Manage and streamline operations across multiple locations, sales channels, and employees to has improve efficiency and your bottom line.

Founder - GRC Drive

Mohammad Ali Shah

(GRCP, GRCA, CISSP, CISA, CISM,LA ISO 27001,PMP)
Founder & Chairman GRC Drive.

INFORMATION SECURITY MANAGEMENT & AUDITING

Experienced highly driven Senior Information Security Management professional with over 23 years of progressive experience in UAE and Saudi Arabia in information Security, Business Development, Project Management & Auditing. Seeking a challenging position at strategic level that will enable to capitalize the experience, vision and strategy to align the organization’s posture with business objectives.

KEY COMPETENCIES

  • GRC -Governance Risk & Compliance
  • ESG – Environmental, Social & Governance
  • Auditing
  • Information Security Management
  • Business Development
  • Project Management
  • Industrial Security
  • Cyber Security
  • Perimeter Security

EDUCATION & CERTIFICATIONS

Masters in Computer Science

CISSP – Certified information Sec. Sys. Professional

GRCP – Governance Risk & Compliance Professional

CISM –  Certified information Security Manager 

PMP –    Project Management Professional 

SECURITY + Certification

ITIL – Foundation certification

AUDITING

ISO 27001 : 2022 LA – Certified Lead Auditor

GRCA – Governance Risk & Compliance Auditor 

CISA –   Certified Information Security Auditor

CONSULTANCY AND AUDITING EXPERIENCE

•Providing the consultancy for Governance, Risk and Compliance challenges.

 •Security Gap assessment and strategy development to meet the objectives.

 •Design and implement risk-based audit and advisory work programs.

 •Preparation of security policies and providing the guidance for their implementation.   

 •Internal Audit to check the readiness for ISMS 27001 Standards. 

 •External Audit to check the effectiveness of controls as per ISMS 27001 Standards. 

 •Providing consultancy, to design the security solutions aligning with the local and international standards(NCA, SAMA, NIST, GDPR, PCI-DSS, HCIS 2017, ISO 31000 and ISO 27001 standards)

 •Experience of implementation of CCC Aramco Standards with different clients.    

 •Developing the cyber security awareness culture to improve the user behavior. 

 •Conducting Training programs to improve the security posture of the organization. 

 •Evaluating & analyzing security issues, recommending controls to mitigate the risks.

 •Experience with a wide array of security platforms, protocols, tools, and technologies.

 •Presentation skills with a high degree of comfort delivering presentations to both large and small audiences.

 •Experience as consultant and auditor in industrial control systems (ICS/ OT) security and HCIS 2017 – Higher Commission of Industrial security.

 •Security consulting experience across multiple client verticals, including Financial Services, Public Sector, Energy sector, industrial sector & Mining.

 •Experience and certified in GRC tools RSA ARCHER & SERVICE NOW.

Consultant
Financial Services
Seo Consulting

Team Contact

Contact Us

Related Team