Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Timeline
Generic
Ali Alghamdi

Ali Alghamdi

Riyadh

Summary

An accomplished Cybersecurity General Manager renowned for developing and executing cutting-edge cybersecurity strategies. With over 19 years of exemplary leadership, I've ensured the absolute confidentiality, integrity, and availability of critical data assets. Proficient in risk management, compliance, and establishing robust security frameworks, I'm poised to leverage this expertise to drive pioneering security initiatives, fortify defenses, and actively contribute to strategic objectives. My commitment aligns seamlessly with the transformative aspirations outlined in Saudi Arabia's Vision 2030.

Overview

20
20
years of professional experience
1
1
Certification

Work History

Cybersecurity General Manager

Saudi Commission for Health Specialties
02.2020 - Current
  • Developed and aligned cybersecurity strategy roadmap with organizational goals and industry best practices.
  • Orchestrated robust cybersecurity standards and procedures, ensuring compliance and fostering collaboration with National Cybersecurity Authority.
  • Enhanced cybersecurity risk management methodologies to fortify organizational resilience amidst dynamic threat landscapes.
  • Established cybersecurity design principles for seamless integration with Organizational Architecture.
  • Aligned cybersecurity risk practices with enterprise-wide frameworks, mitigating cyber risks to critical assets.
  • Provided strategic leadership in cybersecurity HR, overseeing recruitment, talent retention, and training.
  • Spearheaded KPI development for cybersecurity initiatives, collaborating with Cybersecurity Supervisory Committee.
  • Oversaw continuous vulnerability assessments and managed periodic penetration tests for external service security.
  • Directed implementation of cybersecurity incident monitoring methodologies, presenting comprehensive reports to stakeholders.
  • Developed and maintained relationships with customers and suppliers through account development.
  • Managed budget implementations, employee evaluations, and contract details.

Information Technology General Manager

Saudi Commission for Health Specialties
04.2017 - 02.2020
  • Developed IT strategy aligning with organizational objectives, overseeing IT Roadmap creation and maintenance.
  • Led and supervised IT team, providing comprehensive guidance across their roles.
  • Managed annual IT budget for optimal resource allocation and cost-effectiveness.
  • Conducted benchmarking and recommended enhancements for IT infrastructure to meet evolving business needs and industry standards.
  • Provided oversight across all project phases, ensuring successful execution.
  • Established and managed high-performing consultant team, fostering motivational environment to retain top-quality talent.
  • Reviewed and assessed architecture design, implementation, testing, and deployment needs to identify project requirements and costs.
  • Guided implementation of company-wide enterprise security strategy for network and hardware, disaster recovery and endpoint protection.

Head of Security Information & Operations

Saudi Commission For Health Specialties
12.2015 - 04.2017
  • Formulated and oversaw IT Security projects, managing scope, timelines, resources, stakeholders, and deliverables, while mitigating project issues and risks within the Saudi Commission for Health Specialties.
  • Managed and maintained all security tools and technologies, ensuring their effective functionality.
  • Monitored operations and infrastructure to ensure optimal performance and security.
  • Implemented new technology solutions in alignment with security needs.
  • Conducted security analyses to identify and evaluate necessary security technologies, fostering robust protection measures.
  • Developed, implemented, and continuously audited policies and controls to fortify cybersecurity measures.
  • Coordinated day-to-day departmental operations, including planning and control functions, to ensure efficiency and adherence to security protocols.

Senior Information Security Engineer

Saudi Commission for Health Specialties
07.2010 - 11.2015
  • Identifying and defining system security needs, overseeing the selection and implementation of security tools, policies, and procedures.
  • Directly managing all security devices, including firewalls, assuming overall responsibility for company IT security.
  • Implementing necessary protections and constantly monitoring for potential security breaches.
  • Conducted Cyber Security Compromise Assessment.
  • Orchestrated Oracle Hyperion security implementation.
  • Led the implementation of Customer Service System (Tawasul).
  • Spearheaded Integration Platform for enhanced security.
  • Implemented Web and Email Filtering mechanisms.
  • Successfully oversaw the adoption of ISO 27001 standards.
  • Directed the implementation of a CCTV System for heightened security measures.
  • Worked with teams to develop company-wide information assurance, security standards and procedures.

Senior Network Engineer

Saudi Commission for Health Specialties
05.2004 - 07.2010
  • Established network environments, directed installations, and enforced standards.
  • Monitored and optimized system performance, resolving issues and scheduling upgrades.
  • Managed company-wide network policies and infrastructure.
  • Implemented key performance metrics for standards compliance.
  • Installed various network devices and services.
  • Connected branch offices and set up Prometric exam centers across SCFHS main office and 15 branches.
  • Oversaw company's entire network and related policies covering use, maintenance and infrastructure.
  • Established and monitored key performance metrics to verify consistent compliance with important networking standards.

Education

Master of Science - Cybersecurity

Lyle School of Engineering - SMU
Dallas
2015

Master - Engineering Management

Lyle School of Engineering - SMU
Dallas
2015

Bachelor of Science - Computer Science

Riyadh College of Technology
Riyadh
2010

Skills

  • Leadership & Communication
  • Cybersecurity Expertise
  • Strategic Planning
  • Risk Management
  • Technical Proficiency
  • Regulatory Compliance
  • Incident Response & Crisis Management
  • Business Acumen
  • Collaboration & Interpersonal Skills
  • Continuous Learning & Adaptability

Certification

(CISSP) Certified Information System Security Professional.
Digital Forensic.
(CRISC) Certified in Risk and Information Systems Control.
Artificial Intelligence for Executives.
Change Management (Prosci).
Q.Tech Leadership program.
ISO/IEC 27001 Lead Implementer (LI).
Developing Management Skills.
Certified KPI Professional.
(ITIL) Information Technology Infrastructure Library. Performance Management.
Objectives Formulation & Development of key Performance indicators.
(CCNA) Cisco Certified Network Associate.

Accomplishments

    Successful Implementation of Cybersecurity Strategies.

    Implementation of a Comprehensive Security Framework.

    Enhancement of Data Protection Measures.

    Strengthening Security Awareness Programs.

    Risk Mitigation and Compliance Achievement.

    Integration of Advanced Threat Detection Technologies.

    Building the Security Operations Center (SOC).
    Data Classification & Data Loss prevention (DLP). Privileged Access Management (PAM).
    Identity and Access Management (IAM).
    Database Activity Monitoring (DAM).
    Security Awareness Program.
    Web Application Firewall (WAF).
    Penetration Testing (PT).
    Vulnerability Management (VM).

Timeline

Cybersecurity General Manager

Saudi Commission for Health Specialties
02.2020 - Current

Information Technology General Manager

Saudi Commission for Health Specialties
04.2017 - 02.2020

Head of Security Information & Operations

Saudi Commission For Health Specialties
12.2015 - 04.2017

Senior Information Security Engineer

Saudi Commission for Health Specialties
07.2010 - 11.2015

Senior Network Engineer

Saudi Commission for Health Specialties
05.2004 - 07.2010

Master of Science - Cybersecurity

Lyle School of Engineering - SMU

Master - Engineering Management

Lyle School of Engineering - SMU

Bachelor of Science - Computer Science

Riyadh College of Technology

(CISSP) Certified Information System Security Professional.
Digital Forensic.
(CRISC) Certified in Risk and Information Systems Control.
Artificial Intelligence for Executives.
Change Management (Prosci).
Q.Tech Leadership program.
ISO/IEC 27001 Lead Implementer (LI).
Developing Management Skills.
Certified KPI Professional.
(ITIL) Information Technology Infrastructure Library. Performance Management.
Objectives Formulation & Development of key Performance indicators.
(CCNA) Cisco Certified Network Associate.

Ali Alghamdi