscape, tailored to the specific industry context.Data Privacy Governance: Guiding organizations in establishing robust data privacy policies and practices, ensuring compliance with global standards and… Show more Cybersecurity & Resilience ConsultantI specialize in end-to-end cybersecurity consulting encompassing:Cybersecurity & Resilience: Comprehensive analysis of a company's current cybersecurity activities, assessing associated risks within the broader threat landscape, tailored to the specific industry context.Data Privacy Governance: Guiding organizations in establishing robust data privacy policies and practices, ensuring compliance with global standards and regulations.Business Continuity & Compliance: Assisting businesses in building resilient infrastructures and processes that stand up to challenges, while staying compliant with industry regulations.Strategic Guidance: Offering bespoke recommendations on strategies, equipment, and procedures to fortify both digital and physical security postures.Implementation Roadmap: Designing a step-by-step guide to roll out security services, policies, procedures, and equipment, ensuring seamless integration and successful implementation to safeguard organizational assets.With a keen understanding of the ever-evolving threat environment and deep expertise in risk management, I assist businesses in not just navigating the digital domain securely, but also in fostering an organizational culture grounded in cybersecurity awareness and best practices. Show less

As the Head of Cyber Security Consulting at Axon, I led consulting initiatives across diverse sectors, including government, healthcare & pharma, consumer business & services, finance, and energy. Key Offerings:Development of a cybersecurity strategy and operating modelComprehensive Cybersecurity Maturity and Risk Assessment, Business Impact Analysis, and Cloud Security Maturity ExaminationCompliance Assessment and Implementation Planning according to ISO 27001… Show more As the Head of Cyber Security Consulting at Axon, I led consulting initiatives across diverse sectors, including government, healthcare & pharma, consumer business & services, finance, and energy. Key Offerings:Development of a cybersecurity strategy and operating modelComprehensive Cybersecurity Maturity and Risk Assessment, Business Impact Analysis, and Cloud Security Maturity ExaminationCompliance Assessment and Implementation Planning according to ISO 27001, ISO 22301, GDPR, NIST Standards, PCI-DSS, SAMA & UAE IT Security RegulationsDelivering specialized services including CISO-as-a-Service, Governance, Risk and Compliance (GRC) as a service, Cyber Threat Intelligence as a service and Cyber Security Program Management as a serviceOur mission was to safeguard the digital endeavors of our clients, ensuring they operate in a secure, resilient, and compliant environment, regardless of the complexities of their business landscape. Show less

• Established and led the Information Security management system for the companies under Enerjisa Co. (3 Retail companies, 3 Distribution companies, Generation Company (till 12/2017), Customer Solutions, Esarj, Enerjisa main)• Developed and managed the budget for security technology initiatives that aligned with business objectives and compliance requirements• Defined security requirements and led the implementation of security solution projects (SOC, SIEM, DLP, GDPR, IDM, EDR, NDR… Show more • Established and led the Information Security management system for the companies under Enerjisa Co. (3 Retail companies, 3 Distribution companies, Generation Company (till 12/2017), Customer Solutions, Esarj, Enerjisa main)• Developed and managed the budget for security technology initiatives that aligned with business objectives and compliance requirements• Defined security requirements and led the implementation of security solution projects (SOC, SIEM, DLP, GDPR, IDM, EDR, NDR, etc.) that adhered to industry standards and regulations, resulting in improved security posture and reduced risk exposure• Led the security operation of SOC, SIEM, DLP, EDR, NDR, XDR, PAM-PM, DAM solutions• Chaired the Information Security Risk Committee and ensured the mitigation of IT and OT security risks through the management of the technology risk register and remediation plan• Managed the attainment and maintenance of information security-related certificates (ISO 27001, ISO 27019, ISO 20000, PCI DSS)• Designed internal controls based on COBIT and NIST frameworks and conducted periodic security reviews / internal audits on processes, applications and infrastructure to ensure compliance with corporate security policies and legal & regulatory standards • Participated in critical projects and designed security controls for application development projects to ensure compliance with corporate security procedures and regulations.• Coordinated information security awareness training for the organization • Managed relationships with vendors and regulatory agencies and accompanied the regulatory audits (EPDK, ITGC) and ensured compliance with regulatory standards through the remediation of findings• Coordinated penetration tests and security assessments for Enerjisa companies and critical third-party service providers. Show less

• Formed and managed a team of 12 employees under 3 companies• Aligned and enhanced the Information Security and Risk Management systems, policies & procedures of TT Group companies.• Managed the attainment and maintenance of ISO27001 and PCI-DSS certificates for TT group companies• Designed internal controls to ensure adherence with corporate security policies and legal & regulatory standards.• Conducted security reviews and coordinated penetration tests for companies within… Show more • Formed and managed a team of 12 employees under 3 companies• Aligned and enhanced the Information Security and Risk Management systems, policies & procedures of TT Group companies.• Managed the attainment and maintenance of ISO27001 and PCI-DSS certificates for TT group companies• Designed internal controls to ensure adherence with corporate security policies and legal & regulatory standards.• Conducted security reviews and coordinated penetration tests for companies within the TT Group and 3rd-party service providers.• Coordinated regulatory audits (BTK/BDDK) in Technology Group, took necessary actions for compliance, and followed up on findings.• Led the security awareness program throughout the TT Group companies.• Communicated risk and mitigation strategies arising from participation in security technical reviews and provided consultation on information security-related topics in projects.• Managed the approval process for firewalls, SSL-VPNs, data access, and authorization demands. Design the internal controls to ensure adherence with corporate security policies and legal & regulatory standards Show less

• Managed and formed an IT Audit team, overseeing the annual Avea Risk Assessment and Risk Mapping process. • Developed the audit plan based on the Avea Risk Map, identifying potential risk areas and opportunities for operational efficiency improvement. • Conducted reviews of processes and systems to ensure compliance with legal and regulatory standards and effective risk-related controls. • Prepared and presented audit reports to the Board, including prioritized action plans in… Show more • Managed and formed an IT Audit team, overseeing the annual Avea Risk Assessment and Risk Mapping process. • Developed the audit plan based on the Avea Risk Map, identifying potential risk areas and opportunities for operational efficiency improvement. • Conducted reviews of processes and systems to ensure compliance with legal and regulatory standards and effective risk-related controls. • Prepared and presented audit reports to the Board, including prioritized action plans in collaboration with company management. • Managed multiple audits, including IT Governance, data confidentiality, email security, log management, social media management, authorization management, outsourcing IT staff, data leakage prevention, etc. • Monitored action plan progress and ensured timely implementation and reporting through management reporting. • Established strong relationships with internal departments and external stakeholders Show less

• Developed a comprehensive risk-based audit plan and maintained risk and control mapping documentation. • Conducted various application control, infrastructure and IT process audits for Akbank, its subsidiaries (Akbank International NV in Netherlands and Akbank AG in Germany, Aksigorta, Aklease), and its critical service suppliers, in compliance with Akbank security requirements and regulations.• Conducted process and application audits in specific areas such as IT Governance by using… Show more • Developed a comprehensive risk-based audit plan and maintained risk and control mapping documentation. • Conducted various application control, infrastructure and IT process audits for Akbank, its subsidiaries (Akbank International NV in Netherlands and Akbank AG in Germany, Aksigorta, Aklease), and its critical service suppliers, in compliance with Akbank security requirements and regulations.• Conducted process and application audits in specific areas such as IT Governance by using COBIT standard, SWIFT system, internet banking application, physical security of server rooms or archieve buildings, email security, credit card printing and deliver process, EFT, ATM, and POS, • Participated in risk analysis for in-house developed IT applications and 3rd party services/products.• Evaluated the effectiveness of security controls in computerized and manual systems, and made recommendations for control environment improvements. • Evaluated the effectiveness of the organization's disaster recovery preparations through participation in disaster recovery tests Show less

• Coordination of business relations between the bank and the customers • Acting as a representative of the companies at the bank. • Making financial analysis, investment consulting and examining import and export transactions for the companies.