About
Highly accomplished GRC Senior Manager with 8+ years of expertise in leading strategic risk assurance functions, establishing robust Enterprise Risk Management (ERM) and Technology Risk Management (TRM) frameworks across diverse markets. Proven ability to drive GRC maturity, implement automation initiatives, and strengthen internal controls to ensure regulatory compliance and enhance operational resilience for global organizations.
Work
Dubai, Dubai, United Arab Emirates
→
Summary
Currently driving strategic transformation of the Risk & Control function across 8 markets, focusing on GRC maturity, innovation, and regulatory alignment.
Highlights
Spearheaded the advancement of the SCA and COSO compliance roadmap, integrating risk-based decision-making into core business strategy to enhance GRC maturity across 8 markets.
Enhanced Enterprise Risk Management (ERM) and Technology Risk Management (TRM) frameworks, strengthening Internal Controls across key processes including L2C, S2P, ITGC, FSCP, Treasury, and ITAC.
Led complex, cross-functional risk assessments, embedding proactive risk mitigation measures into core business operations to fortify enterprise-wide risk oversight.
Scaled automation initiatives and refined risk monitoring tools, improving operational efficiency and developing an internal LMS for compliance and ethics training.
Oversaw high-impact special projects as Strategic PMO Lead, ensuring risk mitigation aligned with business growth and operational resilience objectives.
Dubai, Dubai, United Arab Emirates
→
Summary
Built and structured the Risk & Control function from the ground up, establishing GRC foundations across 8 markets in alignment with SCA and COSO standards.
Highlights
Established core GRC activities, including comprehensive ERM, TRM, and Internal Control frameworks, setting the foundation for risk management across 8 markets.
Led PMO-driven special projects to proactively address emerging risks and critical business challenges, enhancing organizational resilience.
Introduced and implemented in-house risk management tools, including automated follow-ups and an AML & Sanctions risk scoring system, significantly improving oversight.
Developed and successfully launched an internal Learning Management System (LMS) to enhance compliance and ethics training for widespread adoption.
Optimized resource allocation and team management, leading to improved risk oversight mechanisms and operational efficiencies.
Kuwait City, Al Asimah, Kuwait
→
Summary
Provided expert consulting services, focusing on process optimization, IT/IS policy development, and conducting internal/external audits for diverse clients.
Highlights
Documented As-Is processes, performed detailed gap analyses, and developed To-Be processes, enhancing operational efficiency and compliance for clients.
Developed comprehensive IT/IS policies, procedures, and Job Descriptions (JDs) to strengthen governance frameworks for client organizations.
Executed IT Internal and External Audits, including rigorous testing of Applications and IT General Controls (ITGC) & IT Application Controls (ITAC).
Designed and developed IT audit programs aligned with industry standards and best practices, including COBIT, ITIL, ISO 27001, and ISO 22301.
Prepared tailored proposals for clients across various business areas, including HR, Admin, and Legal Audits, demonstrating broad consulting expertise.
Dubai, Dubai, United Arab Emirates
→
Summary
Performed comprehensive risk assessments and internal control evaluations, identifying and mitigating risks to ensure robust compliance.
Highlights
Conducted regular risk assessments and internal control evaluations, documenting findings and recommending improvements that mitigated identified risks.
Executed risk assurance activities across 8 markets under the GRC framework, ensuring compliance with internal control standards for L2C, S2P, ITGC, FSCP, Treasury ITGC, ITAC, and ITRM.
Managed multiple special projects by monitoring progress and coordinating with stakeholders, ensuring project deliverables effectively addressed business risks identified in workshops and assessments.
Kuwait City, Al Asimah, Kuwait
→
Summary
Led IT Internal and External Audits for key clients in diverse sectors including finance, hospitality, and real estate, ensuring compliance and risk mitigation.
Highlights
Led IT Internal and External Audits for a portfolio of key clients, including Boursa, major hotels, insurance, brokerage, investment, and real estate companies.
Conducted kick-off and closing meetings with clients, ensuring clear communication and alignment throughout the audit lifecycle.
Performed rigorous testing of Applications and IT General Controls (ITGC) & IT Application Controls (ITAC) to identify control deficiencies.
Developed IT audit programs in line with industry standards and best practices, including COBIT, ITIL, ISO 27001, and ISO 22301.
Executed Vulnerability Assessments and participated in Penetration Testing engagements, strengthening client cybersecurity postures.
Kuwait City, Al Asimah, Kuwait
→
Summary
Conducted IT Internal and External Audits, reviewed IT/IS Policies, and participated in Internal Control Reviews across multiple countries and financial institutions.
Highlights
Performed IT Internal and External Audits, contributing to comprehensive risk assessments and compliance reviews for various clients.
Reviewed IT and IS Policies, analyzing gaps based on ISO27001 and PCI-DSS, and recommending best practices for enhanced security postures.
Participated in Internal Control Reviews (ICR) across Kuwait, Bahrain, KSA, and Malaysia, including 3 major banks and their subsidiaries.
Contributed to the development of IT and Information Security Policies and Procedures, aligning them with COBIT, ITIL, and ISO27001 best practices.
Conducted interviews and documented As-Is processes, actively participating in BCM gap analysis and maturity assessments to support client resilience strategies.
Languages
English
Arabic
Certificates
Skills
Governance, Risk, and Compliance (GRC)
Enterprise Risk Management (ERM), Technology Risk Management (TRM), Internal Controls, IT General Controls (ITGC), IT Application Controls (ITAC), Regulatory Compliance, Risk Mitigation, GRC Maturity, COSO, SCA, OCEG.
Risk Management
Risk Assessments, Risk Monitoring, Risk Oversight, Emerging Risks, AML & Sanctions Risk Scoring, Operational Resilience, Business Continuity Management (BCM).
Audit & Assurance
IT Internal Audit, IT External Audit, IT Audit Programs, Control Evaluations, Gap Analysis, Vulnerability Assessment, Penetration Testing, CISA, CRISC, GRCAuditor.
Frameworks & Standards
COBIT 2019, ITIL, ISO 27001, ISO 22301, PCI-DSS, CSX Cybersecurity Fundamentals.
Process Improvement & Efficiency
Process Excellence, Automation Initiatives, Operational Efficiency, PMO Leadership, Policy Development, Procedure Development.
Leadership & Management
Strategic Leadership, Team Management, Resource Optimization, Stakeholder Management, Cross-functional Collaboration, Project Management.
Training & Development
Compliance Training, Ethics Training, Learning Management System (LMS) Development.