Mussaed Alsaeed

Key Responsibilities:

• Cyber Defense Center: Spearhead the overall strategy and operation of Mobily’s Cyber Defense Center, ensuring comprehensive protection against current and emerging cyber threats. Drive the development and implementation of advanced cybersecurity frameworks and policies.
• 24/7 Security Monitoring: Oversee round-the-clock monitoring of Mobily's network and systems to detect and respond to security threats in real time. Enhance incident detection and response capabilities through continuous refinement of monitoring tools and processes.
• Digital Forensics and Incident Response (DFIR): Lead the DFIR team in identifying, investigating, and resolving security breaches. Develop robust incident response plans to swiftly manage and mitigate incidents, minimizing operational disruption and data loss.
• Threat Intelligence: Develop and enhance the threat intelligence program to ensure timely acquisition of intelligence feeds, enabling proactive prevention of cyber incidents. Prioritize the integration of actionable intelligence to inform and refine defense strategies.
• Content and Platform Security Oversight: Oversee the operation and continual improvement of defense technologies, ensuring the adoption of cutting-edge solutions. Drive the automation of security processes to enhance efficiency and effectiveness in threat detection and mitigation.

Key Responsibilities :

• Offensive Department Establishment: Built the offensive department from the ground up, crafting its foundational framework rooted in global cybersecurity standards. This ensured both alignment with industry best practices and compliance with regulatory requirements.
• Departmental Leadership: Spearheaded the Offensive Security Department, overseeing both the Vulnerability Assessment, Penetration Testing and Red Teaming units, ensuring seamless collaboration and optimal performance.
• Comprehensive Vulnerability Management: Diligently managed vulnerabilities across all assets within the environment, driving continuous enhancement of security postures and risk mitigation.
• Diverse Penetration Testing: Led exhaustive penetration testing assessments on a range of platforms including Network, Web applications, Mobile applications, and Active Directory, pinpointing potential risks and recommending mitigation strategies.
• Red Teaming Excellence: Orchestrated red teaming activities to proactively identify and address weak areas in security protocols, simulating advanced threat scenarios for comprehensive defense optimization.
• Vulnerability Intelligence: Maintained an updated pulse on emerging vulnerabilities across a spectrum of network and security devices from diverse vendors, ensuring timely response and patch management.

Key Responsibilities:

• Diverse Penetration Testing: Spearheaded web and network penetration testing engagements for a varied clientele, including government entities, the private sector, and financial institutions.
• Multi-layered Assessments: Executed both manual and automated penetration tests across various system layers, encompassing Web Servers, Application Servers, and Databases, to ensure thorough vulnerability detection.
• Quality Assurance: Upheld the highest standards of deliverable quality, ensuring reports and findings met client expectations and industry benchmarks.
• Team Leadership: Managed a technical team across all projects, fostering collaboration, ensuring deadlines, and maintaining consistent performance standards.

Key Responsibilities:

• Application Penetration Testing: Led in-depth penetration testing of Web and Mobile Applications across various government and private platforms, identifying and addressing potential security vulnerabilities.
• Project Security Review: Undertook security assessments for new projects, ensuring that security measures were integral from the inception stage.
• Employee Security Awareness: Regularly orchestrated phishing campaigns to gauge and enhance employee security awareness, aiming to fortify the organization's human firewall against potential threats.

Key Responsibilities:

• Web Application Penetration Testing: Conducted rigorous penetration testing on a myriad of web applications, including but not limited to stc.com.sa, my.stc.com.sa, and mystore.stc.com.sa, ensuring their robust security postures.
• Mobile Application Security: Spearheaded security assessments for the MySTC app across both iOS and Android platforms, identifying and mitigating potential vulnerabilities.
• Server Threat Monitoring: Built a threat monitoring tool to proactively detect, alert, and respond to suspicious activities and potential security breaches.
• Layered Penetration Assessments: Led both manual and automated penetration tests across diverse system layers, such as Web Servers, Application Servers, Data Power, and Databases, ensuring a comprehensive security evaluation.
• Departmental Security Reviews: Played an instrumental role in the security assessments of new projects within the department, ensuring a security-first approach from the beginning.