- Understanding client business challenges and threat landscape in order to holistically advise on optimizing their cybersecurity and privacy approach with the support of data analytics and forensics capabilities.- Leading and managing multiple cyber security and data privacy engagements end-to-end while guiding junior team members to deliver quality results in a timely manner.- Managing proposals from opportunity discovery to win, encompassing all client requirements as well as value-add options.- Leading trainings on various subject matter such as threat intelligence, data privacy, quality, performance, as well as proposal workflows.- Mentoring, guiding, and managing performance of junior team members and mentees with goal setting, periodic goal tracking, and providing open feedback.- Developing toolkits to accelerate business development and delivery activities.- Conducting data analysis on engagements conducted to provide clients with useful industry- and national-level benchmarking information.- Conducting research and writing white papers and reports on cyber security and privacy.- Conducting research and analysis to produce industry level cyber security and privacy-related data and insights.

- Performing full-scope cyber security and data privacy internal audits and gap assessments as well as specialized reviews in specific domains including Information Security, Network Security, Business Continuity, Virtualization Security, and Physical Security.- Working independently and as part of a team to fulfil project deliverables, including managing and guiding junior team members.- Conducting Gap Assessments against best practice standards such as ISO 27001, ISO 27799, UAE NESA IAS, NCA ECC, ADHICS, NIST CSF, NIST SP 800-53, ISO 23301, HIPAA, HITECH, GDPR, and SWIFT CSP.- Reporting of information security risks to higher management and formulation of prioritized risk remediation plans.- Development and Implementation of Information Security Programs including creation of policies, standards, procedures, and guidelines.- Development of Integrated Control Frameworks based on regulatory and business information security requirements.- Development of Information Security Risk Management Frameworks and performing Information Security Risk Assessments in line with ISO 27005, NIST SP 800-37, and CIS RAM.- Providing consultation to clients based on reviews of their policies/procedures to ensure compliance with industry best practices and current information security benchmarks.- Testing implementation of Minimum Security Baselines and Vendor Security Guidelines manually as well as using automated tools such as Nessus and Tripwire CCM.- Conducting IT control assessments and providing implementation guidance in the areas of IT Governance, IT Risk Management, Network Architecture and Segmentation, Change Management, Identity and Access Management, Asset Management, Backup and Restoration, HR Security, Patch Management, Capacity Management, Vulnerability Management, and Incident Management.- Assisting management in business development activities through following up on leads and developing pitches and proposals.

(CTM360, previously "IT Matrix")Conducting regular and comprehensive cyber threat scans for various clients including banks.Forming requirements and coordinating with developers for in-house cloud-based systems.Creating frameworks for cyber threat actors, campaigns, attack types, TTPs, and indicators.Leading investigations into cyber threat incidents and creating informative analysis reports.Innovating, researching, and coaching cyber threat intelligence and OSINT techniques.Directing the implementation of features for the in-house SIEM platform as well as Threat Intelligence and analysis tools.Coining internally and externally used terminologies pertaining to Cyber Threat Management.Researching and writing papers and advisories on various ongoing campaigns and trends.Building expertise in detecting and responding to numerous types of security incidents including phishing, data leakage, malware, scams, impersonation, and email fraud.Performing and presenting external vulnerability assessments along with recommendations.Predicting and monitoring upcoming threat trends and establishing proactive countermeasures.Performing Administrative IT tasks including setting up policies, controls, products, and solutions including firewalls, servers, switches and wireless controllers.Meeting with clients to ensure satisfaction and quality of services.Mentoring and developing training for internal staff.