
Mohammad Zakaria
Verified Expert in Engineering
IT Security Consultant and Developer
Doha, Doha Municipality, Qatar
Toptal member since December 19, 2023
Mohammad is a seasoned cybersecurity professional who excels in translating cybersecurity into practical business language. He is well-versed in standards such as ISO 27001 and ISO 22301, GDPR, NIST cybersecurity framework, and cybersecurity risk management and compliance. Mohammad assists organizations in developing cybersecurity roadmaps and serves as an auditor and trainer with a successful track record across diverse regions.
Portfolio
Experience
- Information Technology - 13 years
- IT Security - 12 years
- Information Security Management Systems (ISMS) - 9 years
- ISO 27001 - 7 years
- ISO 22301 - 5 years
- IT Governance - 5 years
- SOC Compliance - 3 years
- NIST - 2 years
Availability
Preferred Environment
Windows, MacOS, Slack, Microsoft Teams
The most amazing...
...project I've led was establishing and developing cybersecurity roadmaps for 10+ organizations, guiding them from zero to full compliance.
Work Experience
Lead Auditor
TUV
- Audited several IT, banking, healthcare, and other organizations across the Middle East against ISO 27001 and ISO 22301 standards.
- Planned and executed ISO audits, assessing the organization's compliance with established standards.
- Conducted thorough examinations of processes, documentation, and systems to identify nonconformities.
- Prepared comprehensive audit reports, detailing findings and providing recommendations for corrective actions.
- Collaborated with teams to develop and implement corrective and preventive measures, ensuring ongoing ISO compliance.
- Led audit teams, oversaw audit processes, and established audit programs and plans.
Information Security Specialist
Qatar Navigation
- Ensured the protection of Qatar Navigation's information assets, focusing on maintaining confidentiality, integrity, and availability.
- Managed and secured company information and communications technology (ICT) resources, aligning operations with Qatar Navigation's information security management systems and compliance standards.
- Played a key role in overseeing information security-related risk and compliance management, reporting to the chief information security officer (CISO).
- Obtained the ISO 27001:2013 certification, the National Information Assurance certification, and the National Cybersecurity Framework certification based on the NIST framework.
Information Security Technical Consultant
Microsoft
- Provided information security technical consultation services to enterprise customers in Qatar and ensured the full implementation of information security best practices based on Microsoft solutions.
- Led technical presentations, demonstrations, workshops, architecture design sessions, proofs of concept, and pilots to explain, demonstrate, and prove to enterprise customers the capabilities of Microsoft Security products and services.
- Implemented Microsoft Security solutions in several companies.
Senior Information Security Consultant and Manager
EastNets
- Established the security department of EastNets and specified security strategy, operations, and services.
- Oversaw EastNets information security functions entirely.
- Led all projects related to information security internally and externally.
- Provided information security advice and consultation services to all EastNets branches.
Senior Information Security Consultant
CASHU
- Established the security department of CASHU, as well as the security strategy, operations, and services.
- Achieved several certifications, including ISO 27001:2013 and ISO PCI DSS.
- Oversaw the company's information security functions.
Information Security Engineer
IT Security C&T
- Provided security advisory services to several companies across the MENA region in accordance with ISO 27001 and ISO 22301 standards.
- Developed content for the information awareness training platform that the company was building.
- Provided security training to several companies across the MENA region.
Web Developer and Technical Support Engineer
ESKADENIA Software
- Served as a web developer, network engineer, and technical support specialist.
- Developed multiple web applications for HR, schools, and ERP utilizing ASP.NET.
- Provided technical support to clients, including internal and external technical consulting services.
Experience
Achieving ISO 27001 and ISO 22301 Certifications
Information Security and Compliance
Education
Master's Degree in Information Systems Security and Digital Criminology
Princess Sumaya University for Technology - Amman, Jordan
Bachelor's Degree in Computer Information Systems and Computer Science
The Hashemite University - Zarqa, Jordan
Certifications
Certified Chief Information Security Officer (CCISO)
EC-Council
Certified Information Security Manager (CISM)
ISACA
Certified Information Systems Security Professional (CISSP)
ISC2
ISO 27005 Lead Risk Manager
PECB
ISO 22301 Lead Implementer
PECB
ISO 22301 Lead Auditor
PECB
ISO 27001 Lead Auditor
PECB
Internal Security Assessor (ISA)
PCI Security Standards Council
Certified Data Protection Officer (CDPO)
PECB
ISO 27001 Lead Implementer
PECB
Skills
Tools
Slack, Microsoft Teams
Industry Expertise
Swift Customer Security Programme (CSP), Cybersecurity
Languages
Java, Swift
Paradigms
Penetration Testing, Fuzz Testing
Platforms
Windows, MacOS
Other
Information Security Management Systems (ISMS), IT Security, Information Technology, ISO 27001, ISO 22301, NIST, GDPR, Security Awareness Training, IT Audits, SOC Compliance, Information Security, Risk Management, CISO, Business Continuity Planning (BCP), ISO 27701, SOC 2, Trusted Information Security Assessment Exchange (TISAX), CISM, Security Audits, CISSP, Cloud Security, IT Governance, Data Loss Prevention (DLP), International Data Privacy Regulations, Data Privacy, Digital Forensics, Legal Technology (Legaltech), Information Systems, Ethical Hacking, Reverse Engineering, Computer Science, Computer Security, Web Development, Networks, Algorithms, Artificial Intelligence (AI), Enterprise Risk Management (ERM), Threat Modeling, Threat Analytics, Sales Presentations, Pitch Presentations, PCI DSS, Technical Support, ISO 27002, ISO 31000, ISO 9001, ISO Compliance
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring