Omar Fayyad
North Shore,AUK
Summary
With close to two decades of extensive experience spanning diverse domains, Omar is a seasoned security and privacy advocate committed to ensuring organizations remain resilient against cyber threats and compliance risks.
Throughout his career, Omar has actively contributed to network security engineering and cybersecurity consulting, serving as a trusted advisor in safeguarding critical data, systems, and reputation. His expertise is underpinned by a robust technical foundation, complemented by a solid understanding of privacy regulations and risk assessment methodologies.
Holding esteemed certifications such as Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA), Omar brings a wealth of knowledge and credibility to every project and team he engages with.
In his most recent role as a Senior Security Consultant/Auditor at Te Whatu Ora Health, Omar spearheaded internal audits, conducted comprehensive evaluations of national standards including the HISF framework guidance, and provided strategic insights on security configurations and compliance with ISO 27001, PSR, and NZISM standards.
Omar's overarching mission is to empower businesses to embrace the opportunities presented by the digital era while prioritizing security and privacy as fundamental pillars of their operations. He firmly believes that robust security and privacy measures not only facilitate business growth but also foster trust among stakeholders, ultimately conferring competitive advantages.
As he embarks on the next chapter of his career journey, Omar is enthusiastic about applying his expertise and skills to tackle new challenges and seize emerging opportunities. Please note that the views expressed herein are of a personal nature and may not necessarily align with those of the organizations he represents.
Disclaimer: The views expressed are of a personal nature and may not necessarily align with those of the organizations Omar works for.
Overview
19
19
years of professional experience
2
2
Languages
Work History
Senior Security Consultant/ Auditor
Self Employed Services
Auckland
02.2024 - Current
- Conduct internal audits using standards like ISO
- Facilitate risk workshops related to the #CandA process
- Offer guidance in the development of security standards
- Provide strategic advice on security configurations and compliance with #iso27001, #PSR, and #NZISM standards
Senior Security Consultant/ Auditor
Te Whatu Ora Health
Auckland, New Zealand
03.2023 - 02.2024
- Contributed to the refinement and advancement of the HISF Guidance for hospitals
- Led and executed comprehensive Internal Audits across Te Whatu Ora
- Orchestrated insightful risk workshops pertaining to the Certification and Accreditation (C&A) process.
Senior Security Consultant/ Auditor
Axenic Ltd.
Wellington
07.2022 - 12.2022
- Implemented a range of exercises encompassing, yet not restricted to: An audit conforming to ISO 27001 standards
- A meticulous review of M365 configuration security
- Comprehensive risk assessments integral to Certification and Accreditation (C&A) process.
Information Security Consultant
Self-employed
Egypt, Cairo
01.2021 - 06.2022
- Manage Cyber Security projects
- Offer consultation, internal and external audit for NIA v2, ISO 27001, and ISO 27701
- Create security awareness material to help raise security awareness amongst stakeholders
- Offer security technical assessments for websites and systems.
Senior Information Security Trainer
QATAR CERT Division at the Software Engineering Institute
Qatar, Doha
10.2015 - 12.2020
- Led the training and cybersecurity awareness content development workforce
- Conducted the Qatar NIA Policy Implementation training course
- Developed cybersecurity working material for presentations, workshops, seminars, etc..
- Hosted annually the Qatar National Cyber Drill Exercise (STAR-X)
- Provided consultation to companies in response to their need for cybersecurity awareness
- Managed projects involving content development and training worth 2-4 million QAR
- Led the effort to build Q-CERT's partnership with the Anti-Phishing Working Group (APWG).
Cyber Security Specialist
Ministry of Transport & Communications
Qatar
10.2012 - 09.2015
- Facilitated an aggressive timeline for a vast scale project to support cyber safety and security education nationwide in Qatar
- Managed a compound and comprehensive content management system within a narrowly defined resource capacity directly contributed to timely deliverables
- The project was worth 3 million QAR
- In the effort of managing the content and outlook of SafeSpace (dot) QA website, we had participated in the Best E-Government Website across GCC countries and were awarded first place.
Information Security Consultant
SecureMisr (aka Cysiv MEA)
Egypt, Cairo
12.2011 - 09.2012
- Provided consultation and assessments on different projects in the financial sector to comply with PCI DSS regulation, NIST, ISO 27k
- As part of the assessments, we used several manually developed scripts (i.e., python, bash, etc..) and tools such as Nmap and Nessus for vulnerability scanning
- I had also provided assessments on network security and design implementation
- During the time, I was tasked to review various network and security tools.
Network Security Engineer
Nile University
Egypt, Giza
09.2009 - 10.2011
- Held project engineering and a management role for the security and network infrastructure implementation to meet stringent business requirements with minimal security flaws
- Led a team of information security professionals to develop the university information security policy
- Developed and implemented a VPN access policy for monitoring and controlling access to critical university information assets
- Worked and configured several IT equipment including but not limited to Cisco switches and routers, 3Com switches, Juniper and Cisco firewalls, SSL VPN, IPOQUE (Bandwidth Management), and Websense (Security Content filtering) equipment.
Network Engineer
FedEx (Egypt Express)
Egypt, Cairo
08.2008 - 08.2009
- Entrusted with the pivotal responsibility of overseeing and ensuring the seamless operation of the network infrastructure, secure routing, and switching architecture spanning the headquarters and an extensive network of twenty branches
- Additionally, provided essential support to staff members in the installation of software and hardware, while spearheading the deployment, management, and administration of a sophisticated ERP solution leveraging an SQL database
- Demonstrated proficiency in managing a diverse array of network devices from industry-leading brands including Cisco, Juniper, and 3Com, adeptly configuring and optimizing their performance
- Additionally, played a pivotal role in administering both Windows and Linux environments to support the company's shipping platform, ensuring seamless operation and maximum efficiency.
Technical Support Engineer
Commercial International Bank (CIB)
Egypt, Cairo
07.2007 - 08.2007
- Assumed the responsibility of overseeing and troubleshooting both Windows and Linux operating systems, providing essential support to staff members in the installation of software and hardware components.
Inside Sales Representative
Raya Contact Center
Egypt, Giza
09.2004 - 09.2006
- Occupied a sales role, actively engaging in numerous indoor marketing and sales campaigns
- Distinguished myself as a top performer, surpassing my colleagues in securing a significant number of deals.
Education
Bachelor’s degree in Network Management, Computer Science & Networks -
University College of Cape Breton
Cairo, Egypt01.2008
Skills
- CS Project Management
- CS Training & Awareness
- ISMS Implementation
- ISMS Auditing
- C&A Risk Assessment
- Internal Audit
Accomplishments
Contributed to the refinement and advancement of the HISF Guidance for hospitals. Here is a link to the final publication.
https://www.tewhatuora.govt.nz/assets/Publications/HISO-Standards/HISF-Guidance-for-Hospitals.pdf
Affiliations
- ISACA (Information Systems Audit and Control Association)
- IIA NZ (The Institute of Internal Auditors New Zealand)
Languages
Arabic (mother tongue)
English (fluent)
Training
- CISSP
- ISO/IEC 27001 LA
- ISO/IEC 27701 LI
- CCNP – C|EH – GSEC
- Qatar NIA Implementer
- AZ-900 Microsoft Azure
- CCSK v4 – Cloud Security
- OSCP (fully exercised and pre-exam report prepared)
- TryHackMe Offensive Security Learning Path (completed). HacktheBox Academy.
- CISA
Timeline
Senior Security Consultant/ Auditor
Self Employed Services
02.2024 - Current
Senior Security Consultant/ Auditor
Te Whatu Ora Health
03.2023 - 02.2024
Senior Security Consultant/ Auditor
Axenic Ltd.
07.2022 - 12.2022
Information Security Consultant
Self-employed
01.2021 - 06.2022
Senior Information Security Trainer
QATAR CERT Division at the Software Engineering Institute
10.2015 - 12.2020
Cyber Security Specialist
Ministry of Transport & Communications
10.2012 - 09.2015
Information Security Consultant
SecureMisr (aka Cysiv MEA)
12.2011 - 09.2012
Network Security Engineer
Nile University
09.2009 - 10.2011
Network Engineer
FedEx (Egypt Express)
08.2008 - 08.2009
Technical Support Engineer
Commercial International Bank (CIB)
07.2007 - 08.2007
Inside Sales Representative
Raya Contact Center
09.2004 - 09.2006
Bachelor’s degree in Network Management, Computer Science & Networks -
University College of Cape Breton