Ahmad M
Data & Cybersecurity Governance
Riyadh
Summary
Strategic data governance and cybersecurity leader with a proven track record at MMM in driving enterprise-wide initiatives that enhance compliance, data quality, and security posture. Experienced in long-term planning, policy development, and cross-functional alignment, with a focus on integrating governance into digital transformation and regulatory frameworks.
Overview
8
8
years of professional experience
Work History
• Data Governance Manager
MMM
03.2023 - 01.2025
- Led the design and rollout of enterprise-wide data governance strategies aligned with business goals, driving data quality, consistency, and trust.
- Facilitated cross-functional Data Governance Councils to set priorities, define frameworks, and approve key policies across the organization.
- Developed and enforced governance standards, including data classification, metadata management, and enterprise data policies.
- Directed root cause analysis and led resolution efforts for critical data quality issues, improving accuracy and reducing downstream impact.
- Collaborated with business and IT teams to build and maintain a centralized business glossary and data dictionary, standardizing data use across functions.
- Created and embedded data stewardship models, assigning clear ownership and accountability across departments.
- Ensured ongoing compliance with data regulations such as GDPR, CCPA, HIPAA, and SOX, minimizing legal and operational risk.
Cybersecurity Strategy Initiative Manager
MMM
01.2021 - 03.2023
- Directed the full lifecycle of key cybersecurity initiatives—from proposal to execution—ensuring alignment with strategic priorities and on-time delivery.
- Led the Strategic Management Office (SMO) in defining initiative scope and building risk-based roadmaps aligned with national and organizational cybersecurity goals.
- Oversaw execution of high-impact projects, regularly reviewing progress, adjusting plans, and mitigating risks to maintain quality and responsiveness.
- Managed a comprehensive Governance, Risk, and Compliance (GRC) assessment across 34 entities within the Ministry, producing actionable insights and strengthening enterprise security posture.
- Ensured all initiatives aligned with the Ministry’s cybersecurity vision, national regulations, and long-term strategy.
- Built and maintained strong relationships with internal teams and external stakeholders, driving collaboration and securing executive support for cybersecurity programs.
Senior Cybersecurity GRC Specialist
MMM
06.2020 - 03.2023
- Led the development and implementation of cybersecurity governance strategies aligned with enterprise objectives, national regulations, and evolving risk landscapes.
- Translated organizational goals into enforceable cybersecurity policies and governance frameworks, ensuring alignment with NCA standards and best practices.
- Integrated cybersecurity governance into enterprise risk management and digital transformation initiatives, supporting secure business enablement.
- Established governance models for policy lifecycle management, including stakeholder engagement, approval workflows, and revision control.
- Advised business units, IT, and legal teams on aligning initiatives with cybersecurity requirements, acting as a strategic governance partner.
- Supported internal and external audits by managing evidence collection, documenting control effectiveness, and overseeing remediation efforts.
- Led targeted security awareness and compliance programs to foster a culture of accountability, risk ownership, and policy adoption across all levels.
System Security Administrator
MMM
12.2016 - 06.2020
- Manage user accounts, roles, and permissions to enforce least privilege principles.
- Administer privileged accounts and monitor their use for compliance.
- Perform regular access reviews and coordinate recertification activities.
- Implement and maintain identity and access management (IAM) systems.
- Develop, enforce, and document access control policies and procedures.
- Monitor access logs and investigate suspicious activities or incidents.
- Collaborate with HR and IT teams to support user onboarding/offboarding processes.
- Maintain compliance with relevant regulations (e.g., GDPR, HIPAA, ISO 27001).
- Support audit activities related to access controls and security practices.
- Automate user provisioning and deprovisioning processes where possible.
Education
Master of Science - Cybersecurity And Information Assurance
Robert Morris University
Pittsburgh, PA. USA 04.2001 -
Bachelor of Science - Computer Information Systems
Saginaw Valley State University
Saginaw, MI. USA 04.2001 -
Skills
Operations management
Project management
Policy implementation
Documentation and reporting
Analytical skills
Data governance frameworks
Risk assessments
Regulatory documentation
Data privacy
Compliance monitoring
DEVELOPMENT TRAINGN & WORKSHOPS
• Collecting and analyzing data statistical methods
• Training of enforcement personnel on the Personal Data Protection System and its regulations
• Compliance with data protection regulations in accordance with laws and regulations
• The Multi-Dimensional Engineers Program - gain expertise in cutting-edge, high-tech solutions, SAP product & technologies, and leadership qualities. (CA-USA)
• Developing Leadership Skills In The Security Field
• Project Management Professional (PMP)
• NCA Essential Cybersecurity Controls Lead Implementer
• Threat Intelligence, Practically: A Walk Through
• Administrative Follow-Up Techniques and Preparation of Senior Management Reports - (Malaysia)
• Developing Business Technologies for the Ministry of Interior (Absher Youth)
PROJECTS & INITIATIVES
- Data Quality Maintenance , Standard Compliance and Data Catalog Content Building project
- MMM Cybersecurity Strategy Initiative project
- Admin Tools and Privileges System for The Ministry of Interior’s new (ECM)
- HR System for the Security Affairs Agency
- Reports and Decision Support System
COMMITTEES & CONFRENCES ATTENDED
Member of the MMM Cybersecurity Executive Committee.
Member of the follow-up task force for the Emirates technical projects (Ryada Project).
Member of MMM Internal Correspondences Development Committee.
The MMM annual forum of e-transactions (The 6th Absher Forum).
KACST Security products and systems discussions forum.
The American Society for Industrial Security (ASIS International) 7th Forum. (Khobar-2019)
ACHIEVEMENTS
- Appreciation Certificate from the Saudi Cultural Attaché in Australia in recognition of efforts and support for the Saudi students club in Hamilton- New Zealand.
- Appreciation Certificate from the Saudi students club at Saginaw University (MI-USA) in recognition of efforts and support for the club.
Affiliations
Saudi Association for Information Security – Hemaya.
Timeline
• Data Governance Manager
MMM
03.2023 - 01.2025
Cybersecurity Strategy Initiative Manager
MMM
01.2021 - 03.2023
Senior Cybersecurity GRC Specialist
MMM
06.2020 - 03.2023
System Security Administrator
MMM
12.2016 - 06.2020
Master of Science - Cybersecurity And Information Assurance
Robert Morris University
04.2001 -
Bachelor of Science - Computer Information Systems
Saginaw Valley State University
04.2001 -
Similar Profiles
Nicholas HeimbaughNicholas Heimbaugh
Chemical Operator at MMMChemical Operator at MMM
Enid J. Bernard OrtizEnid J. Bernard Ortiz
Agent at MMMAgent at MMM
Gabriele VaccaGabriele Vacca
Mechanical Fitter at MMMMechanical Fitter at MMM
Afroze SherifAfroze Sherif
ERP Specialist & IT Specialist at Alfaraa Arabia & Unibeton ReadymixERP Specialist & IT Specialist at Alfaraa Arabia & Unibeton Readymix
ABRAR ALSHARIFABRAR ALSHARIF
Post-Merger Integration Manager - M&A / Acquisition at Saudi Investment Recycling CompanyPost-Merger Integration Manager - M&A / Acquisition at Saudi Investment Recycling Company