Abdulrahman M.

Sabbagh
MSc. Specialization in Cyber Security
UAE Contact# +9715(0)-7731822, +9715(2)-6089495 E-mail caneec@gmail.com

Information Security / GRC / Business Resiliency / Cyber Incident Response /

Security Architecture Design / Industrial Cyber Security / Cyber Defense / Google
Cloud Architect

PROFESSIONAL SYNOPSIS
▪ Information and IT Security specialist with a passion and talent for aligning security architecture, plans, controls,
processes, policies and procedures with security standards and operational goals, Manage and lead security incident
response efforts
▪ Comprehensive understanding of security controls and solutions crosswise different layers, efficiently identify, research
and recommend controls, and mitigation plans Identity and access management
▪ Specialist in Information Security Frameworks (e.g. ISO 27001, ISO 22301, PCI DSS and Cyber Essentials)
▪ Abreast in Cyber security best practices within various technologies: Cloud, IoT, telecom, application security, network
security, data protection and privacy, NIST, CIS, NESA
▪ Served as incident commander for high severity response operations and act as the primary point of contact for presenting
executive communication.
▪ Orchestrated yearly integrated risk assessments based on enterprise risk taxonomy for Tier IV data center by analyzing
risk appetite; published business intelligence dashboards to senior executives on business process recovery strategies,
business continuity plans, emergency response with RTO summary, RPO for technology projecting effectiveness of controls,
residual risks, dependency information, CIA metrics, MTTR metrics, and financial metrics
▪ Provide architecture, technical design and advice to internal teams on how to securely develop and build applications and
supporting systems in both cloud and on-premises network ecosystems
▪ Leading the cyber defense team and SOC capabilities, and review alert closure notes by analyst and drive response quality.
Develop and improve processes & procedures for application security during development lifecycle and maintain standards
documentation as required.
▪ Develop, plan and deliver targeted data protection education campaigns for different cohorts of data controllers; prepare
and publish innovative data protection guidance
▪ Data protection and privacy, Network security, Encryption, Perimeter defense, Virtualization, end-point protection, Portable
devices security, Business continuity, IDS/IPS

DOMAIN VERTICALS & SKILLS SYNOPSIS

Business Continuity and Resiliency Governance, Risk & Compliance Internal Audit & Regulatory Compliance
BIA and Risk Assurance IT Controls assurance Shareholder & Regulatory Compliance
Business process models Cyber Security Incident Mgmt. ISO/IEC implementation & Certifications
IT Disaster recovery and planning Identity Access Governance System security assessments NIST 800-53
Workplace recovery and Distributed OPS Data privacy and protection Policy Programs Development
Emergency and Crisis Management Threat & Vulnerability Assessment Authoritative sources convergence
Integrated Incident Response Secure Operations Strategy and Performance Mgmt.
Role based policy training simulations Minimum security baseline Industry benchmarking
RSA Archer Solution design & develop Develop & Maintain IS Strategies Cyber Forensics Investigation & Analysis

PROFESSIONAL TRAINING AND CERTIFICATES

Certified Lead Implementer, Auditor – Certified Information Systems Certified Information Systems Auditor (CISA)
ISO 27001, NCEMA, SIA and ADHICS Security Professional (CISSP)
ITIL Expert Certified Ethical Hacking (CEH) Certified Cloud Security Professional (CCSP)
Certified Lead Implementer – ISO 22301 Certified GRC Professional by RSA Certified Cyber Forensics Professional (CCFP)
Associate, Routing & Switching (CCNA) Routing & Switching (CCNP R&S) Certified Information Security Manager (CISM)

TECHNICAL SKILLS
Security attack pathologies Risk analysis and mitigation Cloud and Security Analysis
Identify strengths and weaknesses of IT Create, Modify, and Update Security Experience with hacking and anti-
systems Information Event Management (SIEM) hacking software.
Tools
Linux Experience (Kali, Ubuntu) Firewalls, DNS, IP addressing, SSL/TLS Tomcat, PostgreSQL, SAML, IMAP,
PowerShell, Python and certificates LDAP, Active Directory, SSO,
Wireshark and TCPDUMP
Develop, maintain and brief network Cryptography, PKI, IPS and SSL Big Data Analysis
maps and link diagrams
Conducting & managing technical Wireless Technologies WEP, WPA2/3 Intelligence Information Gathering
validation events (POC)
Metasploit, Nmap, Nessus, Burpsuite Networking protocols, MiTM, ARP Cross site Scripting (XSS), Privilege
spoofing Escalation

1
 EDUCATIONAL QUALIFICATION
2017
MSc. Specialization in Cyber Security, Zayed University, United Arab Emirates
2013 Bachelor of Networks & Communications Engineering, Al Ain University of Science & Technology - UAE
2009 General Secondary Certificate, Islamic Institute, High School, UAE

ORGANIZATIONAL EXPERIENCE (Current)

Tasneef Business Assurance, Abu Dhabi, U.A. E since October’2020

Information Security and Cybersecurity Lead Auditor

Highlights
▪ Provide independent, objective assessment to evaluate whether client’s management systems comply with ADHICS or
ISO27001 Standards.
While on audits; assess client controls, identify control weaknesses and areas for process improvements.
Provide detailed assessment reports following each client audit.
Report all audit findings to the clients’ management team and ensure that corrective action plans are implemented
accordingly.
Follow up on clients’ technical requests in a timely manner as per the established process.
Responsible for diary management and administration duties associated with allocated tasks.
▪ Manage information security compliance according to information security standards based on Statement of Applicability
for the enterprise.
▪ Responsible for periodic, timely review and analysis of security systems and sub-systems to determine compliance with
defined policies, processes, procedures with alignment to ISO 27001 standard.
▪ Maintain and protect the confidentiality, integrity, and availability (CIA) quotient by evaluating people, process, tools,
and technologies.
▪ Conducts risk assessments and gap assessment to identify security posture and maintain evidences of compliance.
▪ Review technical documents, proposals, and other materials for accuracy, consistency, and quality control, utilizing
state-of-the-art technology in comparison to information security controls.
▪ Provides input during the design, configuration, development, and implementation of information security architecture.
▪ Contributes in maintaining and updating consolidated compliance catalogue for all applicable standards and frameworks
like ISO and local regulations like ADHICS, SIA, ADSIC and NCEMA.
▪ Perform periodic business users and privilege users access reviews as per policy requirements
▪ Successfully manage the yearly certification and surveillance audits by training all the Business units as part of audit
readiness and evidences management
▪ Work with the business stakeholders to close the internal and external audit & security testing findings.

ORGANIZATIONAL EXPERIENCE
Injazat Data Systems, Abu Dhabi, U.A. E since December’14

Sr. Information Security and Business Continuity Specialist

Highlights
▪ Provide strategic direction for incident remediation, and security enhancement to improve detection and prevention of
future attack
▪ End to end implementation of large-scale integrated management systems, led the organization for successful compliance
programs and ISO certifications for authoritative sources such as ISO 27001, ISO 22301, ISO 20000, ISO 9001 in
alignment with local and regulatory requirements like ISR, NCEMA, ADSIC, NESA, NIAF, CIIP, HIPAA, SSAE 16 standard
etc.,
▪ Enable business with development of Cloud security framework and policies for risk assessment of managed services -
IaaS, PaaS and SaaS.
▪ Create end-to-end security solutions involving a mix of technical and organizational requirements and trend cyber defense
controls
▪ As a Management Representative, certified and maintained large scale for enterprise wide ISO programs for Business
Continuity, Information Security
▪ Maintain risk reports for all business units, and Top risks tax anomy report for Senior Management.
▪ Provide executive management with the necessary information to make informed decisions about investment in
information security and business continuity aligned with organizational goals and objectives
▪ Implemented mass mailer notification communication systems for crisis management and automated large-scale call tree
testing on an enterprise level covering critical recovery support teams during planned DR drills as part of testing and
exercising campaigns
▪ Research, evaluate and drive next-generation security technologies and concepts to keep security ahead of the curve
▪ Design, implement, train, and exercise Business resiliency and Disaster recovery with detailed business continuity plans
supported by testing schedules for business and service continuity of all the business processes with integrated risk
management framework and impact ratings

2
 ▪ Established, managed and evolved an integrated incident management procedure for cyber security, information security,
business continuity and service management ensuring the monitoring enablement with enterprise SIEM tools to protect
CIA
▪ Automate Information governance with data classification based on sensitivity, persistent protection and leakage
prevention on all the critical data sources in the enterprise integrated with authentication controls
▪ Prevent inadvertent data loss by establishing Data privacy and protection controls for personally identified information and
critical data sources linked with cryptographic controls
▪ Manage Security enhancement projects for operations by establishing controls like segregated environments, network
access controls, privileged administration management, multi factor authentication, end point encryption and protection
▪ Manage governance for identity and data access thereby establishing role-based access controls, risk-based entitlement
provisioning, automated access certifications and reviews per regulatory compliance requirements

Key Knowledge Areas in GRC, Information Security, Risk Assurance and Security Architect:

▪ Manage changes and update key documentation, document cross functional processes and workflow processes
▪ Review technical and solution design documents and turn them into efficient technical design and scope documents
▪ Knowledge on some emerging ICS Security products such as Nozomi, CyberX, Verve, Indegy, Claroty, and/or Check Point
Software
▪ Implement Identity and access governance solution to initiate certifications for user access reviews, maintain separation
of duties, audit traceability for identity registration and de-registration in an organization.
▪ Review and baseline security architecture based on vulnerability assessment and penetration testing results for the entire
infrastructure
▪ Risk assess new systems development and acquisitions by evaluating proposed architectures, reviewing integration points
for existing controls and operational systems, performing business impact analysis, securing remote connectivity with
authentication and cryptographic requirements.
▪ Orchestrate a major security control baseline program for information systems identifying estimated threat coverage and
baselined the security posture of the organization by integrating the MSBs into vulnerability assessments before operational
readiness of critical systems

Key Knowledge Areas in Digital Forensics and Threat Intelligence

▪ Collecting information and conducting technical analysis to develop intelligence for the enterprises.
▪ Maintain awareness of the global threat landscape and review complex, technical threat data, enrich it with contextual
information, and produce finished intelligence for key stakeholder consumption
▪ Identification, analysis, processing, and distribution of finished intelligence.
▪ Provide intelligence to assist in decision making and actively thwart emergent and current threats targeting our customers
such as (intelligence gathering; processing incoming information, reports, and messages; determining the significance and
reliability of incoming information).
▪ Determining the significance and reliability of incoming information
▪ Identifying and investigating new vulnerabilities and translating that analysis into actionable intelligence; preparing all-
source intelligence products.
▪ Secure a system or device so it can't be tampered with
▪ Use a range of forensic tools and software to extract and analyze data
▪ Deal with highly sensitive or confidential data or images, depending on the type of case you’re investigating
▪ Recover damaged, deleted, or access hidden, protected, or encrypted files.
▪ Examine data from mobile phones and satellite navigation systems to trace people or places.
▪ Follow electronic data trails to reveal links or communication between individual or groups.
▪ Working within teams of investigators on large scale, diverse and complex investigations.
▪ First Responder Training and Incident Response Playbook Design, Assessment & Review
▪ Tactical Threat Monitoring, Threat Hunting, Incident Response Management
▪ Incident Response, digital Forensics (Log, host, memory, network, and traffic) and Threat Intelligence researcher

BENCHMARKING AND ASSURANCE EXPERTISE

Risk Assurance and attestation standards SSAE 16 SOC 1, SOC 2 Type II

Infrastructure hardening controls CIS minimum security baseline
Web Applications Security assessment OWASP
Enterprise Security Architecture SABSA assurance framework
Ethical Hacking and Penetration Testing C|EH and OCSP
Governance, Risk and Compliance OCEG body of knowledge
Cloud Security Certificate of Cloud Security Knowledge (CSSK)
UAE regulatory standards and frameworks NIAF, CIIP, NESA, NCEMA, ADSIC, ISR, Data Management
ISO/IEC international standards and guidance 27001, 20000, 22301, 31000
Healthcare HIPAA
Incident Handler (GCIH), Defensible Security Architecture,
Cyber Defense and Security Architecture
Defending Advanced Threats

3
 Tools Automation Expertise

Digital Transformation of Business Continuity and

RSA Archer (Business Resiliency and IT DR modules)
Disaster Recovery
RSA Archer (eGRC) requirements, design and implementation
Governance, Risk and Compliance
Automated Disaster recovery and failover testing EMC RecoverPoint, VMWare Site Recovery Manager
Identity Governance and Secure Access Governance SailPoint Identity IQ, Security IQ
Privileged Access Management ARCON, Beyond Trust Powerbroker, CyberArk
Automated Information classification and protection MS-Azure, MS-IRM, MS-Azure Information Protection (AIP)
Network Controls Governance Cisco NAM ISE
Security Incident Event Mgmt. HP ArcSight
Vulnerability Management Outpost 24
Active Directory Auditing Netwrix AD auditing
App Virtualization and VDI (FIPS compliant) Citrix XenApp and XenDesktop and VMWare Horizon
Data Protection and deduplication Commvault
Data and Device Encryption MS-MBAM Bitlocker and McAfee EPO
Automated data retention and secure email archival Veritas DLO and Enterprise Vault as per GDPR regulations
Secure File Sharing Solution Citrix Enterprise File Sync and Share (ShareFile)
Enterprise Mobility Management JAMF for MDM of MAC endpoints with Windows integration
Data Protection and Leakage Prevention McAfee DLP (removable media), MS- EMS Cloud Security App
Secure Authentication MS-Azure Multi factor authentication with VPN integration
PRIOR EXPERIENCE CHRONOLOGY
Company Name Designation Timeline
Injazat Data Systems, U.A. E Sr. Security Operation Professional Dec’14 – Oct’2020

Al Ain Airport, U.A. E Security Operation Analyst Dec’13 – Dec’14

Al Resalah Transport Est, U.A. E IT Operation Officer Aug’09 – Dec’14

CYBER SECURITY RESEARCHES

▪ Zero Day Attack on the Security Infrastructure
▪ Monitor and Analysis of DNS Record to Detect Malware
▪ Android Cloud Applications Analysis: Snapchat Forensics
▪ A Survey of Malware Analysis for Detecting Cyber-Threats
▪ Linux Performance Analysis Using OProfile
▪ Forensic Image for detect Anti-Forensic Techniques
▪ SQL Injection: Server-Side Prevention
▪ Virtual Desktop Infrastructure Forensics and Threats Detection

Personal Information
Place & Date of birth 31st of March 1991, United Arab Emirates
Gender Male
Nationality Syria
Marital Status Married
Visa Status Resident Visa
Driving License United Arab Emirates
Languages Arabic & English