Mohamed Badawi
Verified Expert in Engineering
Security Architect and Developer
Dubai, United Arab Emirates
Toptal member since September 27, 2022
Mohamed is a cybersecurity leader with an executive MBA degree and 20+ years of technology experience. He managed teams of 60+ members and built enterprise security solutions for 50+ organizations in the airline industry, military, public sector, and family businesses. Mohamed has solid technical knowledge in several cybersecurity domains, including cloud security architecture, governance risk and compliance, security leadership as the CISO, DevSecOps, digital forensics, and incident response.
Portfolio
Experience
- Security Architecture - 14 years
- GRC - 12 years
- Incident Response - 11 years
- ISO 27001 - 10 years
- Cloud Security - 4 years
- Security by Design - 4 years
- Digital Forensics - 2 years
Availability
Preferred Environment
Firewalls, Cloud, Identity & Access Management (IAM), Antivirus Software, Forensics, Incident Response, Cloud Security, Web Security, DevSecOps, GRC
The most amazing...
...thing I've built is the biggest cybersecurity transformation program in IBM's history, worth $75 million and with 20+ new and improved services for an airline.
Work Experience
CISO/vCISO
Trusted Systems Consultancy
- Implemented ISO27001, PCI-DSS, CIS, and local compliance frameworks for clients and supported them during the implementation and certification lifecycle.
- Advised 50+ clients on data leakage prevention, data recovery, incident response, digital forensics, and compliance.
- Led an expert witness team in over 60 digital investigations to support client litigation efforts in hacking, social engineering, data leakage, and data destruction cases.
- Established a cloud security capability within the company to help launch new services based on customer insights and needs.
Chief Security Architect
Emirates Group
- Managed and rolled out 15+ new security controls in response to technical debt, audit findings, and privacy laws requirements (GDPR).
- Designed and implemented a security-by-design framework that accomplished 80% early security adoption in projects and reduced risks arising from projects by 90% compared to previous engagements.
- Built, trained, and coached a team of 50 architects on enterprise security architecture and reduced business application time to market by 50%.
- Established strong relations with business stakeholders to gain executive buy-in on security decisions, which enhanced approval time by 40%.
Lead Security Architect | DPE
IBM
- Led a $75 million security transformation program for an airline, which resulted in 80% faster transformation and 70% resilience and allowed the client to focus on significant security risks.
- Built 20 different security services that addressed 5-year-old audit findings and reduced major security incidents by 80%.
- Coached and directly managed a team of 67 local and remote architects and engineers on technology and client management, improving client satisfaction to 90%.
- Advised the client on new controls for risks, audit findings, and emerging technologies, which enhanced the client's risk management effort.
Enterprise Security Architect and Head of Security
C4 Advanced Solutions
- Managed a cybersecurity team that delivered ten security services covering technology and process, improving security posture and reducing client risk.
- Achieved the ISO 27001 and ISO 20000 certifications for the client and ensured compliance for two consecutive certification cycles.
- Consulted senior management on new security requirements, which helped achieve 40% security revenue for the account due to newly identified risks and findings.
- Assessed the existing security architecture and defined a new reference architecture comprising 15 capabilities across various security domains.
Senior Security Specialist
Injazat Data Systems
- Helped 20+ clients over three years to ensure secure business application roll-outs by managing network and system security controls.
- Designed and implemented ten security services and created the necessary operational policies and procedures, improving service delivery performance by 80%.
- Provided technical and architectural consultancy to Injazat clients and served as a technical authority for security matters.
- Designed, built, and operated a new T4 data center that delivered seven new security services and managed a team of seven security specialists.
Network and Security Engineer
Zayed Higher Organization for People of Determination
- Managed an environment of 300 endpoints and 15 network and security devices, which addressed the needs of six business applications and ensured 99.9% availability.
- Monitored the network for suspicious traffic patterns and unauthorized usage, reducing major security incidents to less than two per year.
- Managed ten servers and operating systems and supported an environment of 300 users across two branches, achieving 97% user satisfaction.
- Provided end-user support to the 300 users on solving technical problems and addressed more than 2,000 tickets per year to help enhance user productivity.
Experience
Cybersecurity Transformation Program
Education
Executive Master's Degree in Business Administration
INSEAD - France, Singapore, UAE
Master's Degree in Cybersecurity
New York Institute of Technology - Abu Dhabi, UAE
Bachelor's Degree in Communication Engineering
Ajman University - Abu Dhabi, UAE
Certifications
Certified in the Governance of Enterprise IT (CGEIT)
ISACA
Certified Information Security Systems Professional (CISSP)
ISC2
ISO 22301 Lead Auditor
RABQSA
Certified in Risk and Information Systems Control (CRISC)
ISACA
Certified Information Security Manager (CISM)
ISACA
Certified Information Systems Auditor (CISA)
ISACA
ISO 20000 Lead Auditor Training
RABQSA
The Open Group Architecture Framework (TOGAF)
The Open Group
ISO 27001 Lead Auditor Training
RABQSA
Skills
Tools
Google Workspace, Radar
Languages
HTML
Paradigms
DevSecOps
Platforms
Windows
Industry Expertise
Marketing, Accounting, Network Security, Cybersecurity
Storage
Database Security
Other
Firewalls, Antivirus Software, Incident Response, GRC, ISO 27001, Security Architecture, Security by Design, Email Security, CISO, CISSP, IT Security, Security, Documentation, Cloud, Identity & Access Management (IAM), Forensics, Cloud Security, Web App Security, Cloudflare, Business Continuity Planning (BCP), Web Security, Economics, Leadership, Finance, Financial Accounting, Statistics, Macroeconomics, Strategy, Operating System Security, Digital Forensics, Cyberlaw, Networks, Electronics, Laser Systems, Antenna Design, Information Security, Risk Assessment, Architecture, PCI Compliance, Security Operations Centers (SOC), Data Privacy, GDPR, Enterprise Architecture, Intrusion Prevention Systems (IPS), Cisco Routers, Network Switches, WAN, LAN, Active Directory (AD), IT Audits, Security Management, Risk Management, IT Governance, IT Service Management (ITSM), Business Continuity, Cloud Architecture, Certified Information Systems Auditor (CISA)
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring