Muzammil H. Mohammed
Riyadh,Saudi Arabia
Summary
Certified and result-oriented IT & Cybersecurity Auditor with around 8 years of Middle East experience with a strong technical & Audit background who possesses self-discipline and the ability to work with minimum supervision. Having exposure to a wide range of IT processes, and technologies and being able to play a key role in diagnosing Cybersecurity, Network, and data security problems and ensuring quality solutions meet business objectives
Overview
13
13
years of professional experience
4
4
years of post-secondary education
1
1
Certification
Work History
Assistant Manager
Protiviti Middle East Member Firm
Riyadh , Saudi Arabia
09.2022 - Current
- Scheduled and planned audits, and developed comprehensive plans including scope, purpose, and risk assessments, ensuring systematic and thorough audit processes.
- Conducted fieldwork such as interviews, surveys, control design analysis, control testing, and review of audit evidence, leading to detailed and accurate audit findings.
- Reported audit issues, defined problems, and provided actionable recommendations, contributing to improving control environments.
- Reviewed IT General Controls (ITGC) for compliance with COSO and COBIT standards, evaluating design and operational effectiveness, and ensuring robust risk mitigation strategies.
- Assessed application controls by evaluating authorization, interface control, data validity, backups, job processing, application security, capacity management, problem management, and change management, leading to strengthened application security.
- Conducted cybersecurity assessments and risk-based audits based on ISO27001, NIST, and NCA guidelines and standards, enhancing the organization's cybersecurity posture.
- Performed BCMS audits, ensuring compliance with ISO 22301 standards and reviewing controls for Business Impact Analysis (BIA), recovery strategy, Business Continuity Plans (BCP), IT Disaster Recovery (DR) Plans, and performance monitoring documents.
- Conducted risk assessments for IT & Cybersecurity environments, systems, and infrastructure by performing gap analyses against industry standards and identifying risks, ensuring effective control mitigation.
- Examined IT & Cybersecurity processes and systems, evaluated control risk gaps, and provided management with recommendations for policy, procedure, and practice improvements, thereby enhancing overall IT & Cybersecurity Governance.
IT Internal Auditor
Burhan Group
Makkah , KSA
06.2013 - 08.2022
- Providing Business and IT management with guidance on IT risk management matters, particularly on application and infrastructure security
- Identifying areas where business needs additional investment and areas internal audit should focus
- Assisted in the Implementation of SAP and was part of a core team including access controls for Material management and Finance
- Detecting deficient controls, risks within the Financial Applications and Networking system, processes, regulations and management policies
- Conducting IT audits and reviews of systems, applications and IT processes
- Performing pre and post implementation reviews of system implementation or enhancements
- Performing IT security audits, including evaluating if security vulnerabilities are properly identified and mitigated
- Coordinate the scope and performance of these reviews with business units and external security experts
- Performing reviews of IT management policies and procedures such as change management, disaster recovery and information security to ensure that controls surrounding these processes are adequate
- Preparing reports, highlighting concerns while sharing recommendations and ways of improvement with the senior auditors
- Identifying opportunities for team training and skills advancement.
IT Vendor Management - Web Developer
Saudi Arabian Airlines
Jeddah , KSA
06.2011 - 05.2013
- Designing, coding, and modifying websites, from layout to function and according to a client's specifications
- Striving to create visually appealing sites that feature user-friendly design and clear navigation
- Communicating and meeting with clients as needed
- Accurate documentation of all activities conducted
- Worked closely with stakeholders at all levels of the process
- Worked on the automation of IT Vendor Management Processes in Classic ASP & .NET Web Technology (Contract Management, Invoice Handling, Vendor Registration, Contract Performance Evaluation etc.)
- Performed Integration testing, Penetration testing and User Acceptance Testing for the developed web application.
Education
Bachelor of Technology - Computer Science and Engineering
Jawaharlal Nehru Technological University
09.2006 - 08.2010
Skills
- Methodologies/Process: SDLC, Object-oriented analysis & design, UML, Rational Unified Process (RUP)
- Tech/Programming: ASPNet, Classic ASP, Java Script, VB Script, HTML, C#
- Applications: Rational Requisite Pro, MS Office, Project, Visio, SharePoint, SAP
- Databases: DB2, SQL Server 20XX, Oracle, Windows, IIS, MS Access
- Hardware & Networking: LAN, WAN, VPN, DMZ, Load Balancing
Certification
- Certified Ethical Hacker, EC-Council, Cybersecurity
- FCBA, British Computer Society, Business Analysis
- CISA, ISACA, IT Audit
Languages
English
Fluent
Urdu
Native
Arabic
Intermediate
Affiliations
- Reading
- Travelling
- Table Tennis
References
References available upon request.
Timeline
Assistant Manager
Protiviti Middle East Member Firm
09.2022 - Current
IT Internal Auditor
Burhan Group
06.2013 - 08.2022
IT Vendor Management - Web Developer
Saudi Arabian Airlines
06.2011 - 05.2013
Bachelor of Technology - Computer Science and Engineering
Jawaharlal Nehru Technological University
09.2006 - 08.2010
- Certified Ethical Hacker, EC-Council, Cybersecurity
- FCBA, British Computer Society, Business Analysis
- CISA, ISACA, IT Audit
Similar Profiles
Khalid SalikKhalid Salik
Senior Manager at Protiviti Member Firm Middle EastSenior Manager at Protiviti Member Firm Middle East
Md Amamul Haque CMAMd Amamul Haque CMA
Consultant (Internal Audit and Financial Advisory) at Protiviti India Member Firm Ltd.Consultant (Internal Audit and Financial Advisory) at Protiviti India Member Firm Ltd.
Saumya RajSaumya Raj
Manager at Protiviti India Member FirmManager at Protiviti India Member Firm