Leading the Enterprise Risk and Assurance department for a prominent Cloud Service Provider in the Middle East Region.Collaborating closely with regulatory bodies to understand and navigate the evolving landscape of regulations related to cloud services.Managing strategic risks to ensure the company's long-term sustainability and growth in a dynamic and competitive market.Overseeing and implementing regulatory compliance measures to meet the requirements of sovereignty laws and data… Show more Leading the Enterprise Risk and Assurance department for a prominent Cloud Service Provider in the Middle East Region.Collaborating closely with regulatory bodies to understand and navigate the evolving landscape of regulations related to cloud services.Managing strategic risks to ensure the company's long-term sustainability and growth in a dynamic and competitive market.Overseeing and implementing regulatory compliance measures to meet the requirements of sovereignty laws and data localization mandates.Spearheading initiatives to harness the power of Artificial Intelligence (AI) while adhering to ethical AI principles and industry best practices.Establishing robust security protocols and frameworks to safeguard customer data and protect against potential cyber threats and vulnerabilities.Ensuring customer privacy by enforcing strict data protection measures and adhering to relevant privacy regulations.Developing and executing comprehensive business continuity plans to mitigate potential disruptions and maintain service availability in adverse situations.Taking a proactive approach to obtain and maintain certifications relevant to the cloud industry, showcasing the company's commitment to excellence and compliance.Collaborating with cross-functional teams to foster a culture of assurance and risk-awareness throughout the organization.Providing leadership and guidance to the team to optimize their performance and enhance the overall effectiveness of the Enterprise Risk and Assurance function. Show less

Accountable to build Industrial and OT Cyber Security practice, drive business growth with business development activities and initiatives and support pipeline generation, demonstrating strong understanding of the security frameworks and regulatory compliance controls and overseeing delivery for governance risk, compliance consulting and advisory services focusing on large scale security programs across oil and gas, maritime, transportation, manufacturing and building automation sectors.

Industrial cyber security subject matter expert providing industry expertise for the energy, environment and utilities industry. Responsible for developing specific industry sales play as well as opportunity tracking and pipeline development and response for IBM Security Services. Ensuring delivery of critical national infrastructure (CNI) security services to energy & utilities, oil & gas, water, transportation and critical industrial process control systems working directly with top… Show more Industrial cyber security subject matter expert providing industry expertise for the energy, environment and utilities industry. Responsible for developing specific industry sales play as well as opportunity tracking and pipeline development and response for IBM Security Services. Ensuring delivery of critical national infrastructure (CNI) security services to energy & utilities, oil & gas, water, transportation and critical industrial process control systems working directly with top clients in Asia Pacific. Services include CNI threat modeling, OT-IT-Physical convergence, maturity capability assessments, risk assessments, security architectures & blueprints, security operation center (SOC) design & implementation, adaptive incident response, and strategies and governance frameworks. Show less

Establish the practice of BCRM (Business Continuity & Resilience Management) and to lead the design, execution and maintenance of the process (Contingency Planning) that identifies risks, threats and vulnerabilities that could impact Ooredoo’s continued operations, business revenues, to provide a framework for building Ooredoo’s resilience and the capability for its effective response to financial, legal, regulatory and technology concerns. Works with Board members, shareholders, regulators and… Show more Establish the practice of BCRM (Business Continuity & Resilience Management) and to lead the design, execution and maintenance of the process (Contingency Planning) that identifies risks, threats and vulnerabilities that could impact Ooredoo’s continued operations, business revenues, to provide a framework for building Ooredoo’s resilience and the capability for its effective response to financial, legal, regulatory and technology concerns. Works with Board members, shareholders, regulators and plan owners to develop and implement plans to keep Ooredoo effectively functioning after disruptive events such as natural disasters, cyber-attacks and pandemic viruses. Show less

Security manager providing information security, risk management and audit services.

Managed a global security and risk team which delivered managed security and consulting services for clients including Telstra, Airtel (Indian telecom), Bharti (India’s largest telecom operator), Reliance and Du (UAE telecom).Information Security Management & Risk (ISMS)- Led security operations and risk team (18 staff across 6 locations) which supported managed services clients.- Assisted establishing ISMS within Ericsson based on ISO 27001. - Conducted internal ISMS… Show more Managed a global security and risk team which delivered managed security and consulting services for clients including Telstra, Airtel (Indian telecom), Bharti (India’s largest telecom operator), Reliance and Du (UAE telecom).Information Security Management & Risk (ISMS)- Led security operations and risk team (18 staff across 6 locations) which supported managed services clients.- Assisted establishing ISMS within Ericsson based on ISO 27001. - Conducted internal ISMS audits, vulnerability assessments, process reviews. Participated in external audits for ISO 27001 and PCI-DSS.Project Management & Solution Delivery- Delivered information security activities and projects (ISMS and Business Continuity) for telco clients including Airtel (BCMS), Bharti (ISMS) and Vodafone (ISMS).- Led the global Ericsson team responsible for Telstra’s managed security operations. - Received recognition from Ericsson Senior Vice President for the planning, negotiation and execution of security deliverables within a $1 billion managed service contract between Ericsson and Reliance.Security Architecture & Controls- Established 4 level defence in-depth based architecture for Ericsson (70,000 network elements).- Achieved 70% reduction in frauds and external attacks on ICT systems at Ericsson- Recognition from Airtel in ensuring design of remote access and logging solution for 70,000 core telecom nodes.- Established system security controls for Ericsson, AT&T and Telstra telecom networks Show less

Led the information security department of the largest telecommunication operator in Russia, Eastern Europe and Central Asia.Information Security Management & Risk (ISMS)- Responsible for all aspects of MTS Information Security in a distributed environment with 1,200+ servers and network elements in multiple data centers across India and Russia. - Reporting to CIO and CEO, managed 15 direct reports and oversaw 10 in IT security operations teams.- Established and… Show more Led the information security department of the largest telecommunication operator in Russia, Eastern Europe and Central Asia.Information Security Management & Risk (ISMS)- Responsible for all aspects of MTS Information Security in a distributed environment with 1,200+ servers and network elements in multiple data centers across India and Russia. - Reporting to CIO and CEO, managed 15 direct reports and oversaw 10 in IT security operations teams.- Established and maintained an information security framework (ISO 27001).- Managed systems security audits, incident response team and procedure documentation, risk analysis methodology, intrusion detection systems.- Drafted and led implementation of an information security policy framework. - Worked with Corporate Audit Group (CAG) in defining and managing the IT security audit roadmap.Project Management & Solution Delivery- Built and led the company’s first-ever information security steering committee. - Implemented ISMS projects, IT risk management framework and ISO 27001 certifications for corporate head office, delivery centre and data centres within 12 months. Show less

Managed IT security for India’s largest MPLS provider with distributed network environment, supervising a team of seven.

Managed IT security for UK's leading research firm, established ISMS and led ISO 27001 certification. Involved in numerous research projects for Norton, Microsoft and IBM.

Managed IT security for oil and gas projects in Singapore, India and Indonesia.

Managed IT security equipment and technologies for top IT organisations in including IBM, Microsoft and CISCO.