- Job title of nominated professional: Information Security Assurance VP
- Company (where nominated professional or team is working): National Commercial Bank
- Company size (employees): 5,000 to 9,999
- Country: Saudi Arabia
- Headquarters Region: Middle East
In 3 bullets, summarize why this professional or team deserves recognition:
• He drive the improvement efforts of the Information Security Assurance function and deliver the required Vulnerability Scans, Penetration testing and Security Project Reviews and Configuration Review to ensure compliance information security policies and standards
• He establish and maintain the related policies, procedure and framework documents for the assigned testing activities
• He Manage PCI Program and ensure all activities are followed on agreed target dates and deliverables to ensure compliance with SAMA requirements
In less than 300 words, summarize the achievements of the professional or team in the nominated category
Majed AL Ali is an information security Assurance Manager with more than 13 years’ experience in baking environment ,Managing and delivering various information security assurance activities that include technical security assessments of applications and infrastructure to ensure confidentialities, integrity and availabilities of the bank assets.. He attended and be certified in various courses such as PCIP, CPTE, CIHE, ITIL, ITBMC, CHFI,CISSP.
Three year ago, He joined National Commercial Bank as information security assurance manager to build the security assurance functions. He started building the functions with a lot of challenges such as limited resources and budget. He started knowing the strength and weakness within the sections. then, He drive the improvement efforts of the Information Security Assurance function by established all required policy and, process , procedure and framework to be able to deliver the required Vulnerability Assessment, Penetration testing and Security Project Reviews. Then , After utilizing the resources he able to handle different type of assurance activity. then, he promoted to managing the PCI compliance program to ensure all activities are followed on agreed target dates and deliverables to ensure compliance with Central bank requirements. Also, He started expand the resource capability to manage source code review and configuration Review to ensure compliance information security policies and standards. Moreover, He had successfully deployed and started using Penetration testing ,source code and configuration review tools and solution.
Besides the ongoing battle to protect NCB sensitive information & critical assets,He had established Information Security Assurance Advisory which is a proactive approach that will protect NCB from coming advanced threats targeting our Bank. It’s cover security risks for NCB networks/ Platform, and it’s should help NCB to achieve proactive situational awareness.