Regional Third-Party Security Consultant, Cyber Security Promoted from Senior Third Party Security Risk Manager

HSBC Middle East is the regional arm of HSBC Group, delivering corporate, retail, and investment banking services across the Middle East.

• Lead and oversee regional third-party cyber risk assessments across 3+ markets, governing security posture for 200–500+ vendors annually supporting mission-critical banking operations and digital platforms.
• Provide executive-level cyber risk advisory to senior leadership and business heads, influencing risk acceptance and remediation decisions for high-risk vendors and strategic suppliers.
• Develop and present Key Risk Indicators (KRIs) and third-party cyber risk dashboards to senior management, enabling quarterly and ad-hoc risk reporting.
• Serve as a trusted cybersecurity advisor for 20+ strategic initiatives and transformation programs, embedding security-by-design into project approvals, vendor onboarding, and change governance.
• Optimized third-party risk assessment workflows, improving assessment turnaround time by 30–40%.
• Partner with Legal, Procurement, IT, and Compliance across 5+ enterprise functions to embed cyber risk controls into third-party governance.
• Drove remediation governance and accountability, contributing to a 25–35% reduction in high-risk vendor findings and improving remediation closure timelines by 20–30%.
• Built foundational innovation and governance frameworks earlier in tenure, supporting dozens of PoCs and vendor evaluations, accelerating secure technology adoption and reducing concept-to-validation timelines by 25–35%.

As a Regional Third-Party Security Consultant, I lead and oversee regional third-party cyber risk assessments across 3+ markets, governing the security posture for 200–500+ vendors annually that support mission-critical banking operations and digital platforms. I provide executive-level cyber risk advisory to senior leadership and business heads, influencing risk acceptance and remediation decisions for high-risk vendors and strategic suppliers.

I develop and present Key Risk Indicators (KRIs) and third-party cyber risk dashboards to senior management, enabling quarterly and ad-hoc risk reporting and supporting data-driven risk governance. I serve as a trusted cybersecurity advisor for 20+ strategic initiatives and transformation programs, embedding security-by-design into project approvals, vendor onboarding, and enterprise change governance.

I have optimized third-party risk assessment workflows, improving assessment turnaround time by 30–40%, while increasing operational efficiency and audit readiness. I partner with Legal, Procurement, IT, and Compliance across 5+ enterprise functions to embed cyber risk controls into third-party governance, strengthening contractual security requirements and enterprise risk accountability.

I drive remediation governance and accountability, contributing to a 25–35% reduction in high-risk vendor findings and improving remediation closure timelines by 20–30%. Earlier in my tenure, I built foundational innovation and governance frameworks, supporting dozens of PoCs and vendor evaluations, accelerating secure technology adoption and reducing concept-to-validation timelines by 25–35%.

Network Support Engineer

Airbus Defence and Space is a global leader in secure communications, satellite systems, and defense-grade technology solutions for government and enterprise clients.

• Supported and secured mission-critical, multi-site network environments for government and mega-event operations, including Yas Formula 1 and Abu Dhabi Police Operations Center.
• Served as the primary on-site technical escalation point during live operations, coordinating with 5+ cross-functional teams (government stakeholders, vendors, and internal engineering groups).
• Resolved high-severity incidents within <60-minute critical SLAs during peak and high-risk windows.
• Supported enterprise routing, switching, and perimeter security infrastructure, contributing to sustained >99.9% network availability and minimizing service disruption.
• Implemented and enforced network security controls, privileged access processes, and structured change management, contributing to an estimated 25–40% reduction in unplanned outages.
• Participated in incident response, root cause analysis, and post-incident reviews for high-severity events, improving mean time to resolution (MTTR) by ~20–30% and reducing repeat incident frequency.
• Enabled secure connectivity for large-scale international events and sensitive law enforcement operations, reinforcing CIA triad principles.