Abdulaziz Alsuraya

• Developed and managed the Cyber & Digital Crimes (known as Cyber-Fraud) function, which consists of the governance, compliance, detection and prevention of Cyber-crimes, as well as designing, implementing and executing strategic requirements and initiatives.
• Assessed, planned, managed and implemented cyber-fraud controls, whether the controls were compliance (i.e. SAMA CFF) or Risk oriented in alignment with IT, Anti-Fraud and business units, handled all cybersecurity-specific external / internal audit matters.
• Developed the function's strategy, charter, processes and procedures, including set of KPIs and KRIs to measure effectiveness and risk regarding technological and operational cyber-fraud aspects. Ensured the delivery of top management requirements and assisted / participated in cyber-fraud projects (e.g. Group-IB deployment, Integrations with fraud management systems, etc.
• Provided directions and managed operational requirements, assigned activities to reportees and administrate performance goals and priorities, ensured continuous enhancements are conducted.
• Development of SLAs, managing joint engagements with internal and external business stakeholders, preparing and presenting executive management / committees presentations & proposals.

• Shown deep understanding and performance in cybersecurity defense fields through following and performing DFIR activities and initiatives, which consists and not limited to:
• Managing governance and compliance requirements, which included development and authoring of DFIR documentations.
• Conducting advanced investigation on escalated cases within the organization.
• Incident Response activities following defined processes and best practices as part of Incident Management Lifecycle.
• Digital Forensics examination and Malware Analysis.
• Involvement in DFIR projects (Proposals, BRD developments, budgeting acquisition, etc.) whether they're technology related (e.g. EDR, Packet Capturing, etc.) or not, such as DFIR lab development.
• Handling Audit requirements and inbound requests related to DFIR.
• Continuous enhancements of DFIR processes and toolsets, and coordinating requirements with different stakeholders (e.g. HR, Operational Risk, Audit, Legal, etc.).

Experienced in Security Operations (e.g. Monitoring, Incident Response, etc.). Which includes:

• L1 Analyst: Logs Analysis, Intrusion Analysis, Escalation of incidents.
• L2 Analyst: Participates in engagements (Integrations with SIEM, Security Controls Effectiveness reviews, initial response activities, and advanced cybersecurity investigations, use cases and rules developments, coordinating with business units regarding monitoring requirements).
• Involved in multiple requirements (Governance, Compliance and Audit related).

• Monitoring, analyzing and escalating cybersecurity events and potential incidents, which includes but not limited to (Email analysis, identification of data leakage, detection of web-based, DDOS and network attacks, database and web application attacks monitoring, etc.).

• Networking, Cybersecurity, IT support, web development & design. 200h