ISACA Certified Information Security Manager (CISM), 2017
ISACA Certified Information Systems Auditor (CISA), 2017
Speaker at The 3rd Annual Conference on Electronic Banking and Payment Systems, 2014
EC-Council Certified Security Analyst (ECSA) certification, Oct 2012
Member of the Champion Team in IBM Smart Cloud Computing Camp, Feb 2012
IBM Certified Solution Advisor Cloud Computing Architecture V1, Dec 2011
SADAD Informatics Corp │ Information Security Expert │7.2019 – now
Recruited to assist the organisation in the realisation of its strategical objectives as an agile and reliable banking software service provider.
Plan and implement an information security management program
Assessment and management of information security risks
Audit of information security processes internally and provide improvement recommendations
Perform assessment of implemented security control and provide improvement recommendations
Develop and implementation of disaster recovery and business continuity plans
KASHEF │ Cybersecurity Research and Development Expert │10.2017 – 9.2018
Recruited to assist the organisation in the realisation of its strategical objectives as a banking security governance body; create directives for the financial sector; audit compliance programs.
- Counselled financial sector to self-attest against SWIFT customer security program (CSP)
- Audited the CBI based on CSP framework
- Conducted a comprehensive analysis on cybersecurity frameworks and maturity models in a quest to develop a localised framework for the financial sector
- Contributed and furthered national banking cybersecurity workforce development program
- Directed and orchestrated a comprehensive report on PSD2 for CBI
- Researched, analysed and liaised the integration of strong customer authentication and consent management to the current remote payments based on PSD2
TOSAN │ Information Security Management Officer │ July 2013 – August 2015
Hired to enhance the security posture of the organisation; ensure the security of information systems; assess and manage risks; prevent data loss; train employees; minimise service interruptions; develop compliance programs; improve and test the security requirements in products and services.
- Developed Information Security Policies
- Planned, Prepared, Performed Security Awareness Program
- Conducted Security Assessments
- Reviewed and Audited Payment Applications Based on PA-DSS and OWASP
- Contributed to Implementation of ISO 27001
- Published and Presented at The 3rd Annual Conference on Electronic Banking an Payment Systems, 2014