Dr. Haitham Hilal ALHajri

• As the Head of Cybersecurity, I lead the bank's efforts in implementing robust security strategies to safeguard digital assets, data, and infrastructure. I ensure compliance with regulatory standards and internal controls, while actively managing risk and providing expert guidance on all information security matters. I oversee the selection of managed services vendors for incident response, security audits, and vulnerability assessments, and work to foster a strong culture of cybersecurity awareness across the organization. Additionally, I played a key role in the migration of select servers to Oracle Cloud and the integration of security tools to strengthen the bank's overall security posture.
• Key Responsibilities:
• Spearheaded the development and execution of the bank's cybersecurity strategy, aligning with both business goals and regulatory requirements.
• Extensive experience in risk mitigation and compliance, ensuring the protection of data, networks, and systems across the organization.
• Led incident response efforts, security audits, vulnerability assessments, and penetration testing to proactively identify and mitigate security risks.
• Aligned cybersecurity initiatives with organizational objectives to ensure ongoing compliance with industry standards and regulations.
• Provided continuous guidance on complex information security challenges, maintaining high-quality service standards and promoting cybersecurity awareness.
• Directed data protection strategies, ensuring compliance with global privacy regulations and safeguarding sensitive information.
• Managed business continuity and disaster recovery plans to minimize disruptions during security breaches.
• Led and mentored a high-performing cybersecurity team, ensuring continuous professional development and expertise across the organization.

Advisory & Technology Due Diligence

- Provide strategic advisory and due diligence for the evaluation and implementation of emerging technologies, ensuring alignment with organizational objectives and risk posture.
- Oversee security and hosting requirements, ensuring full adherence to local and international data sovereignty laws and compliance standards.
- Collaborate with internal stakeholders and third-party providers to validate architecture, hosting models, and data residency practices against legal and regulatory requirements.

• Managed and led a team of cybersecurity professionals, providing guidance, mentorship, and fostering a culture of continuous improvement in project handling and execution, in collaboration with the HR team to oversee hiring, training, and the professional growth of employees to meet business needs.
• Enhanced and executed the overall cybersecurity strategy, aligning it with business objectives and industry best practices.
• Maintained and collaborated with national and international cybersecurity service providers to ensure up-to-date threat intelligence and best-in-class solutions.
• Utilized Agile management techniques to improve the development, implementation, and management of cybersecurity projects and overall security operations.
• Led tender assessments and managed vendor selection processes, engaging with both local and international vendors for cybersecurity services and solutions.
• Consistently met budget targets through responsible planning and resource allocation, ensuring cost-effective security operations.
• Enhanced and implemented an information security program, including developing and enforcing policies, standards, and procedures to safeguard critical business assets.
• Collaborated with senior leadership and key stakeholders to assess cyber risks, define risk tolerance, and prioritize security initiatives in line with organizational goals.

• Led risk assessments and vulnerability management teams, collaborating with third-party managed services providers to enhance security posture. Oversaw the implementation and maintenance of critical security controls, including firewalls, intrusion detection systems, and access management solutions. Managed incident response, ensuring prompt resolution and detailed documentation. Partnered cross-functionally to align security initiatives with business objectives, ensuring the integrity, confidentiality, and availability of data. Implemented data processing controls to ensure compliance with security standards. Spearheaded initiatives to improve monitoring, incident response, and security engineering practices, while supporting compliance with strategic security certifications. Authored and enforced cybersecurity policies and procedures to maintain regulatory compliance. Coordinated risk assessments at both the system and enterprise levels, leading remediation efforts and verifying IT security requirements for new systems and services.

• Experienced Cybersecurity Specialist with a proven track record in managing high-profile incidents, digital forensics, and security event analysis. Skilled in enhancing incident response operational impact, and advising regulatory bodies and leadership teams on strategic security solutions.
• Key Responsibilities & Achievements:
• Incident Management & Investigation: Investigated and responded to cybersecurity incidents, including malware infections, data breaches, and unauthorized access attempts, ensuring timely containment and mitigation of threats.
• Security Event Analysis: Utilized custom SIEM tools, log analysis, and packet capture analysis to conduct in-depth evaluations of security events and incidents, identifying root causes and implementing corrective actions.
• Cross-functional Collaboration: Partnered with cross-functional teams to contain, eradicate, and recover from security incidents, minimizing impact, downtime, and operational disruption.
• Incident Response Planning: Enhanced and continuously reevaluated incident response plans, ensuring clear roles, responsibilities, and communication channels for efficient incident handling.
• High-profile Incident Management: Acted as the primary point of contact for high-profile security incidents, managing resolution efforts to ensure swift recovery and minimal impact on business operations.
• Key Contributions:
• Committee Involvement: Played an active role in multiple working committees, including the Digital Forensics Lab Implementation Committee, where I contributed to the design, development, and operationalization of forensic capabilities within the organization.
• Regulatory & Policy Collaboration: Worked closely with regulatory bodies on digital forensics research and development frameworks, offering advisory support on cybersecurity policies and incident response strategies.
• Educational Advisory Role: Contributed as a member of the Education Advisory Committee, helping to shape and refine educational initiatives in cybersecurity, ensuring alignment with industry best practices and standards.

• As an IT Administrator at a small company, I managed and maintained the company's IT infrastructure, ensuring smooth day-to-day operations. I was responsible for troubleshooting technical issues, managing networks, and supporting both hardware and software systems. My role also involved setting up new systems, performing regular updates, and ensuring data security, all while ensuring minimal downtime and optimal performance across the organization.

• -To end-users, addressing basic hardware, software, and network-related issues promptly and effectively
• : Basic Troubleshoot and resolved hardware and software problems, including operating systems, applications, and peripheralen Assisted users in setting up and configuring computer systems, printers, scanners, and other IT equipment
• : Created and maintained documentation and knowledge base articles for frequently encountered issues and solutions.
• : Monitored computer system performance and intervened in identified problems.
• 9 Upgraded hardware promptly to misuse service disruptions. Investigated reports of system errors to try to reproduce problems and trace faults.
• : Performed recovery operations to restore