Description

Strategic cyber security leader building and transforming enterprise security functions across banking, real estate, and technology sectors. Proven success in defining global cyber strategy, embedding secure-by-design culture, leading SOC modernization, and driving regulatory compliance across multi-entity and multi-region environments. Adept at aligning security with digital transformation to enable innovation, resilience, and customer trust.

Languages

English
Native or bilingual
Hindi
Fluent
Gujarati
Fluent
Marathi
Fluent
Urdu
Conversational

Workplace preferences

Can work on-site

Dubai (up to 50km)

Aldar Group
Head of Information Security
DIGITAL AND IT
January 2025 - June 2025 (5 months)
Abu Dhabi Island and Internal Islands City, United Arab Emirates
• Directed enterprise security operations across 30+ entities, integrating vulnerability management, threat detection, and incident response into unified SOC processes.
• Oversaw cyber defense alignment with strategic risk management objectives, ensuring secure digital transformation and operational resilience.
• Centralized Security Operations across 30 entities; established unified vulnerability and patch management under SOC.
• Drove security modernization and resilience aligned with enterprise digital transformation goals.
• Led risk-driven security architecture and continuous compliance assessments aligned with ISO 27001:2022 and UAE frameworks.
• Built and mentored a high-performance cyber security team, enhancing in-house operational and incident handling capabilities.
• Established threat and event monitoring metrics (KPI/KRI) for executive reporting to ensure alignment with governance practices.
Cybersecurity IT-Security Security operation Center SIEM, QRDAR, Sentinel ITGRC
Al Masraf Bank
Unit Head – Information Security
DIGITAL AND IT
May 2013 - December 2024 (11 years and 7 months)
Dubai, United Arab Emirates
• Developed and executed the Bank's Information Security Program, evolving it from inception to a mature governance and operations framework.
• Designed and led enterprise-wide cyber security strategy aligned with business growth and regulatory mandates.• Established SOC operations integrating SIEM (QRadar), Threat Hunting, and automated Incident Response (MDR/XDR) to ensure continuous monitoring and predictive risk management.
• Instituted Data Protection & Privacy governance, achieving compliance with UAE Data Protection Law and Central Bank's CPRS.
• Conducted compromise and risk assessments, presenting insights to senior leadership to guide secure investment and decision-making.
• Achieved and maintained 99% compliance across ISO 27001:2022, NESA ISA, SWIFT CSP, SAMA and PCI DSS.
• Achieved multiple certifications and 99% compliance across major frameworks.
• Built and managed a high-performing, geographically distributed security team.
• Established a 24x7 hybrid SOC integrating automation, threat intelligence, and advanced analytics.
• Introduced DevSecOps and secure coding standards in collaboration with application development teams.
• Designed and implemented a comprehensive Data Protection Program and Governance Framework, incorporating Data Classification and Data Loss Prevention (DLP) mechanisms
• Implemented Vulnerability Management Program, achieving an 80% reduction in identified vulnerabilities and resolving critical issues within a 24-hour SLA.
• Led internal and external audit readiness and response, ensuring transparency and regulatory alignment.
• Managed cyber security GRC budgets, optimizing resource allocation, technology investments, and vendor engagements.
Key Achievements:
◦ Reduced critical vulnerabilities by 80% via continuous improvement of vulnerability management processes.
◦ Decreased MTTD/MTTR by 70% through proactive threat intelligence.
Data Protection Cybersecurity Network Security Architecture Cloud Security Web Application Security
RAKBANK
Senior Information Security Officer
January 2009 - January 2013 (4 years)
• Led implementation of security initiatives across network and application infrastructure.
• Strengthened compliance posture via NIST and ISO frameworks.
• Deployed F5 WAF, PAM, IPS, and security gateways protecting core banking systems.
• Continuous development and integration of security architecture throughout the organization adapting to emerging threats, technological advancements, and changing risk patterns
• Implemented Practical controls to mitigate identified risks and issues by performing regular security reviews and risk assessments for business systems, projects, and IT infrastructure
• Advised clients on secure network design, SOC setup, and managed security services.
• Delivered application security assessments and penetration testing for government and financial institutions.
• Implement Managed Security Services for multiple clients managing security operations and implementing security solutions.
• Identify gaps in the security and advice clients on establishing governance, frameworks and strategize security programs.
• Establish security architectures for efficient security operations and incident response.
• Setup security operations centre and centralizing security administration.
• Technical consultant for minimizing security gaps and implementing security strategies.
• Implemented security designs and enhancing resilience of the organizations security implementations.
• Evaluate, test and recommend solutions improving efficiency in security operations.