Thumb Thumb

18+ years of experience in Cyber Security & Information Technology

Working With The Passion

With over 18 years of experience in Cyber Security and Information Technology, I am a strategic leader adept at driving security compliance initiatives, integrating people and processes, and adapting to evolving directives and customer needs. My expertise spans planning, implementing, and managing comprehensive security programs under frameworks such as NIST, ISO 27001, PCI-DSS, HIPAA, SAMA CSF, and NSA ECC/CSCC. Key competencies include: Developing enterprise-wide security strategies and advising on threat remediation and vendor solutions. Leading the development, testing, implementation, and sustainment of security measures. Keeping stakeholders informed on threats, vulnerabilities, and mitigation plans. Ensuring compliance with regulatory mandates and managing audits. Conducting confidential internal investigations and risk assessments. Engineering and monitoring security measures for systems and networks. Delivering comprehensive reports with actionable security enhancement recommendations. Designing, implementing, and troubleshooting network infrastructure and security. Solving complex problems independently and managing large-scale projects under pressure. Extensive documentation, training experience, and strong interpersonal skills.

Shape
Unlock Success:

Why Choose Me as Your Expert Information Security Manager

Welcome to my corner of the web, where over 18 years of expertise in cybersecurity and IT converge. As a strategic leader, I specialize in driving security compliance projects, developing comprehensive programs under frameworks like NIST, ISO 27001, PCI-DSS, and HIPAA. I excel in planning enterprise-wide security strategies, assessing risks, and managing vendor solutions. My proven track record in maintaining strong security postures across industries ensures compliance and effective risk management. Explore how my expertise can protect and enhance your organization's security, and discover why clients trust me to elevate their cybersecurity strategies.

Contact Me
Certifications

Certified Informaton Security Manager (CISM) – ISACA | Certified Ethical Hacker (CEH) – EC Council | Certified SOC Analyst (CSA) – EC Council | Certified Incident Handling Engineer (CIHE) – Mile2 | eJPT – eLearnSecurity | ISO Lead Auditor 27001 – PECB

Skills

EDR: Carbon Black Response, Fireeye HX, Kaspersky Threat Intelligence feeds: Alienvault, XForce Exchange, Symantec MATI, Recorded Future Enterprise Infrastructure: Domain Controller, Active directory, DHCP, WSUS Server, DNS, Group Policy, Backup, ICS, LAN, WAN, Microsoft Exchange. Virtualization Platforms: VMware Workstation 3 – 7, VMWare ESXi 5

Skills

Security Technologies: Trend Micro Deep Discovery Inspector (IDS), Trend Micro Deep Discovery Analyzer (SandBox), Trend Micro Deep Discovery Email Inspector, Symantec Messaging Gateway, BlueCoat Proxy and CAS, F5 Big IP, FireEye Email Security, FireEye NX, Guardium, Imperva DAM, Firewalls, WireShark, NMap, Nessus/Tenable, Attivo, Netcat, Metasploit, Volatility Memory Forensics, SysInternals PSSuite, Sys-Analyzers, Process Hacker, TCPView, PEStudio, WinDBG, PEID, WinHex, Office Malware Scanner, FTK Imager SIEM Tools: LogRhythm, Splunk, QRadar

Certifications

LogRhythm Security Analyst | LogRhythm Platform Administrator | Microsoft Certified System Administrator (MCA) | Microsoft Certified Professional (MCP) | Cisco Certified Network Associate (CCNA)

30
Active Clients
100
Project Complete
5
Client Ratting
4
Total Experience

Education

01
MS in Information Security

Riphah University, Pakistan – 2024 (2 years program)

02
MS in Information Technology

Virtual University, Pakistan – 2012 (2 years program)

03
Bachelors (B.A)

Karachi University – Pakistan – 2002 (2 years program)

What I do

Industry Experience

Manager Security Monitoring

Since August 2022, I have managed the Security Monitoring Center at SIMAH, collaborating closely with the SOC team to ensure asset protection from internal and external threats. I worked Internal Audit departments to address regulatory audit observations and integrated multiple assets with the SIEM solution for enhanced threat detection. I reviewed security and incident reports, guiding teams on threat mitigation actions, and developed procedures to streamline the Security Monitoring Center's operations. Additionally, I partnered with the Information Security head on various projects, conducted security architecture reviews, and kept the CEO and CRO updated on the organization's security posture, providing timely recommendations to mitigate threats.

SIMAH SAUDI CREDIT BUREAU, Riyadh, KSA

Project Manager Security

From May 2022 to August 2022, I developed, maintained, and communicated information security policies and procedures. I directed the assessment, selection, implementation, and maintenance of security tools and technologies, managing multiple projects to ensure timely delivery without disrupting organizational goals. I evaluated industry regulations for compliance, enforced security controls, and responded to security incidents. I participated in business continuity planning as required, prepared reports and presentations on security risks and compliance, and acted as a liaison between IT and other functions. Additionally, I worked on the patch and vulnerability management program to align with industry best practices.

ADVANCED ELECTRONICS COMPANY, Riyadh, KSA

Director Manager Security

From September 2021 to April 2022, I led a business unit focused on strategic partnerships, pre-sales, and managed security services. I designed and supported enterprise-class security systems, addressed security design gaps, and maintained corporate security policies. I engaged with clients to determine their security needs, crafted technical responses to RFPs, and drove continuous improvement of resources. I provided technical leadership, aligned security strategy with business goals, and assessed security threats for clients. My role included vulnerability testing, SOC maturity assessments, and gap analysis per NCA ECC and SAMA CSF. I also developed team members, led security risk management projects, and advised on mitigating IT security risks.

Cyberstone, Riyadh, KSA

SOC Manager

From June 2019 to August 2021, I built and led a high-performance SOC team, developed Incident Response playbooks, and managed security incidents. I communicated security needs to upper management, collaborated with clients on cybersecurity resilience, and created training plans for SOC analysts. I developed a SOC framework, monitored security events, ensured regulatory compliance, and coordinated IT security risk assessments. I led vulnerability assessments and penetration tests, managed client escalations, and handled security tools like LogRhythm and FireEye NX. Additionally, I produced security reports, created strategic initiatives, and oversaw SOC operations for 4000+ client networks, ensuring effective security management and client satisfaction.

Cyberstone, Riyadh, KSA

SOC Technical Team Lead

From February 2018 to May 2019, I provided analysis and trending of security log data, supported Incident Response (IR), and offered threat and vulnerability analysis. I investigated and reported on security issues, performed SIEM log data harvesting, and integrated LogRhythm with various systems, managing over 8000 devices. I optimized processes, implemented firewalls, and monitored networks for security issues. I worked with security tools like Trend Micro, Symantec, Palo Alto, and Fortinet, and conducted security assessments and investigations. Additionally, I engaged in PCI-DSS audits, verified third-party vendor security, and acted as a technical expert on information security issues.

Saudi Investment Bank, Riyadh, KSA

Network / User Support Specialist

From December 2015 to January 2018, I managed internal networks, servers, email, and security systems for 150+ workstations and 20 servers across three branches. I worked with Windows Server 2012, 2008, and Linux servers, managed Exchange 2010, and deployed open-source systems for ticketing and network monitoring to reduce costs. I administered mission-critical web and database servers, configured new server systems, and maintained firewalls, anti-spam, and antivirus systems. I supported internal employee systems, ensured data protection, managed backups, and handled disaster recovery. Additionally, I collaborated on network design, resolved LAN/WAN issues, and established remote network monitoring to enhance efficiency.

Amana Cooperative Insurance, Riyadh, KSA

IT Manager

From November 2008 to November 2015, I managed IT operations for a hotel, working with the Micros Fidelio suite and later upgrading to Opera. I deployed Cisco routers, switches, and SonicWall firewalls, and developed IT strategies aligning with Accor policies. I provided first-level support for all hotel systems, coordinated 24/7 on-call support, and ensured system security and compliance. Additionally, I managed inventory with Material Controls, maintained system and hardware efficiency, conducted regular maintenance, and ensured timely backups. I trained staff on IT systems, installed a Time Attendance System, and supported network management for servers, workstations, POS systems, and printers.

Mercure Value Hotel, Riyadh, KSA

IT Helpdesk Supervisor

From September 2006 to October 2008, I maintained a trouble-ticket system, provided outstanding customer service, and reported network-wide issues. I installed and maintained ADS on Windows 2003 Server, managed user rights, and created group policies. I supported PMS Fidelio, Micros systems, and various financial and control software. I performed installations, configurations, upgrades, and troubleshooting for PCs and peripherals, deployed and re-imaged desktops and laptops, and handled data backup and restoration. Additionally, I managed a network of over 100 workstations and 40 printers, coordinated with external support and purchasing departments, and ensured efficient operation of all IT systems and equipment.

Pullman Zamzam Hotel, Makkah, KSA

POPULAR NEWS

Latest From our blog

Contact


Learning

CONFERENCES & WORKSHOPS

FAST University, Islamabad, Pakistan - Security Operations Center Workshop (2024)

Participated in a workshop focused on hands-on training and theoretical knowledge related to Security Operations Centers (SOCs) and cybersecurity operations.

Air University, Islamabad, Pakistan - Presentation Cybersecurity Careers (2024)

Delivered a presentation highlighting career opportunities in cybersecurity, aimed at educating and inspiring students about the field's potential.

Al Faisal University, Riyadh, KSA - Presentation Cybersecurity Careers (2023)

Presented insights into cybersecurity career paths, discussing roles, skills, and industry trends to undergraduate and graduate students.

Al Yamamah University, Riyadh, KSA - Presentation Security Operations Center (2023)

Conducted a presentation focusing on the functions and importance of Security Operations Centers (SOCs) in safeguarding organizational assets against cyber threats.

APAN51 - Training SOC, SOAR & CTI (2021)

Participated in training sessions at APAN51, focusing on Security Operations Centers (SOCs), Security Orchestration, Automation and Response (SOAR), and Cyber Threat Intelligence (CTI), enhancing knowledge and skills in cybersecurity operations.