Post Job Free
Sign in

Saad Gassem Aldossary

Location:
Dammam, Eastern, Saudi Arabia
Posted:
July 12, 2025

Contact this candidate

Resume:

SAAD ALDOSSARY

Khobar City KSA 059******* *************@*****.***

WWW: https://www.linkedin.com/in/saad-aldossary-058b3725/ PROFESSIONAL SUMMARY

Acting GRC and Cyber Security Manager and IT Manager with a robust background in developing and implementing security frameworks that ensure compliance with industry standards and regulatory requirements. Skilled in leading cross-functional teams to identify vulnerabilities and execute strategic risk mitigation plans. Known for strong analytical abilities, the capacity to perform under pressure, and adaptability in fast-paced environments. Enhanced organizational security posture through proactive threat analysis, effective communication strategies, and the integration of advanced security tools and technologies. Committed to fostering a culture of security awareness and driving continuous improvement in cybersecurity practices

EXPERIENCE

10/2024 - Current GRC, Cyber Security Manager and Acting IT Manager Zamil Shipyard - Dammam, Saudi Arabia, KSA

• Develop and maintain the GRC framework aligned with industry standards and regulations (ISO 27001, NIST, NCA).

• Conduct risk assessments and vulnerability assessments to identify and mitigate security risks.

• Collaborate with IT and development teams to ensure security best practices are integrated into all stages.

• Monitor compliance with internal policies and external regulations, preparing reports for senior management.

• Conduct security training and awareness programs for employees.

• Respond to Security incidents and manage remediation efforts.

• Stay updated on the latest Security trends and threats and recommend improvements to Security policies and procedures.

• Risk management

• Manage all cyber–Security Tools NDR, EDR, MDR, Google, Microsoft 05/2018 - 10/2024 Cyber Security Engineer

Zamil Industrial - Dammam, SA

• Deploying and configuring advanced security tools such as Vectra NDR, Darktrace, Trend Micro EDR, and Cisco Meraki Identity Services Engine to detect and mitigate malware and cyber-attacks

• Leveraging Microsoft Defender for Cloud Apps and Azure security features to monitor cloud service usage and enforce access controls

• Administering McAfee solutions, including Web Gateway, ePolicy Orchestrator, and security reporting

• Testing and integrating new security technologies to enhance the organization's defense capabilities

• Managing and optimizing internet access policies to balance productivity and risk

• Conducting security assessments, incident response, and remediation activities to maintain a robust cybersecurity posture.

05/2017 - 05/2018 Technical Support Specialist

Zamil Industrial - Dammam, SA

• Troubleshooting, installation, configuration

• Reset password

• Active Directory

• Outlook

• Printers & scan

01/2013 - 01/2014 Public Relationship Supervisor

Sorrof International, Co - Khobar, KSA

01/2008 - 01/2010 Clerk

Zamil Steel Holding Company Limited - Dammam, KSA

EDUCATION

04/2025 Master of Science: Computer Networks

KFUPM - Dhahran KSA

01/2016 BA: Network Security and Software Engineering Park University - Kansas City USA

LICENSES

• Cisco Certified CyberOps Associate

• Oracle Autonomous Database Cloud 2019 Certified Specialist

• Oracle Cloud Infrastructure Foundations 2020 Certified Associate

• Oracle Cloud Infrastructure 2019 Certified Cloud Operations Associate

• Oracle Cloud Infrastructure Developer 2020 Certified Associate TRAINING

• Chief Information Security Officer PMU

• Trend Micro Deep Discovery Training for Certified

• Deep Security Training for Certified Professionals trend micro

• Security Operation Centre

• ITIL 4 Foundation

• Certified Ethical Hacker (CEH) - MCIT

• Fortinet – NSE5 Forti Analyzer 6.2

• Fortinet – NSE 4 Network Security Professional

• Elastic Google Cloud Infrastructure: Scaling and Automation

• Security + - MCIT

• MCSE Course

• ITIL Service Design Concepts

• ITIL Service Strategy Concepts

• Overview of the ITIL Service Lifecycle

• Data Centre Virtualization_ vCenter Server

• Windows Server 2016 Server Administration

• Microsoft Azure Fundamentals

• CompTIA A+ 220-1001_ Implementing Network Concepts

• Essential Google Cloud Infrastructure: Core Services

• Google Cloud Fundamentals: Core Infrastructure

PROJECTS

Zamil Shipyards

Modern Workplace Infrastructure

October 2024 – March 2025

• Designed, implemented, and migrated infrastructure for Zamil Shipyards.

• Separated the existing Active Directory and Microsoft 365 Tenant from Zamil Offshore.

• Migrated to a new Microsoft 365 Tenant for Zamil Shipyards through a Cross- Tenant migration.

Skills

• Migration Projects

• System Administration

• Cybersecurity

• Project Management

• Microsoft Project

• Project Planning

• Network Architecture

• Led a cross-functional team in identifying and prioritizing key accounts for expansion efforts.

• Developed customized account expansion strategies tailored to each client's needs and objectives.

Zamil Industrial

Managed Print Services with Canon

June 2019 – December 2019

• Managed a complex print service project across multiple offices in various cities.

• Conducted site surveys to gather and analyze data on: Floor, department, section, and location.

Manufacturers, models, serial numbers, installation dates, and usage statistics.

• Evaluated suggested models for mono and color copies.

• Developed a strategic plan for effective machine allocation according to office layouts.

Zamil Industrial

Time & Attendance Management Software - BioTime 7.0 February 2019 – October 2019

Project Overview

• BioTime 7.0: Web-based time attendance software with features ensuring stable communication via LAN, WAN, Wi-Fi, GPRS, and 3G.

• Enabled remote management of thousands of time and attendance terminals within complex WLAN networks.

My Role

• Managed the Attendance Management Software, BioTime 7.0 - ZKTeco.

• Responsibilities included: Conducting site surveys. Performing device calculations, including Location, manufacturer, model, serial number, type, installation date, suggested models. Distributing machines at designated locations.

KEY SKILLS

• Ability to develop and maintain the

GRC framework aligned with

industry standards and regulations

(ISO 27001, NIST, NCA).

• Strong organizational and project

management skills to execute

security initiatives.

• Knowledge of industry standards

and frameworks such as ISO 27001,

NIST Cybersecurity Framework, SOC

2

• Ability to manage multiple tasks

and priorities

• Capable of managing, mentoring,

and motivating a security team.

• Cyber security Tools

• Excellent ability to explain security

concepts to non-technical

stakeholders and senior

management

• Strong analytical and problem-

solving abilities to identify and

mitigate complex security risks.

• Authentication policy

• Strong understanding of network

security, application security,

identity and access management

(IAM), and data protection.

• Ability to produce comprehensive

documentation

• Managing Access control

• Proficient in implementing and

managing VPNs, encryption, and

anti-malware solutions.

• Familiarity with cloud security across

platforms like Azure and GCP, as

well as hybrid IT environments.

• Extensive experience with NDR, EDR,

SIEM solutions, and endpoint

protection

• Experience with security audits,

vulnerability scanning, and

penetration testing methodologies.

• Risk assessment

• Incident response

• Penetration testing skills

• Firewall configuration and

management

• Identity and Access management

• Intrusion detection and prevention

• Security information and event

management

• Ethical hacking techniques

• Virtualization security management

• Threat intelligence analysis

• Security architecture design

• Operating system hardening

• Network security expertise

• Physical security measures

• Wireless network security

• Digital forensics investigation

• Wireless security

• Incident logging oversight

• IP addressing and subnetting

• SIEM provider management

• Penetration testing

• Active directory

• Port security

• Incursion tracking

• Secure network architecture

• Network security design

• Security awareness training

• Two-factor authentication

• Disaster recovery planning

• Network security management

• Endpoint protection

• Virtual private networks

• Access control management

• Patch management

• BYOD program implementation

• Teamwork and collaboration

• Data protection

• Time management

• Contractor management

• Investigation techniques

• Compliance monitoring

• Security training

• Vulnerability assessment

• Cloud security

• Problem solving

• Team collaboration

• Cloud security proficiency

• Security policy development

• Process isolation

• Malware analysis and reverse

engineering

• Two-factor authentication

implementation

• Business continuity planning

• Security compliance auditing

• Application security

• Incident response management

• Data loss prevention techniques

• Encryption algorithms

• Cryptography implementation

• Social engineering defense

strategies

LANGUAGES

Arabic: First Language

English: C1

Advanced (C1)

REFERENCES

• Bashar, Akkad, Network Administrator, ***********@***************.***, 050*******

• Babu, Augastin, Network Administrator, ************@***************.***, 050*******

#HRJ#54f76834-011f-4ad6-bfc6-ec5cf29fb9f1#



Contact this candidate