Professional Documents
Culture Documents
PROFESSIONAL SUMMARY:
Highly motivated and results-oriented IAM Specialist with 23+ years of experience securing and streamlining
access for leading energy companies in Saudi Arabia, GCC, and Africa. Proven track record of delivering
impactful IAM/PAM solutions, reducing security risks by 30%, improving efficiency by 25%, and achieving
99.95% uptime. Possesses deep expertise in global deployments, industry regulations, and collaborating with
diverse stakeholders. Passionate about continuous learning and staying current with the latest IAM trends and
technologies. Eager to leverage expertise to ensure secure access and contribute to TAQA's success.
QUANTIFIABLE ACHIEVEMENTS:
Reduced access control violations by 30% for a major Saudi Arabian utility company through
comprehensive IAM implementation.
Implemented MFA, reducing password-related helpdesk tickets by 40% for a Qatari oil & gas giant,
enhancing security and user experience.
Automated 75% of user provisioning tasks, saving 2,000+ hours annually for a GCC water & power
company, boosting efficiency and cost savings.
Achieved 99.95% uptime for IAM services for an African mining company, minimizing downtime risk
and ensuring business continuity.
Mentored junior team members, fostering knowledge sharing and contributing to a 12% increase in
team productivity.
IAM/PAM Tools: Microsoft Azure AD, Azure Active Directory Premium, Azure Information Protection,
Microsoft Defender for Identity, Okta, Ping Identity, SailPoint, CyberArk, RSA SecurID, Duo Security
Cloud IAM: Azure IAM, AWS IAM, Google Cloud IAM
Identity Governance & Administration: Microsoft Identity Manager, Active Directory Federation
Services (ADFS), Azure Active Directory B2B Collaboration
Access Control: Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), Multi-Factor
Authentication (MFA)
Security Protocols & Standards: LDAP, SAML, OAuth, OpenID Connect (OIDC), NIST Cybersecurity
Framework (CSF), CIS Controls, ISO 27001
Designed and deployed a role-based access control system using SailPoint for a critical
infrastructure project, enhancing data security and compliance.
Automated 80% of user provisioning tasks using Microsoft Identity Manager, increasing
efficiency by 25%.
Mentored junior team members, fostering knowledge sharing and contributing to a 10%
increase in team productivity
Designed and configured identity governance policies, access controls, and role definitions to enforce
security best practices and regulatory compliance.
Collaborated with cross-functional teams to define user access requirements and streamline access
request and approval processes.
Conducted user access reviews and audits to ensure adherence to security policies and mitigate risks
associated with inappropriate access.
Provided training and guidance to internal stakeholders on IAM/PAM functionalities, best practices,
and troubleshooting techniques.
2010 TO 2017- SR. SECURITY CONSULTANT & CORPORATE TRAINER, INDIAN CONSULTANCY SERVICES.
(MIDDLE EAST& AFRICA).
Spearheading the implementation of Secure Access Service Edge (SASE) framework and Secure Service
Edge (SSE) initiatives.
Orchestrating the deployment of Zero-trust Network Access (ZTNA) solutions, including Zscaler ZIA and
ZPA cloud-based platforms.
Configuring and managing connectivity from Data Centers/Branches to Zscaler Points of Presence
(POP).
Developing and implementing robust security policies for ZIA, ZPA, Data Loss Prevention (DLP),
Sandboxing, and Advanced Threat Prevention (ATP).
Leading the integration of Zscaler with Identity Providers (idP), Active Directory (AD), and Security
Information and Event Management (SIEM) systems.
Expertly configuring cloud-based Zscaler platforms, building ZIA & ZPA policies, and implementing
Device Posture Assessment Policies.
Ensuring secure onboarding of applications and users while publishing Internet applications seamlessly.
2008-2010 –DGM-SR. SECURITY SOLUTION ARCHITECT, BHARTI AIRTEL ENTERPRISE SERVICES LTD.
Travelled to Saudi Arabia, Oman, Malaysia, Singapore, Qatar, UAE, Nepal, Mongolia, China, Africa/Sudan, and Earned certifications
CISA, CIA, CISM, CHFI, CEH, ISO-22301, ISO-27001, COBIT, SABSA, TOGAF, ITIL, CCNP, MCSE, Sun Solaris and Symantec Veritas
Architected and implemented a cloud-based CISO SASE solution using Zscaler ZIA and ZPA for 10,000+
users, resulting in a 35% reduction in security incidents and streamlining remote access for 80% of the
workforce.
Designed and built 15 secure network tunnels between DC/Branch to Zscaler POPs, boosting
performance by 15% and reducing response times by 10%.
Configured and managed ZIA and ZPA policies, including DLP rules that prevented 200+ data
exfiltration attempts, and ATP policies that blocked 500+ malware infections.
Integrated Zscaler with Okta/AD/Splunk, achieving single sign-on for 95% of users and enhancing
security data correlation by 30%.
Led vulnerability assessments and penetration tests, identifying 45 critical vulnerabilities and mitigating
them within 30 days.
Mentored 5 junior engineers, increasing their security knowledge and contributing to a 10% team
productivity gain.
Participated in the collection and analysis of existing business and technical requirements to develop Enterprise-
wide Identity and Access Management (IAM) processes and procedures.
Working with internal teams to integrate applications and design/implement workflows.
Develop processes and automation for ongoing audits and reconciliations.
Maintenance of IAM security infrastructure.
Managed "End-user" access (application-level accounts) and "privileged access" (system/elevated-level
accounts) given to individuals who are directly responsible for system management and/or systems security, and
must have elevated or "special" permissions in order to perform their job function (most commonly IT
resources).
Identified opportunities to automate and partner with internal teams to meet those needs.
Built out of the IAM infrastructure and supporting processes.
Worked with HR, IT and other teams to ensure that IAM processes are integrated with other business processes.
Collaborated with other security professionals to identity and mitigate risks associated with access rights.
Assisted in troubleshooting and problem resolution.
Participated in development and maintenance of IAM workflows that manage provisioning of resource
entitlements to end users using AD IAM for centralized access
Workflow documentation and knowledge transfer as needed per provisioned resource in coordination with the
IAM Business Analyst
2006 TO 2008-SR. CONSULTANT (SECURITY/BCP) MOHSIN HAIDER DARWISH LLC, SULTANATE OF OMAN.
On a daily basis, responsible for the provisioning of all onboarding/off boarding requests and implementation of
new user requests utilizing Active Directory and other product lines
also coordinated with customers, vendors, and internal departments to manage requests and projects
accordingly
Oversaw technical configurations of multiple identity and access management solutions and processes –
predominantly Netegrity's SiteMinder (now CA Single Sign-On), IBM Tivoli Access Manager, and Oracle Access
Manager, Active Directory and Ping Identity and CA Federation Manager (formerly Netegrity Siteminder
Federation).
Primary responsibility for the creation and optimization of onboarding and offboarding as well as other relevant
IAM scripting
Mentoring and ensuring team members receive required approvals are obtained prior to granting user access to
requested resources
Participated in defining and implementing overall access and authorizations, security strategy, policies, and
procedures
Assisted in the creation of IAM architectures
Developed policies and procedures for provisioning new user accounts and resolving permission-related issues
Travelled to Saudi Arabia, Oman, Malaysia, Singapore, Qatar, UAE, Nepal, Mongolia, China, Africa/Sudan, and Earned certifications
CISA, CIA, CISM, CHFI, CEH, ISO-22301, ISO-27001, COBIT, SABSA, TOGAF, ITIL, CCNP, MCSE, Sun Solaris and Symantec Veritas
Performed regular account audits and provide permission reporting in response to audit requests
Worked with department leaders to understand business requirements, information technology standards,
information security policies, and other considerations that influence how identity and access solutions and
services should perform and operate using a risk-based approach
Ensured identity and access services perform according to defined processes and comply with applicable
information security requirements
Performed other duties as assigned
EDUCATION &TRAINING
MASTER OF SCIENCE - INFORMATION TECHNOLOGY.
BACHELOR OF SCIENCE - INFORMATION TECHNOLOGY.
MASTER LEVEL STUDIES ON “RISK MANAGEMENT” FROM OXFORD UNIVERSITY
MASTER LEVEL STUDIES ON “STRATEGIC MANAGEMENT” FROM IIM BANAGALORE.
CERTIFICATION& TRAINING
TOGAF 9.2 Certified Enterprise Architect.
Information Security Management System (ISMS) (ISO 17799 - BS7799 - ISO 27001)
Travelled to Saudi Arabia, Oman, Malaysia, Singapore, Qatar, UAE, Nepal, Mongolia, China, Africa/Sudan, and Earned certifications
CISA, CIA, CISM, CHFI, CEH, ISO-22301, ISO-27001, COBIT, SABSA, TOGAF, ITIL, CCNP, MCSE, Sun Solaris and Symantec Veritas