Beschreibung

I am a Cybersecurity Architect and Governance, Risk & Compliance (GRC) specialist with over 20 years of experience delivering enterprise-scale cybersecurity solutions across telecom, government, smart cities, and critical infrastructure sectors.

I specialize in designing secure architectures aligned with SABSA principles, implementing regulatory frameworks such as ISO/IEC 27001, NIST CSF, and national cybersecurity standards, and leading large scale cybersecurity transformation programs.

My expertise also extends to advanced domains including OT/ICS security (IEC 62443), Cloud Security, and AI security governance, where I help organizations build resilient and future ready security models.

I have led multiple high-impact engagements including:

Enterprise cybersecurity architecture design and reviews

Compliance program development and audit readiness

Cybersecurity maturity assessments and transformation programs, Secure-by-design implementation for complex digital environments

I am also the author of:

AI Cybersecurity Governance: A Holistic Approach for Building Resilient and Trusted Systems

ISBN: 979-8309689422

Managing Cybersecurity Projects: Strategic Oversight in Cybersecurity Project Management

ISBN: 979-8340209566

I work with organizations seeking strategic cybersecurity leadership, architecture excellence, and compliance assurance.

Available for remote and on-site engagements across Germany and the EU.

Sprachen

Englisch
Verhandlungssicher
Urdu
Muttersprachlich oder zweisprachig

Arbeitsortpräferenzen

Vor Ort möglich

Berlin (bis zu 50 km)

Solutions by STC
Chief Architect
Oktober 2019 - Heute (6 Jahre und 8 Monate)
 Develop and establish GRC (Governance, Risk and Compliance) practices for clients.  Review security architecture and advise on architectural improvements.  Review security processes, enhance frameworks, access maturity levels, and perform gap assessments against regulatory and industry compliance requirements.  Develop security metrics for the effective measurement of security activities.  Perform maturity assessments and participate in planning to automate security process workflows and dashboard/reporting.
Cybersecurity Framework GRC-Governance, Risk, and Compliance Cybersecurity Architecture ISO27001 SABSA
SABIC - Saudi Basic Industries Corporation,
Security Architect
Mai 2017 - Juni 2019 (2 Jahre und 2 Monate)
Saudi Arabia
 Follow the SABSA framework to map business requirements to identify business drivers for security and assign security attributes to associated security domains.  Define contextual security architecture, conceptual security architecture, logical security architecture, physical security architecture, and component security architecture.  Performed more than 120 architectural reviews with respect to the solutions, technologies, and applications.
SAICO- Saudi Arabian Cooperative Insurance Company,
Sr. Information Security Officer
November 2015 - April 2017 (1 Jahr und 6 Monate)
Saudi Arabia
 Establish GRC - Governance, Risk & Compliance processes, and monitor the regulatory and industry compliance environment.  Develop, enhance and implement enterprise-wide security policies, procedures, guidelines and standards across multiple platform and application environments.
 Report the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors.