Mohammad Zakaria, Developer in Doha, Doha Municipality, Qatar
Mohammad is available for hire
Hire Mohammad

Mohammad Zakaria

Verified Expert  in Engineering

IT Security Consultant and Developer

Location
Doha, Doha Municipality, Qatar
Toptal Member Since
December 19, 2023

Mohammad is a seasoned cybersecurity professional who excels in translating cybersecurity into practical business language. He is well-versed in standards such as ISO 27001 and ISO 22301, GDPR, NIST cybersecurity framework, and cybersecurity risk management and compliance. Mohammad assists organizations in developing cybersecurity roadmaps and serves as an auditor and trainer with a successful track record across diverse regions.

Information SecurityGDPRNISTCybersecurityData PrivacyData Loss Prevention (DLP)Cloud SecurityInternational Data Privacy RegulationsDigital ForensicsReverse EngineeringComputer ScienceWeb DevelopmentAlgorithmsArtificial Intelligence (AI)Threat AnalyticsFuzz Testing (Fuzzing)ISO 9001ISO 27001

Portfolio

TUV
ISO 27001, ISO 22301, Security Audits, Cybersecurity, ISO Compliance
Qatar Navigation
ISO 27001, ISO 22301, NIST, IT Governance, Enterprise Risk Management (ERM)...
Microsoft
Data Loss Prevention (DLP), Threat Analytics, Sales Presentations...

Experience

Information Technology - 13 yearsIT Security - 12 yearsInformation Security Management Systems (ISMS) - 9 yearsISO 27001 - 7 yearsISO 22301 - 5 yearsIT Governance - 5 yearsSOC Compliance - 3 yearsNIST - 2 years

Availability

Full-time

Preferred Environment

Windows, MacOS, Slack, Microsoft Teams

The most amazing...

...project I've led was establishing and developing cybersecurity roadmaps for 10+ organizations, guiding them from zero to full compliance.

Work Experience

Lead Auditor

2022 - PRESENT
TUV
  • Audited several IT, banking, healthcare, and other organizations across the Middle East against ISO 27001 and ISO 22301 standards.
  • Planned and executed ISO audits, assessing the organization's compliance with established standards.
  • Conducted thorough examinations of processes, documentation, and systems to identify nonconformities.
  • Prepared comprehensive audit reports, detailing findings and providing recommendations for corrective actions.
  • Collaborated with teams to develop and implement corrective and preventive measures, ensuring ongoing ISO compliance.
  • Led audit teams, oversaw audit processes, and established audit programs and plans.
Technologies: ISO 27001, ISO 22301, Security Audits, Cybersecurity, ISO Compliance

Information Security Specialist

2020 - PRESENT
Qatar Navigation
  • Ensured the protection of Qatar Navigation's information assets, focusing on maintaining confidentiality, integrity, and availability.
  • Managed and secured company information and communications technology (ICT) resources, aligning operations with Qatar Navigation's information security management systems and compliance standards.
  • Played a key role in overseeing information security-related risk and compliance management, reporting to the chief information security officer (CISO).
  • Obtained the ISO 27001:2013 certification, the National Information Assurance certification, and the National Cybersecurity Framework certification based on the NIST framework.
Technologies: ISO 27001, ISO 22301, NIST, IT Governance, Enterprise Risk Management (ERM), Threat Modeling, Cybersecurity

Information Security Technical Consultant

2019 - 2020
Microsoft
  • Provided information security technical consultation services to enterprise customers in Qatar and ensured the full implementation of information security best practices based on Microsoft solutions.
  • Led technical presentations, demonstrations, workshops, architecture design sessions, proofs of concept, and pilots to explain, demonstrate, and prove to enterprise customers the capabilities of Microsoft Security products and services.
  • Implemented Microsoft Security solutions in several companies.
Technologies: Data Loss Prevention (DLP), Threat Analytics, Sales Presentations, Pitch Presentations, Security Audits, Cybersecurity

Senior Information Security Consultant and Manager

2018 - 2020
EastNets
  • Established the security department of EastNets and specified security strategy, operations, and services.
  • Oversaw EastNets information security functions entirely.
  • Led all projects related to information security internally and externally.
  • Provided information security advice and consultation services to all EastNets branches.
Technologies: ISO 27001, GDPR, International Data Privacy Regulations, Swift, Swift Customer Security Programme (CSP), Security Awareness Training, IT Audits, Security Audits, Cybersecurity

Senior Information Security Consultant

2016 - 2019
CASHU
  • Established the security department of CASHU, as well as the security strategy, operations, and services.
  • Achieved several certifications, including ISO 27001:2013 and ISO PCI DSS.
  • Oversaw the company's information security functions.
Technologies: ISO 27001, PCI DSS, Cybersecurity

Information Security Engineer

2015 - 2016
IT Security C&T
  • Provided security advisory services to several companies across the MENA region in accordance with ISO 27001 and ISO 22301 standards.
  • Developed content for the information awareness training platform that the company was building.
  • Provided security training to several companies across the MENA region.
Technologies: ISO 27001, Cybersecurity

Web Developer and Technical Support Engineer

2011 - 2015
ESKADENIA Software
  • Served as a web developer, network engineer, and technical support specialist.
  • Developed multiple web applications for HR, schools, and ERP utilizing ASP.NET.
  • Provided technical support to clients, including internal and external technical consulting services.
Technologies: Technical Support

Achieving ISO 27001 and ISO 22301 Certifications

Various organizations across diverse sectors that I assisted in complying with the international standard for managing information security, ISO 27001, and the international standard for business continuity management systems, ISO 22301. I helped them achieve the certifications, guided them toward robust information security practices, and reinforced their commitment to data protection excellence.

Information Security and Compliance

A technology company specializing in IT staffing and cloud computing wanted to achieve compliance with the Trusted Information Security Assessment Exchange (TISAX) and ISO 27001. I joined as an information security consultant to facilitate the company's key support and readiness to achieve this compliance. In addition, I advised the company on ISO 9001.
2013 - 2015

Master's Degree in Information Systems Security and Digital Criminology

Princess Sumaya University for Technology - Amman, Jordan

2007 - 2011

Bachelor's Degree in Computer Information Systems and Computer Science

The Hashemite University - Zarqa, Jordan

SEPTEMBER 2023 - PRESENT

Certified Chief Information Security Officer (CCISO)

EC-Council

FEBRUARY 2023 - PRESENT

Certified Information Security Manager (CISM)

ISACA

JANUARY 2023 - PRESENT

Certified Information Systems Security Professional (CISSP)

ISC2

JANUARY 2020 - PRESENT

ISO 27005 Lead Risk Manager

PECB

MAY 2019 - PRESENT

ISO 22301 Lead Implementer

PECB

APRIL 2019 - PRESENT

ISO 22301 Lead Auditor

PECB

MARCH 2019 - PRESENT

ISO 27001 Lead Auditor

PECB

FEBRUARY 2019 - PRESENT

Internal Security Assessor (ISA)

PCI Security Standards Council

FEBRUARY 2019 - PRESENT

Certified Data Protection Officer (CDPO)

PECB

JANUARY 2018 - PRESENT

ISO 27001 Lead Implementer

PECB

Industry Expertise

Swift Customer Security Programme (CSP), Cybersecurity

Other

Information Security Management Systems (ISMS), IT Security, Information Technology, ISO 27001, ISO 22301, NIST, GDPR, Security Awareness Training, IT Audits, SOC Compliance, Information Security, Risk Management, CISO, Business Continuity Planning (BCP), ISO 27701, SOC 2, Trusted Information Security Assessment Exchange (TISAX), CISM, Security Audits, CISSP, Cloud Security, IT Governance, Data Loss Prevention (DLP), International Data Privacy Regulations, Data Privacy, Digital Forensics, Legal Technology (Legaltech), Information Systems, Ethical Hacking, Reverse Engineering, Computer Science, Computer Security, Web Development, Networks, Algorithms, Artificial Intelligence (AI), Enterprise Risk Management (ERM), Threat Modeling, Threat Analytics, Sales Presentations, Pitch Presentations, PCI DSS, Technical Support, ISO 27002, ISO 31000, ISO 9001, ISO Compliance

Languages

Java, Swift

Tools

Slack, Microsoft Teams

Paradigms

Penetration Testing, Fuzz Testing

Platforms

Windows, MacOS

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring