Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Salim Al-Khorim

Senior Cybersecurity GRC Specialist
32324

Summary

Multi-Certified Professional with excellent technical and analytical acumen demonstrated through a progressive career spanning over 10 years in IT Project Management. Experienced in leading the design and implementation of multiple Cybersecurity/ Information Security, ERP Systems and IT Infrastructures projects simultaneously, while also working with over 35 Cross-Functional teams to ensure projects are delivered within schedule and budget.

Overview

10
10
years of professional experience
7
7
Certifications

Work History

Senior Cybersecurity GRC Specialist

EnergyTech Institute
10.2015 - Current
  • Develop and implement cybersecurity governance including policies, procedures, and standards.
  • Communicate policies, standards, and procedures to relevant stakeholders and follow up on implementation.
  • Ensure cybersecurity requirements are integrated into project objectives with the cybersecurity function involved in all project phases.
  • Define, implement, and monitor the cybersecurity training and awareness program for company employees and customers.
  • Manage requests for exceptions from policies and ensure necessary controls are applied.
  • Review the design of the cybersecurity architecture and recommend modifications and additions to necessary cybersecurity controls.
  • Define the methodology and procedures for managing cybersecurity risks, apply them, and periodically review them.
  • Implement the Security Risk Assessment methodology, policy standards, and processes.
  • Prepare risk assessment reports and obtain required approvals.
  • Update the risk register, notify appropriate stakeholders, conduct meetings with business leaders as needed, and assist in driving risks to an acceptable level.
  • Monitor the company's cybersecurity risk profile and risk appetite to achieve an optimal balance between business risks and opportunities.
  • Ensure proper treatment of reported information security risks by reviewing risk mitigation plans, following up on risk mitigation activities, and escalating non-mitigated risks.
  • Perform risk assessments at the project's outset to ensure cybersecurity requirements are addressed either by existing cybersecurity controls (based on cybersecurity standards) or through development.
  • Monitor and update KRIs.
  • Develop, implement, and monitor the cybersecurity compliance program.
  • Ensure the company complies with all relevant regulations from regulators such as NCA, and SDAIA.
  • Prepare compliance reports on cybersecurity requirements and obtain required approval.
  • Recommend changes or enhancements to company policies based on the evolving threat landscape.
  • Build and maintain a knowledge repository to facilitate audits, knowledge transfer, and sharing.

IT Project Manager

EnergyTech Institute
10.2015 - Current
  • Facilitated seamless collaboration and communication between Stakeholders and Department Heads, encouraging the identification of new requirements and ensuring alignment with business objectives
  • Developed all Initiation documentation for new projects, such as Project definition, Business case, Project Scope, Project Budget, Project Timeline, and others
  • Managed all phases of the project and fostered smooth collaboration with suppliers, contractors, and subcontractors to ensure rapid completion within budget constraints and optimal utilization of resources
  • Conducted weekly meetings for Executive Stakeholders and project teams to ensure seamlessly exchanged information regarding project progress and status reports
  • Oversaw the implementation and integration of Oracle Fusion and PeopleSoft Systems and the involvement of project planning, estimating, scheduling, resource allocation, communication management, risk mitigation, and supervision of change control processes
  • Championed the initiation, planning, execution, and closure of intricate Information Security/ Cybersecurity and Compliance Projects including implementing NAC and PAM, IAM, MDM, Key Management, SIEM, Advanced DNS Protection, Next Generation Firewall, Web Application Firewall, Endpoint Security and Email Security Gateways Solutions
  • Led IT infrastructure projects including LAN Infrastructure upgrade, on-premises physical server migrations to Azure Cloud and wireless access points across EnergyTech Institute campuses
  • Streamlined ITIL framework to provide a defined approach to IT service management, offering guidelines, best practices, and processes to ensure that IT services align with the needs and goals of the business
  • Utilized Scrum Methodologies, including Sprint planning, daily standups, User Stories, and small teams, to expedite the delivery of value in a more efficient and timely manner.

Systems Analyst

SNC-Lavalin Fayez Engineering
01.2015 - 09.2015
  • Assessed and analyzed HR Information Systems (Workday, Sage, Microsoft Dynamics 365) to identify process bottlenecks and executed optimized solutions to decrease onboarding time and improvement in data accuracy
  • Analyze, assess, and enhance the functionality and performance of HR systems, encompassing HR management software, applicant tracking systems, payroll systems, and employee self-service portals
  • Translated business requirements into system change specifications for use by development teams
  • Established comprehensive auditing process to ensure accuracy and compliance in record-keeping
  • Drove compliance with HR policies in data reporting by fostering collaboration with HR data entry department
  • Monitored evolving regulatory changes and parameters to maintain operational compliance
  • Improved the efficiency of the new employee onboarding procedure through the coordination of training sessions, resolution of issues, and overseeing the processing of paperwork.

IT Support Specialist

SNC-Lavalin Arabia LLC
03.2014 - 01.2015
  • Provided technical assistance to a varied team of over 100 members, addressing issues related to network access, troubleshooting system utilities, and enhancing overall productivity
  • Enhanced user onboarding efficiency by instituting a streamlined process within Active Directory and Exchange Server Manager, facilitating the provisioning of user accounts for all local users
  • Improved the onboarding experience for employees by setting up and customizing laptops, desktops, and IP phones, ensuring all setups are aligned with individual preferences and needs
  • Coordinated the development and delivery of specialized training courses for recently hired team members
  • Arranged workstations for employees with computers, monitors and associated cabling or equipment
  • Performed new hardware installations and upgrades to maintain system functionality and security
  • Installed new software for users and monitored version and patch update requirements
  • Executed server backup and recovery procedures following established protocols.

Education

BSc (Hons) Computer Science Degree -

Anglia Ruskin University
Cambridge, UK

International Foundation Program in Technology - undefined

Cambridge Ruskin International College
Cambridge, UK

iLead2 Leadership Development Program - undefined

Cranfield University
Cranfield, UK

Skills

Project Management

Agile & Waterfall Methodologies

Cross-Functional Team Facilitation

Business Analysis

Effective Communication

Knowledge of the National Cybersecurity Authority (NCA) Regulations

Security Awareness Training

Planning and Organization

ITIL Service Management

Project Management

Agile & Waterfall Methodologies

Cross-Functional Team Facilitation

Resource and Vendor Management

Risk Assessment

Solid understanding of ITIL v4 Service Management Best Practices

Network Operations Management

Cloud Computing and Virtualization

Certification

Certified Information Security Manager (CISM), 07/2024, ISACA: Information Systems Audit and Control Association

Languages

Arabic
Native language
English
Advanced
C1

Timeline

Senior Cybersecurity GRC Specialist

EnergyTech Institute
10.2015 - Current

IT Project Manager

EnergyTech Institute
10.2015 - Current

Systems Analyst

SNC-Lavalin Fayez Engineering
01.2015 - 09.2015

IT Support Specialist

SNC-Lavalin Arabia LLC
03.2014 - 01.2015

BSc (Hons) Computer Science Degree -

Anglia Ruskin University

International Foundation Program in Technology - undefined

Cambridge Ruskin International College

iLead2 Leadership Development Program - undefined

Cranfield University

Similar Profiles

  • Sandy XIE

    Sandy XIESandy XIE

    Comprehensive Administrative Assistant at Shenzhen MegaCool EnergyTech LimitedComprehensive Administrative Assistant at Shenzhen MegaCool EnergyTech Limited

  • Devadas Pallepati

    Devadas PallepatiDevadas Pallepati

    Senior System Administrator at EnergyTech Global Private LimitedSenior System Administrator at EnergyTech Global Private Limited

  • Jyothi Swaroop Sripada

    Jyothi Swaroop SripadaJyothi Swaroop Sripada

    Senior Manager- Customer Experience and Head - L&D at EnergyTech Global India Pvt LtdSenior Manager- Customer Experience and Head - L&D at EnergyTech Global India Pvt Ltd

  • Jodie Medley

    Jodie MedleyJodie Medley

    Classroom Teacher, Grades 10 - 12 at Decatur County School BoardClassroom Teacher, Grades 10 - 12 at Decatur County School Board

  • Nathaniel Travis

    Nathaniel TravisNathaniel Travis

    Unit Treatment & Rehab Specialist Shift Supervisor at DCFUnit Treatment & Rehab Specialist Shift Supervisor at DCF

CREATE PROFILE
Salim Al-KhorimSenior Cybersecurity GRC Specialist