●Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.●Work directly with business units to facilitate risk assessment and risk management processes.●Develop and enhance an information security management framework.●Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services.●Provide leadership to the enterprise’s information and cyber security organization.●Partner with business stakeholders across the company to raise awareness of information security risk management concerns.●Assist with the overall business technology planning, providing current knowledge and future vision of technology and systems.●Manage personnel within the Information security Team, including hiring, task assignment, defining roles and responsibilities, and personnel performance management.●Provide regular updates to the management team on the status of the company’s risk posture and security program.●Implementation of Azure Security Technology●Baseline development for Azure Active Directory and Firewall

●Maintenance and configuration of firewall monitoring solutions.●Created and maintained processes within the Unit to ensure compliance with ISO 270001 and ISO 27035 standards.●Successfully detected and re-mediated systems infected with Ransomware using Palo Alto NGFW.●Provided support to business units in the investigation and remediation of information security incidents and other policy violations using QRadar SEIM, Imperva DAM, Imperva WAF, Palo Alto NGFW, ForeScout, and TrendMicro Cloud Protection. ●Achieved a 30% reduction in compromised credentials by carrying out intensive Information security awareness training and reporting violations to management.●Collaborated with the risk assessment team to develop effective controls targeted at identified risks.●Engaged in Information Security Management System (ISMS) compliance monitoring and continuous improvement activities.●Ensured compliance with the Bank information security policy.●Managed all Information Security Incidents on the network

● Implemented and managed a strategic program for enterprise information security and IT risk management, "resulting in a 30% reduction in security incidents".● Oversaw and streamlined risk assessment and management processes across multiple business units, "resulting in a 10% reduction in potential security threats".● Enhanced the information security management framework, collaborating across disciplines to ensure uniform policy application in all technology projects and services.● Led the enterprise’s information and cyber security organization, partnering with business stakeholders to heighten awareness of information security and risk management.● Contributed to business technology planning with a focus on current trends and future technology visions, aligning IT initiatives with business objectives.● Managed the Information Security Team, overseeing hiring, task delegation, role definition, and performance management, ensuring team efficiency and effectiveness.● Regularly updated management on the company’s security posture and risk status, implementing Azure Security Technology and establishing baselines for Azure Active Directory and Firewall.● Spearheaded the implementation of key security standards and systems including Integrated Management System (ISO 27001 and ISO 22301), Endpoint Protection, API security, Imperva DAM, and Network Access Control.