You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Iqbal MohammedIM

Iqbal Mohammed

Cybersecurity Manager

€347/day
Riyadh, SA
15+ years
Cybersecurity Strategy & Governance ,
Cybersecurity Risk Assessment
Cybersecurity Compliance Assessment
Cyber/Information Security Consulting
Cyber and IT Audits

Average response time: 1 hour

About Iqbal

Iqbal has over 18+ years of experience in Information and Cybersecurity, supported by a Master’s degree in Computer Science. He is currently a Cybersecurity Manager at KPMG, K.S.A, specializing in Cyber Strategy & Governance. His expertise includes establishing cybersecurity and ISMS programs, developing governance frameworks, conducting compliance and maturity assessments, risk assessments, IT audits, IT business continuity and project management.
His professional journey spans diverse roles at KPMG, AESSCO, Alfanar, and Almarai in Saudi Arabia, where he managed and supported Cybersecurity programs across ministries, banking, finance, healthcare, real-estate, automobiles, education, manufacturing, FMCG, and IT services. This experience has enabled him to hone his skills across the full spectrum of information and cybersecurity domains. He is an articulate communicator with strong analytical, interpersonal, motivational, and problem-solving skills.

  • English

    Native or bilingual

  • Hindi

    Fluent

  • Telugu

    Fluent

  • Arabic

    Basic

Can work on-site
Riyadh (up to 50km)

Experience

  • KPMG Company, KSA
    Manager, Cybersecurity
    January 2022 - Today (4 years and 5 months)
    Riyadh, Saudi Arabia
    Seasoned Cybersecurity and IT Audit professional with over 15 years of experience delivering high-value consulting and risk management projects across multiple sectors. Successfully developed and delivered over 20 RFP proposals, each valued above $3M, securing projects worth $2M (FY23–25). Proven expertise in cybersecurity governance, GRC, and compliance frameworks including SAMA CSF, NCA, NIST, ISO 27001, and TISAX.

    Led development and implementation of cybersecurity strategies, Target Operating Models, and ISMS programs to enhance maturity levels and ensure regulatory compliance. Conducted extensive risk assessments for more than 100 IT assets within financial domains, developing actionable mitigation plans and risk dashboards to support executive decision-making.

    Authored and reviewed cybersecurity policies, standards, and charters, and led internal and external audit readiness. Designed and delivered cybersecurity awareness programs, reducing incidents and improving enterprise-wide culture. Mentored and managed cybersecurity teams, enhancing workforce competency.

    Strong track record in client engagement, project management, and stakeholder reporting, including project charters, status updates, and compliance reviews. Recognized for strategic insight, operational excellence, and commitment to advancing clients’ cybersecurity posture and resilience.
    Cybersecurity Risk Assessment Project Management Cybersecurity Strategy & Governance Cybersecurity Compliance Assessment Client and Vendor Relations
  • AESSCO Company,
    Snr. Consultant, Cybersecurity GRC
    March 2020 - December 2021 (1 year and 9 months)
    Riyadh, Saudi Arabia
    • Maintained integrated management system (NIST SP.800-53 R4, ISO 27001, NCA ECC, CSCC and ISO 22301) certification accreditation status for the client.
    • Conducted IT Security Audit at client site w.r.t ISO27001, ISO 22301 certification.
    • Information security audit management (external and internal audits). Develop and rollout of annual Information security roadmap and audits plans.
    • Developed NIST, ISMS and BCMS policies, standards, procedures, and guidelines to ensure the protection of confidential, integrity and availability of information.
    • Developed and conducted developed formal process system for business impact analysis, business continuity plan and test, IT security incident and changes management, etc.
    • Identifying and exploring new security trends and performing quality review, RFP, vendor evaluation, cost benefit analysis of latest security tools in the market.
    • Information security metrics reporting to support key decision makers.
    • Project lead for all IT security projects Key projects:
    o IT Risk management, ISMS management review program, IT security incident management and compliance management.
    o IT business continuity plan (BCP) drill test, Tabletop exercise (TTX), report results and follow-up action points.
    o Information security controls assessment for to meet the company requirements.
    o IT security audit management (external and internal audits)
    o IT security audit, assessment, and compliance management for information security controls.
    o Information security awareness and trainings program plans/ records to minimize information security incidents.
    o Developed and lead information system audit (data centre, firewall, routers, Wi-Fi, network and remote access control, active directory, servers, antivirus compliance, privileged users access control, etc.) management
  • Alfanar Company
    Consultant, IT Security & Compliance
    June 2015 - March 2020 (4 years and 9 months)
    Riyadh, Saudi Arabia
    • Maintained integrated management system (ISO 27001, ISO 22301, ISO 20000) certification accreditation status.
    • Developed and implemented integrated management system (IMS) policies, standards, and procedures to ensure the protection of confidential, integrity and availability of information.
    • Developed and conducted developed formal process system for business impact analysis, business continuity plan and test, IT security incident management, IT changes management, IT service catalogue, IT service improvement plan, IT customer satisfaction survey etc.
    • Project lead for all IT security projects Key projects:
    o IT Risk management, IMS management review program, Vulnerability assessments and penetration tests (VAPT), IT security incident management, SIEM management, legal and compliance management.
    o Data classification, Rights management, and Data leakage prevention program.
    o IT business continuity plan (BCP) drill test, report results and follow-up action points
    o Information security controls audit and assessment on vendor site for to meet the company outsourcing requirements.
    o IT security audit management (external and internal audits)
    o IT security audit, assessment and compliance management for firewall, routers, antivirus, wi-fi, data center, active directory, servers, and system security patches, privileged user access control, etc.
    o Information security awareness and trainings and phishing campaign to minimize information security incidents.
    o Subscribed to information security forums/bulletins/tips to be updated in latest information security and cyber security threats
Check out Iqbal's experience

Recommendations

Be the first to recommend Iqbal

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Certified Information Security Auditor (CISA)
    Certified Information Security Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
    Certified in Risk and Information Systems Control (CRISC)
Check out Iqbal's education

Skill set

Project Management
Client and Vendor Relations
IT Risk Management
Cybersecurity Awareness & Trainings
Cybersecurity Regulatory Frameworks

Categories