Hamad Alnuaimi

• Leadership and Management: Lead and manage the Cyber Security Operations Center (SOC) team, fostering a culture of collaboration, continuous improvement, and professional development while ensuring alignment with FANR and NESA standards for cybersecurity personnel qualifications and training
• Incident Response Oversight: Direct the organization’s incident response activities in compliance with IAEA and NEI guidelines, ensuring effective identification, containment, eradication, and recovery from security incidents while minimizing the impact on business operations and critical infrastructure
• Serve as the Incident Response Manager for the Cyber Security Incident Response Team (CSIRT), taking charge of coordinating and leading all cybersecurity incidents, including high-severity cyber attacks and advanced persistent threats (APTs)
• Threat Monitoring and Analysis: Oversee 24/7 security monitoring to detect and respond to potential security threats in real-time, utilizing advanced threat detection tools and methodologies for proactive threat identification
• Collaboration with Stakeholders: Work closely with IT, legal, compliance, and other departments to ensure a comprehensive approach to security, supporting alignment with organizational goals and regulatory compliance as specified by FANR and IAEA
• Incident Reporting and Documentation: Ensure thorough documentation and reporting of all incidents, including post-incident reviews and root cause analysis, following the protocols established by FANR to facilitate continuous improvement in security posture
• Threat Intelligence Integration: Establish and maintain threat intelligence capabilities to stay ahead of emerging threats and vulnerabilities, integrating insights into the SOC’s monitoring and response processes
• Budget and Resource Management: Manage the SOC budget effectively, ensuring resources are allocated to meet operational needs while evaluating new technologies and tools
• Performance Metrics and Reporting: Define and monitor key performance indicators (KPIs) for the SOC, regularly reporting on performance, incidents, and security posture to senior management and stakeholders
• Continuous Improvement: Stay current with industry trends, threats, and best practices, fostering a culture of continuous improvement within the SOC and adapting strategies to evolving cyber threats
• Crisis Management: Act as the primary point of contact during major security incidents, coordinating response efforts and communicating with executive leadership and external stakeholders as necessary, following the incident management guidelines established by FANR and NESA
• Initiated and led the organization’s threat hunting program, proactively identifying and mitigating hidden threats and vulnerabilities, including those from nation-state actors, across the organization
• Develop and maintain incident response plans, ensuring the CSIRT is well-prepared for any cybersecurity event and conducting regular incident response drills to ensure readiness
• Collaborate with executive leadership, legal, and compliance teams, providing real-time updates during incidents and post-incident reviews, ensuring proper communication with regulators and external stakeholders
• Manage the integration of security tools, such as SIEM, endpoint detection and response (EDR), and threat intelligence platforms, to improve detection capabilities and response times during incidents
• Lead post-incident reviews and prepare comprehensive reports for senior management, and other regulatory bodies, ensuring transparency and continuous improvement of incident handling processes

Achievements:

• Successfully identified and managed a sophisticated cyber attack attributed to a nation-state actor. Conducted in-depth malware analysis and reverse engineering to extract critical Indicators of Compromise (IOCs). Compiled and presented a comprehensive report to government officials, facilitating collaborative efforts to share findings with other government entities for enhanced national cybersecurity awareness
• Led a comprehensive transformation of the Security Operations Center (SOC) to significantly improve performance objectives, demonstrating strong leadership and effectively enhancing the overall security posture. This initiative resulted in increased operational efficiency, a more robust threat detection capability, and a measurable improvement in incident response times
• Effectively managed and resolved an insider threat incident, implementing immediate corrective actions that safeguarded the organization from potential data breaches and financial losses. This proactive response not only mitigated the risk but also reinforced the organization’s security protocols and awareness regarding insider threats.

• Acted as the lead for the organization’s Information Security Assurance program, developing and enforcing security policies, governance frameworks, and ensuring compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements (NESA, FANR)
• Managed and directed security assessments for all new projects, solutions, and technologies introduced to the organization, identifying potential security risks and recommending mitigations
• Led the Vulnerability Management Program, ensuring systematic identification, prioritization, and remediation of security vulnerabilities across the organization
• Delivered cybersecurity awareness training and phishing simulations to increase staff vigilance and reduce social engineering risks
• Collaborated with cross-functional teams including IT, legal, compliance, and senior leadership to ensure the successful integration of cybersecurity practices across the organization
• Led audits and ensured compliance with NESA, and other relevant regulatory frameworks, providing regular updates and reports to internal and external stakeholders
• Strategic Security Initiatives: Launched and oversaw the Data Loss Prevention (DLP) and SOC projects, significantly improving the organization’s ability to protect sensitive data and detect threats in real-time

Achievements:

• DLP Project Leadership: Successfully started and led the DLP project, which significantly improved the organization’s ability to monitor and protect sensitive data, reducing the risk of data breaches
• Phishing Awareness Success: The phishing simulation project led to a measurable improvement in employee awareness, with a significant reduction in successful phishing attempts over time.

• Performed vulnerability assessments on systems and applications, categorizing vulnerabilities by risk and severity, and governing the patching process to ensure timely mitigation
• Conducted in-depth security assessments for new technologies, applications, and systems, identifying vulnerabilities and recommending mitigations to enhance the organization’s security posture
• Managed incident response activities, coordinating with cross-functional teams to quickly identify, contain, and resolve security incidents while minimizing operational disruptions
• Developed and enforced security policies, procedures, and governance frameworks, ensuring alignment with regulatory compliance and industry best practices (e.g., ISO 27001, NIST)
• Oversaw the implementation of security technologies, including firewalls, intrusion detection systems (IDS), and SIEM platforms, to enhance threat detection and monitoring capabilities
• Collaborated with internal and external stakeholders, including IT, legal, and compliance teams, to ensure alignment of security practices with business and regulatory requirements
• Delivered security awareness programs across the organization, educating employees on best practices, common threats, and organizational policies to foster a security-conscious culture

Achievements:

• Vulnerability Management Excellence: Successfully identified and reported critical vulnerabilities across multiple systems, ensuring risk-based patching was conducted efficiently to minimize organizational exposure
• Security Awareness Impact: Delivered organization-wide security awareness training that improved staff compliance with security policies and increased overall cyber hygiene, reducing incidents of human error-related breaches.

• Conducted advanced research in the field of cryptography and hardware security, exploring emerging technologies, protocols, and vulnerabilities to enhance the organization’s cybersecurity capabilities
• Developed and implemented cryptographic algorithms (e.g., AES-256) and security protocols, ensuring robust encryption and secure communication for critical systems
• Leveraged an electronics engineering background to assess the security of new hardware devices introduced into the organization, performing in-depth hardware security assessments and reporting on potential vulnerabilities
• Participated in security conferences and workshops worldwide, gaining insights into industry trends, and contributing to the development of cutting-edge security practices
• Collaborated with cross-functional teams in R&D to assess and enhance hardware and software security across various platforms, providing expertise in secure system architecture design
• Conducted weekly research presentations and provided technical reports on cryptography and hardware security topics, contributing to the organization's overall knowledge base and innovation
• Acted as a subject matter expert in cryptographic standards and hardware security, providing consultancy and guidance on secure design practices for internal projects and external collaborations
• Provided training and workshops on cryptography and secure hardware practices for government entities and internal teams, enhancing the organization’s knowledge and compliance with security standards
• Assisted in the security evaluation and improvement of critical systems for the government and government entities

Achievements:

• Designed and implemented hardware-based security solutions, including the development of an Ethernet Hardware Encryptor using AES-256 encryption, designed in hardware description language and implemented on Integrated circuit platform.