Description

I help organizations across the Middle East and Europe navigate cybersecurity compliance and regulatory complexity with clarity and confidence. With 20 years of experience, I’ve delivered high-impact frameworks and advisory across sectors like finance, oil & gas, healthcare, aviation, and cloud. I specialize in ISO 27001, NIST CSF, and sovereign cloud compliance, and have led initiatives that unlocked multi-billion AED markets while reducing audit risks and improving operational readiness. Whether you need a security audit, regulatory gap assessment, or help preparing for ISO certification, I bring the insight and strategy needed to move fast and stay compliant. Let's simplify your security roadmap.

Languages

English
Native or bilingual
French
Native or bilingual
Arabic
Fluent

Workplace preferences

Can work on-site

Dubai City (up to 50km), Abu Dhabi (up to 50km)

Amazon Web Services
Security Regulatory Program Lead
October 2019 - May 2025 (5 years and 7 months)
Dubai - United Arab Emirates
• Managed 2 Senior Consultants, focusing on scaled projects, including the digital sovereignty strategy, reporting to the Senior Manager for MEA.
• Oversaw a 550K AED annual budget for customer training initiatives, logistics, translation, and external consulting needs.
• Launched a security-compliant cloud region, securing licensing from government authorities and unlocking 9.2B AED TAM with a 38M AED YoY revenue growth.
• Conducted over 70 interviews, handled training/upskilling, and performed performance evaluations for the team.
• Represented the security assurance voice and strategy in MENAT, ensuring compliance with international and local cybersecurity and data privacy standards/regulations.
• Secured agreements with the UAE federal government, unlocking a 2.2B AED total addressable sector for AWS.
• Reduced MENA cloud alliance memberships by 110K AED YoY through relationship building and negotiations.
• Led the adoption of the AWS Global Cyber Security Program in 5 MENA countries, establishing partnerships with national cybersecurity authorities.
• Designed a compliance-at-launch strategy, now a reusable framework for future region launches, reducing go-to-market time by 20%.
• Facilitated security symposiums, regulatory roundtables, and compliance briefings in collaboration with key cybersecurity regulators to improve cyber awareness.
• Designed and delivered customer training programs for 1,000+ government participants, improving cybersecurity capabilities across the region.
• Built strong relationships with CISOs across the target market, providing strategic guidance and nurturing long-term partnerships.
• Advocated for regulatory changes internally, collaborating across teams to address regional challenges and support business growth.
Freelance
Independent Consultant / Fractional CISO
DIGITAL AND IT
May 2025 - Today (1 year and 1 month)
Dubai City, United Arab Emirates
• Fractional CISO/GRC for SMEs and scale-ups; deliver ISO 27001 gap assessments, SoA, risk registers, risk treatment plans, and audit readiness packages.
• Build regulator-aligned control baselines and roadmaps for GCC clients (UAE, KSA, Qatar, Bahrain) covering cloud, data privacy, logging/SIEM, and incident response.
• Stand up lightweight governance for data, cloud, and AI use (classification, retention, model/use-policy, oversight cadence).
• Support proposals and SoWs for 3–12 month fixed-term engagements; available for onsite work across GCC.
Ibm
Principal Cybersecurity Consultant
September 2015 - October 2019 (4 years and 1 month)
Dubai - United Arab Emirates
• Managed a team of 20 consultants, overseeing hiring, training, performance evaluations, and project allocation, reporting to the Associate Partner for Security Services.
• Oversaw a 185K AED annual budget, prioritizing training and upskilling to improve team capabilities and delivery outcomes.
• Developed and served as the global focal point for a Managed Security Awareness Service (MSAS), building partnerships with a third-party platform provider (Wombat).
• Delivered the Emirates Airline MSAS implementation for 80,000 employees, increasing engagement by 50% and saving 735K AED in risk mitigation costs annually.
• Generated 1.85M AED revenue in the first year of MSAS deployment, with continued annual revenue of 1.85M AED from adoption by organizations in the Middle East.
• Improved team productivity by 20%, indirectly contributing to 550K AED in annual efficiency savings through optimized processes and resource management.
• Instituted a standardized training and upskilling program, reducing onboarding time by 25% and optimizing project delivery for the India-based team.
• Designed a cybersecurity risk management framework for a major telecommunications organization in UAE, improving threat response capabilities.
• Created cybersecurity strategies for industries across the UAE and KSA, ensuring protection against cyber threats and vulnerabilities.
• Developed a cybersecurity governance framework for a leading energy organization in the GCC, ensuring compliance with industry regulations and security practices.