Summary
Overview
Work history
Education
Skills
Certification
Languages
Custom
Timeline
Generic

HAMOUD Bin MUHAYYA

Saudi Arabia

Summary

Accomplished professional with extensive expertise in data management and privacy, GRC in IT/OT, and cybersecurity frameworks, including NIST, ISO27001, and CIS. Proven track record in managing complex projects related to OT/IT cybersecurity, technical networks, and critical infrastructure, with a strong focus on quality and performance analysis. Skilled in the design, implementation, and integration of network infrastructure, and adept at operational audits and OT audits. Proficient in industrial networking topologies, OT network communication protocols, and automation systems, ensuring compliance with NCA regulations and SEC standards. Career goals include advancing the implementation of cutting-edge cybersecurity solutions in ISA/OT environments.

Overview

11
11
years of professional experience
2014
2014
years of post-secondary education
1
1
Certification

Work history

Cybersecurity Lead

Water Transmission Company
04.2025 - 04.2025
  • Leading cybersecurity initiative and strategy in securing converged IT/OT infrastructures with strong knowledge of NIST, IEC 62443, and ISO 27001 standards and NCA regulations.
  • Led implementation of network segmentation and secure remote access for industrial systems (SCADA, PLC, DCS).
  • Developed cybersecurity policies, incident response plans, and managed SIEM/IDS integration for real-time monitoring.
  • Conducted risk assessments, compliance audits, and exercises, improving threat detection and reducing operational risk.
  • Skilled in cross-functional collaboration, legacy system hardening, and vendor coordination to enhance security across enterprise and industrial networks.
  • Change management Process.
  • Enhance GRC tools across organizations.

Data Management & Privacy Manager

National Industrialization Company
01.2025 - 04.2025
  • Data Governance Expertise: Establish and oversee robust frameworks to ensure compliance with SDAIA's regulations and implement policies for data collection, storage, and processing in alignment with PDPL.
  • Privacy Protection Leadership: Design and enforce comprehensive privacy measures, including Privacy Impact Assessments (PIA) and employee training programs, to safeguard sensitive data.
  • Compliance and Audit Management: Conduct regular audits and develop processes to maintain alignment with Saudi regulatory requirements, ensuring seamless cooperation with SDAIA and other authorities.
  • Risk Mitigation and Incident Response: Implement advanced data security controls and develop action plans to address breaches or security incidents swiftly and effectively.

Sr. Specialist I, GRC Cybersecurity

National Industrialization Company
12.2023 - 12.2024
  • Developed and implemented a comprehensive IT/OT security framework.
  • Conduct Compromise Assessment to improve incident response, mitigate future attacks, identify hidden threats.
  • Contact maturity assessment for IT/OT based on CMMI and C2M2 tools.
  • Conduct PT for IT/OT to identify and prioritize security risk, evaluate the organization to protect its networks, applications, endpoints, and users from external or internal attempts to circumvent its controls and gain unauthorized or privilege access to protected assets.
  • Identified and mitigated cyber-attacks, maintaining a high level of system security.
  • Implemented a successful user awareness-training program, reducing potential human errors.
  • Conducted annual IT/OT risk assessments, ensuring continuous improvement of the security system.
  • Advised Stakeholder on GRC strategies to align cybersecurity initiatives with business objectives and regulatory requirements.
  • Conducted comprehensive security assessments and audits to identify vulnerabilities and assess risk levels.
  • Implement GRC solution (ServiceNow) from starting phase up to go live to support overall organization in managing all activity between the department in easy and effective automate process with cybersecurity requirements.
  • Developed and implemented cybersecurity policies, procedures, and guidelines tailored to the organization's needs and industry standards.
  • Assisted in regulatory compliance efforts, including (ISO 27001), NCA and NIST ensuring adherence to data protection and security standards.
  • Collaborated with cross-functional teams to design and implement security controls and solutions.
  • Conducted security awareness training sessions to educate stakeholders on cybersecurity best practices and threats.
  • Evaluated and recommended security technologies and tools to enhance overall security posture.
  • Review, manage, and update company Policies, Procedures, and Controls implementation.
  • Provided comprehensive reporting on all IT/OT Security incidents and breaches, insights into future security strategy adjustments.

Sr. Specialist I cybersecurity

National Industrialization Company
08.2023 - 12.2023
  • Involves in Policy and procedures of OT cybersecurity.
  • Responsible for monitoring/implementing cyber security solutions in support of manufacturing operations, detection, and analysis of potentially compromised systems, root cause analysis, and supporting remediation efforts.
  • Good technical knowledge of OT cyber security, and experience with security solutions.
  • Involve with the Incident Response process is aware of the latest threats within industry, and an interest in becoming an expert in OT security.
  • Leverages technical knowledge in multiple disciplines within Infrastructure and Information Security such as assessing threats, and Incident Response.
  • Researching potential impact on the organization and communicating the risks.
  • Collaborate with teams to implement new OT Cyber Security technologies.
  • Provide regular risk briefings to senior management on the findings and develop remediation approaches.
  • Recommend necessary corrective and preventive actions to reduce the risk.

Senior OT Cybersecurity Engineer

Dimension Data company
04.2023 - 08.2023
  • Responsible for the planning, design and building of security architectures, oversees the implementation of network and computer security and ensures compliance with corporate cybersecurity policies and procedures.
  • Monitors cybersecurity requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices.
  • Performs security assessments of applications and systems using vulnerability testing and risk analysis.
  • Configure and installs firewalls and intrusion detection systems.
  • Implements software fixes (patches) to remove system vulnerabilities.
  • Responds immediately to cybersecurity related incidents and provides a thorough post-event analysis.
  • Investigate intrusion incidents in OT field.

Senior ICS/OT Security Engineer

ITB company
01.2021 - 03.2023
  • Assessment of OT assets.
  • Share in design phase for cyber security solution.
  • Implementation of multi-vendor security and network solutions in OT.
  • Integration of OT assets with SOC.
  • Configuration of OT Assets with security solution.
  • Participated in design, implementation, and technical support in the Cyber security projects.
  • Manage connectivity and integration of cyber security solutions.
  • Coordination with vendors and customers to finalize LLD of selected security solutions including test design and procedure for POCs.
  • Prepare standards& compliance according to current industry standards such as IEC 62443, IEC61850. NCA & ISO/IEC 27001.
  • Develop and manage comprehensive project plans and associated project documents.
  • Guide, support, and supervise a team of technicians at worksites.
  • Installation of networks and network-related equipment.
  • Performing site surveys and providing reports.
  • Powering up for network and security devices, and all related work involved in power up.
  • Troubleshooting and maintaining networks and security equipment.
  • Support in technical requirements of material required for the installation process.
  • Configuration of cyber security devices.
  • Integration of cyber security devices.
  • Procurement Management in Cyber security Projects.

Power Transmission line Engineer

Saudi Electricity Company
01.2014 - 01.2020
  • Responsible for assuring that the overall Transmission substation projects are appropriate to deliver services effectively.
  • Working as group leader in commissioning department for follow up with all concerned department in the projects to finalize all issues during commissioning stage.
  • Conduct risk assessment and implement Cybersecurity requirements across sites.
  • Supervising new substation projects in SEC.
  • Supervising old substations projects after adding new feeders or any equipment.
  • Executes day-to-day operation and another assigned responsibility.
  • Execute pre-defined inspections and audits as directed and reports results appropriately to ensure quality standards are maintained at the desired level.
  • Plans work as per agreed stages and timescales of overall project to achieve the required results.
  • Collect data and producing progress reports.
  • Review and record As-Built documentation.
  • Supervising contractors, suppliers, and vendors for following as per standard.
  • Modifying many things in standard that keeps work easy and reduces time.
  • Managing contractors and vendors like GE, Siemens, ABB and Alfanar.
  • Experience in NOC (network operation center) and witnessing activity substation to connect telecom device SDH with NOC for ensuring or confirming the integration from Substation to NOC.
  • Involved in the NMS management system deployment for DWDM transmission domain.
  • Manage NMS project delivery to operation.
  • Manage NMS projects demands and execution.
  • Prepare & attend site acceptance test for NMS solutions.
  • Troubleshooting in Substation Automation System such as failure In Communication between SAS and protection devices like IED (Protection relays) troubleshooting such as replacing defective cards.

Education

Bachelor's in B.SC - Electrical Engineering - Communications

Shaqra University

Skills

  • Data Management and Privacy
  • GRC in IT/OT
  • Frameworks and standards (NIST, ISO27001, CIS)
  • NCA regulations
  • Projects Management (OT/IT Cyber Security, Technical, Critical Networks)
  • Cybersecurity
  • Design
  • Implementation
  • Integration
  • Connectivity
  • Network Infrastructure
  • Quality
  • Orders Quality Check
  • Analysis
  • Reporting
  • Performance
  • Operational audits
  • OT Audit
  • Cybersecurity frameworks for ISA/OT environments (ISA-99/IEC 62443, NIST SP 800-82)
  • OT network communication protocols (Ethernet/IP, CIP, Modbus, OPC)
  • Industrial networking topologies
  • Automation System
  • Operation Technologies
  • Control Systems
  • Testing and commissioning for transmission line Substations projects
  • SEC Standards and Specification
  • Supervise and monitor on site activities
  • Review and supervise subcontractor inspection reports

Certification

  • Security +
  • Nozomi Networks Certified Engineer
  • Cybersecurity for Safe, Reliable, Secure (ICS) from Fortinet
  • NSE1, NSE2 and NSE3
  • ISA/IEC 62443 Cybersecurity Fundamentals Specialist
  • ISA/IEC 62443 Cybersecurity Risk Assessment Specialist
  • GRC Professional (GRCP)
  • CRISC Training Course
  • Certified Information Security Manager (CISM)
  • Certified Information Privacy Manager (CIPM)
  • Craft appreciation for Engineers (CAFÉ)
  • Communication skills effective
  • Deal with work's environment
  • Excellence service
  • 7 habits of highly effective people
  • GIS
  • Transformers
  • SAS
  • Maintenance of SVC equipment
  • Corporate training in Saudi Electricity Company, 06/23/12, 08/01/12
  • Corporate training in ALBAYRONI SABIC COMPANY IN JUBAIL, 06/24/13, 08/02/13

Languages

Arabic
English

Custom

  • Data Management and Privacy
  • GRC in IT/OT
  • Strong Understanding of Frameworks and standards NIST, ISO27001 and CIS
  • Knowledge of NCA regulations
  • Projects Management (OT /ITCyber Security, Technical, Critical Networks)
  • Cybersecurity / Design / Implementation/ integration, and Connectivity
  • Network Infrastructure (Infrastructure project, Critical OT zones)
  • Quality, Orders Quality Check
  • Analysis, Reporting and Performance
  • Operational audits, OT Audit
  • Strong understanding of cybersecurity frameworks for ISA/OT environments (ISA-99/IEC 62443, NIST SP 800-82)
  • Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC)
  • Strong understanding of Automation System
  • Operation Technologies & Control Systems
  • Testing & commissioning for transmission line Substations projects
  • SEC Standards & Specification
  • Supervise and monitor on site activities performed by contractors, vendors and ensuring project requirements are met
  • Review and supervise subcontractor daily and weekly inspection reports

Timeline

Cybersecurity Lead

Water Transmission Company
04.2025 - 04.2025

Data Management & Privacy Manager

National Industrialization Company
01.2025 - 04.2025

Sr. Specialist I, GRC Cybersecurity

National Industrialization Company
12.2023 - 12.2024

Sr. Specialist I cybersecurity

National Industrialization Company
08.2023 - 12.2023

Senior OT Cybersecurity Engineer

Dimension Data company
04.2023 - 08.2023

Senior ICS/OT Security Engineer

ITB company
01.2021 - 03.2023

Power Transmission line Engineer

Saudi Electricity Company
01.2014 - 01.2020

Bachelor's in B.SC - Electrical Engineering - Communications

Shaqra University

Similar Profiles

  • Khaled Alhawas

    Khaled AlhawasKhaled Alhawas

    Regional Project Manager at Water Transmission CompanyRegional Project Manager at Water Transmission Company

  • Aishaa Alnafisah

    Aishaa AlnafisahAishaa Alnafisah

    Senior PMO Specialist at WTTCO - Water Transmission &Technologies CompanySenior PMO Specialist at WTTCO - Water Transmission &Technologies Company

  • Ayub Ahmed

    Ayub AhmedAyub Ahmed

    Sr. SAP Integration Consultant at Water Transmission And Technologies Company(WTTCO)Sr. SAP Integration Consultant at Water Transmission And Technologies Company(WTTCO)

  • Dhari Faraj Alshammari

    Dhari Faraj AlshammariDhari Faraj Alshammari

    IT technical support intern at technical and vocational training corporationIT technical support intern at technical and vocational training corporation

  • TINTO BABY

    TINTO BABYTINTO BABY

    Engineering Manager at Eaton ArabiaEngineering Manager at Eaton Arabia

Create profile
HAMOUD Bin MUHAYYA