Download PDF


I specialize in managing and maintaining the Information security, by creating, monitoring, and communicating policies, standards, and procedures to corporate-wide employees. Establishing and develop information security awareness program. Conducting business impact analysis for business continuity. Implementing SAMA Cybersecurity & Business Continuity frameworks. Complying with regulatory requirements, and insure that information security operation is implemented and maintained.

Core Skills: Monitoring of IT systems, Information Security Policies, Information Security Audits, BIA, Information Assets Risk Assessment, Information Security Governance, SAMA Frameworks.

Work History

Industrial & Commercial Bank of China

Sep 2018Present

Information Security Officer

- Establishing Information Security Governance (Strategy, policy, processes, roles & responsibilities).
- Establishing and conducting yearly Information Security Awareness Training Program for corporate-wide employees.
- Establishing Business Continuity Governance.
- Conducting Business Impact Analysis for Business Continuity.
- Creation and manage Information Asset Register.
- Conducting GAP Analysis for SAMA Cybersecurity and Business Continuity Frameworks.
- Implementing SAMA Cybersecurity & Business Continuity Frameworks.
- Cybersecurity Risk Assessment knowledge.
- Managing the Information Security Committee as its creator and secretariat.
- Managing and developing internal and external security processes and procedures.

Metlife AIG ANB

Sep 2017Aug 2018

Information Security Officer

- Monitor corporate-wide network devices (laptops, desktops, and servers) to identify which system is vulnerable and patch it to make it more secure, using ManageEngine Desktop Central.

- Monitor McAfee Agent in all corporate-wide network devices, insuring that it is functioning well and up-to-date, and fix any issue that impact the operating status of the agent.

- Dealing with all threat that targets any of the corporate-wide network devices, by using McAfee Web Console (EPO) threat detector and DAT files updates.

- Insuring that McAfee’s Data Loss Prevention (DLP) and USB Block is installed and operating well in all corporate-wide network devices.

- Daily monitoring of all outbound and inbound threats that is sent or received by Office 365 mails system, and blocking them to prevent any further threats.

- Monitor the CPU, disk, and memory health of corporate-wide servers using OpsManager, insuring that it is always up and running.

- Providing the appropriate knowledge of Information Security to all corporate-wide employees, by implementing Information Security Awareness.

- Creating a department-specific Shared Folder, assigning the right members whom they can access with the appropriate privileges, and websites accessibility.

- Involved in any decision-making that involves Information Security, such as policies and procedures and make sure that is implemented and complied.

Metlife AIG ANB

Aug 2016Sep 2017

IT Network Administrator & Helpdesk

- Managing corporate-wide Active Directory and Microsoft Exchange users.

- Providing daily report (Health Checks) of corporate-wide services and servers.

- Manage and maintain corporate-wide network devices using ManageEngine Desktop Central, and report all missing patches.

- Responsible for creating, configuring, documentation, and distribution of laptops, desktops, IP Phones, printers, and access cards to corporate-wide employees.

- Providing the appropriate IT support to all employees within the organization.

- Sole-responsible for corporate-wide IT assets.

Integrated Telecom Company (ITC)

Jan 2014Feb 2015

Network Security Administrator

- Participated in developing corporate-wide IT security policies.

- Responsible for configuring ad managing Cisco IP Phones.

- Manage corporate-wide IT inventory and device management.

- Participated with IT department in obtaining ISO/IEC 27001 Information Security Management System, and I was involved in answering the external auditors questions.

- Involved with networking team in Fiber GPON training session.

- Responsible for providing the appropriate Security Awareness in the organization’s intranet.


Al Yamamah University

Oct 2008Jan 2014

Bachelor of Networking & Information Security (2.97/4)

In my senior graduation project, we developed an ARP Cache Poisoning Detector which indicate if an intruder was successful in changing a device MAC address. Took general courses related to design, configuration and maintenance of LAN and WAN. Took courses in wireless local area network and wide area network transmission technologies. The study of computer forensics, computer crimes, response to security incidents, Cybercrime investigation and prosecution, network security, and information security. 

Courses & Certifications

Share Knowledge

Mar 4, 2018Mar 8, 2018

CompTIA Security+ 

Implement, monitor, and troubleshoot infrastructure, application, information, and operational security. (40 PDU)

Share Knowledge

Feb 24, 2018 Feb 28, 2018

PECB ISO 27001 Lead Implementer

Helps in developing the expertise necessary to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001 Standards. (32 PDU)  

Bridwell Training Center

Nov 26, 2017Nov 30, 2017

Performance Management Good Practice

Setting up yearly work objectives for last year evaluation.

Metlife AIG ANB

Oct 9, 2017Oct 10, 2017

Risk Management Training Program

Risk Management Process, Categories, and Approach, Three-Line-of-Defense, Risk Register, Inherent and Residual Risks, ERSA, Risk Assessment and Key Risks.