Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Ayah Talal Al-Faqih

Riyadh

Summary

Senior Cybersecurity Control Specialist with experience in GRC, risk management, and compliance. Proven ability to align security strategies with regulatory frameworks like SAMA CSF. Skilled in leading teams, managing cybersecurity policies, and conducting risk assessments to meet business objectives.

Overview

7
7
years of professional experience
1
1
Certification

Work History

Senior Cybersecurity Control Specialist

Hala Payments
05.2023 - Current
  • Developed cybersecurity risk management frameworks aligned with ERM
  • Contributed to the cybersecurity strategy and SAMA maturity level 3 project, ensuring compliance
  • Managed and submitted SAMA annual and quarterly cybersecurity reports
  • Led penetration testing and vulnerability management projects to reduce risk exposure
  • Managed cross-functional teams to ensure implementation of cybersecurity policies
  • Managed EDR, DLP, Data Classification, PAM, SIEM, and Mail Gateway systems

Senior Officer - IT Security

SEDCO Holding
12.2021 - 05.2023
  • Managed cybersecurity control implementation projects
  • Led SIEM, EDR system, PAM, firewall, and Active Directory security management
  • Conducted web security assessments and reported vulnerabilities to management
  • Reviewed, updated, and developed cybersecurity policies and standards
  • Implemented LAPS and promoted information security awareness

Associate IT Engineer

Careem Information Technology Services
01.2021 - 11.2021
  • Monitored and resolved network and device technical issues
  • Managed Identity Access Management and IT support requests
  • Led system installations, training, and VPN setup

IT Coordinator

Careem Information Technology Services
11.2019 - 12.2020
  • Provided IT technical support and monitored system operations
  • Ensured high service levels on the help desk

IT Intern

Careem Information Technology Services
04.2019 - 10.2019
  • Assisted with IT inventory management and equipment setup
  • Provided remote and on-site user support for software and hardware issues

IT Teacher

Jazeerat Al-Uloom School
09.2017 - 01.2019
  • Taught IT concepts and practical computing studies
  • Developed learning plans and conducted immersive IT activities

Education

Master of Science - Cybersecurity

University of Jeddah
05.2021

Bachelor of Science - Computer Information Systems, Completion of specialization track in E-system development

King Abdulaziz University
06.2017

Skills

  • Governance, Risk Management & Compliance (GRC)
  • Regulatory Frameworks (SAMA CSF, NCA)
  • Cybersecurity Strategy & Risk Management
  • Policy Development & Compliance Initiatives
  • Penetration Testing & Vulnerability Management
  • SIEM, EDR, PAM, DLP Systems
  • Incident Response & Mitigation
  • Cross-functional Team Leadership

Certification

  • Cybersecurity Risk Management Training, 2024
  • Kraken Hunter, Sysdig, 2023-2024
  • Masterclass System Forensics & Incident Response Training, Cqure Academy BlackHat, 2022
  • CEH, EC-Council, 2022-2025
  • Security Analysis (ANYSA), Alien Vault, 2022
  • EJPT, ELearnSecurity, 2022
  • Security+, CompTIA, 2021
  • Professional Accreditation Saudi Council of Engineering, 2021-2024
  • NSE 2 Network Security Expert, Fortinet, 2020
  • CompTIA Network+ (N10-007) CertPrep: Understanding Network, LinkedIn Learning, 2019

Languages

Arabic
Native language
English
Proficient
C2

Timeline

Senior Cybersecurity Control Specialist

Hala Payments
05.2023 - Current

Senior Officer - IT Security

SEDCO Holding
12.2021 - 05.2023

Associate IT Engineer

Careem Information Technology Services
01.2021 - 11.2021

IT Coordinator

Careem Information Technology Services
11.2019 - 12.2020

IT Intern

Careem Information Technology Services
04.2019 - 10.2019

IT Teacher

Jazeerat Al-Uloom School
09.2017 - 01.2019

Bachelor of Science - Computer Information Systems, Completion of specialization track in E-system development

King Abdulaziz University
  • Cybersecurity Risk Management Training, 2024
  • Kraken Hunter, Sysdig, 2023-2024
  • Masterclass System Forensics & Incident Response Training, Cqure Academy BlackHat, 2022
  • CEH, EC-Council, 2022-2025
  • Security Analysis (ANYSA), Alien Vault, 2022
  • EJPT, ELearnSecurity, 2022
  • Security+, CompTIA, 2021
  • Professional Accreditation Saudi Council of Engineering, 2021-2024
  • NSE 2 Network Security Expert, Fortinet, 2020
  • CompTIA Network+ (N10-007) CertPrep: Understanding Network, LinkedIn Learning, 2019

Master of Science - Cybersecurity

University of Jeddah

Similar Profiles

  • Ziad Tarish

    Ziad TarishZiad Tarish

    IT Risk & BCM Manager, at HALA PaymentsIT Risk & BCM Manager, at HALA Payments

    View Profile
  • RANIA BOU SALIH

    RANIA BOU SALIHRANIA BOU SALIH

    Head of Policy & Procedures at HALA PAYMENTS COMPANYHead of Policy & Procedures at HALA PAYMENTS COMPANY

    View Profile
  • Yuossef Mohammed

    Yuossef MohammedYuossef Mohammed

    MAINTAINCE FTTH at HALA SATMAINTAINCE FTTH at HALA SAT

    View Profile
Ayah Talal Al-Faqih