Ahmed AlRashidi

Strategic Regulatory Liaison: Acting as the designated Focal Point for the National Cybersecurity Authority (NCA); orchestrating communication channels to translate regulatory requirements into actionable internal directives.
Policy & Governance Architecture: Leading the end-to-end policy lifecycle. Authored the organization’s inaugural Cybersecurity Violations Regulatory Framework (V1) to enforce accountability, currently leading the maturation of Version 2.
Compliance & Audit Readiness: Driving force in the Compliance Committee to implement Essential Cybersecurity Controls (ECC) and Data Cybersecurity Controls (DCC), ensuring elite compliance scores in external audits.
Security Culture & Human Risk: Spearheading security awareness strategies by orchestrating Phishing Simulation Campaigns to measure and elevate staff maturity against social engineering.
Operational Resilience & IR: Contributed to the development of Business Continuity Plans (BCP), Disaster Recovery (DR), and Incident Response Plans (IR) to ensure 24/7 readiness for mission-critical operations.

Acting as the designated Focal Point for the National Cybersecurity Authority (NCA), orchestrating communication channels to translate regulatory requirements into actionable internal directives.
Leading the end-to-end policy lifecycle and authored the organization’s inaugural Cybersecurity Violations Regulatory Framework (V1) to enforce accountability, currently leading the maturation of Version 2.
Driving force in the Compliance Committee to implement Essential Cybersecurity Controls (ECC) and Data Cybersecurity Controls (DCC), ensuring elite compliance scores in external audits.
Spearheading security awareness strategies by orchestrating Phishing Simulation Campaigns to measure and elevate staff maturity against social engineering.
Contributed to the development of Business Continuity Plans (BCP), Disaster Recovery (DR), and Incident Response Plans (IR) to ensure 24/7 readiness for mission-critical operations.

Strategic Prototyping: Spearheaded the end-to-end design and development of a Voice-Enabled AI Agent utilizing ALLaM (National LLM) to facilitate seamless delivery of Ministry of Interior services through advanced real-time Arabic voice interaction.
Stakeholder Engagement: Presented the final prototype and its strategic value to a high-profile assembly, comprising a diplomatic delegation from the Royal Embassy of Saudi Arabia in London, high-ranking Ministry of Interior officials, and distinguished academics from Oxford and KAUST.

IAM Operations Supervision: Supervised the full lifecycle of user access rights, ensuring secure and timely execution of access requests using Microsoft Active Directory.
Process Engineering: Standardized access management by developing Unified Access Request Forms, eliminating ad-hoc procedures and enhancing audit trails.
SoD Resolution: Restructured workflows to resolve high-risk Segregation of Duties (SoD) conflicts, strategically decoupling permission granting from audit functions.
Access Control Analysis: Conducted in-depth analysis of access control frameworks, identifying and remediating security gaps to ensure strict adherence to the Principle of Least Privilege (PoLP).
Data Safeguarding: Enforced granular access controls to protect sensitive organizational data, directly contributing to a significantly strengthened cybersecurity posture.

Supervised the full lifecycle of user access rights, ensuring secure and timely execution of access requests using Microsoft Active Directory.
Standardized access management by developing Unified Access Request Forms, eliminating ad-hoc procedures and enhancing audit trails.
Restructured workflows to resolve high-risk Segregation of Duties (SoD) conflicts, strategically decoupling permission granting from audit functions.
Conducted in-depth analysis of access control frameworks, identifying and remediating security gaps to ensure strict adherence to the Principle of Least Privilege (PoLP).
Enforced granular access controls to protect sensitive organizational data, directly contributing to a significantly strengthened cybersecurity posture.

Operational Continuity & Security: Maintained business uptime by managing IT infrastructure and CCTV surveillance systems, troubleshooting hardware faults to ensure asset protection and physical security.
Technical Enablement: Enhanced operational efficiency by delivering end-user training on proprietary software and resolving technical escalations to minimize system downtime.