About Me
Strategic Cybersecurity and GRC Leader with over a decade of experience across government, critical infrastructure, and enterprise environments. Proven success in designing and executing cybersecurity programs aligned with NCA, ISO 27001, and SAMA frameworks. Known for leading cross-functional teams, enhancing regulatory compliance, and influencing executive decision-making. Combines technical expertise, risk management insight, and entrepreneurial acumen to deliver security outcomes that support business objectives.
Currently seeking leadership roles in cybersecurity governance or GRC strategy, where regulatory alignment, risk reduction, and stakeholder engagement are mission-critical.
Experience
Senior Manager / Technology Risk SpecialistConfidential Bank
2024-Present
- Lead enterprise-wide risk assessments across IT and cybersecurity, aligning with SAMA IT Governance Framework (ITGF).
- Enhanced Jira-based risk processes by embedding KRIs, KPIs, residual risk scoring, and information asset classification.
- Coordinated with audit, compliance, and IT functions to unify risk treatment and control documentation.
- Advised senior leadership on risk posture and contributed to board-level reporting and inspection readiness.
- Improved accuracy of risk registers and control mapping, integrating threat modeling and asset sensitivity data.
Data Security Specialist @ Confidential Government
2023 - 2024
- Led compliance initiatives achieving full NCA, SAMA, and ISO 27001 alignment within six months, improving audit scores and organizational posture.
- Temporarily directed the cybersecurity department during a leadership transition, ensuring operational and compliance continuity.
- Developed an integrated IT/OT risk assessment framework with operations and compliance teams, enhancing risk visibility.
- Deployed File Integrity Monitoring (FIM) and Data Loss Prevention (DLP) solutions, reducing insider threat exposure.
- Conducted internal audits and closed key compliance gaps, strengthening the organization’s GRC framework.
Senior Cybersecurity Consultant @ Confidential
2023 - 2023
- Performed deep-dive audits across public sector organizations under ECC/TCC standards, uncovering critical gaps overlooked in prior reviews.
- Audited Cloud Service Providers (CSPs) for regulatory alignment, improving security controls across national infrastructure.
- Managed multiple audits simultaneously, ensuring timely delivery and audit readiness across engagements.
- Delivered strategic reports that influenced compliance roadmaps and risk mitigation efforts.
Senior Cybersecurity Consultant @ ITS
2022 - 2023
- Assessed cybersecurity postures of major clients including SABIC and ACWA Power, recommending targeted mitigations that improved audit performance.
- Developed and enforced policies aligned with NCA and ISO 27001 standards, increasing organizational compliance maturity.
- Led executive and staff-level security awareness programs, enhancing cyber hygiene across departments.
- Initiated a new data privacy consulting service, building tools and frameworks that expanded ITS2’s capabilities and client base.
Cybersecurity Developer (GRC) @ General Authority for Statistics
2021 - 2022
- Completed NCA ECC/TCC training and contributed to internal compliance and control implementation.
- Delivered engaging security awareness sessions, resulting in a measurable improvement in phishing simulation performance.
- Supported cybersecurity tool management and compliance documentation, enhancing operational readiness for audits.
Owner, Manager @ Mr.Wireless
2017 - 2020
- Founded and scaled a consumer electronics business, overseeing operations, technology implementation, and PCI DSS compliance.
- Automated inventory and sales processes, improving customer experience and operational efficiency.
Education
BSc in Information Technology | DePaul University
2013 - 2017
CyberSeecurity bootcamp | SDA
01/2021 - 06/2021
Certificates:
Security+ (SY0-601) (Track 1)
Cybersecurity Analyst (CySA+) (Track 2)
CEH (Track 3)
Volunteer Experience
Web Developer, E-commerce and Mentor @ Kuumba Lynx
2016 - 2017
- Led project team members supervising the Gantt chart assuring accuracy and efficiency.
- Designed and developed a user-friendly website based on client’s needs.
- Developed and managed an E-Commerce section.
- Trained clients to use and maintain the website.
- Created how-to documents for reference.
Web Developer @ Cambodian Association of Illinois
2015 - 2016
- Designed and developed a user/mobile-friendly website based on clients’ needs along with a fully functional donation section.
- Migrated all content/databases to the new website.
- Trained clients to use and maintain the website.
- Created how-to documents for reference.
Industry Experiences & Prime Clients
Topic: Data Privacy: Key insights, approaches, challenges and pitfalls, recommendations.
Speaker at MENA ISC 2022
Oil, Gas, Energy
Acwa Power
Fintech
Raqamyah
Public & Government Sector
General Authority for Statistics
Oil, Gas, Energy
SABIC (Local and Inernational Regions)
Public & Government Sector
Al Madinah Region Development Authority
Finance
AlJabr Finance