Riyad is highly skilled information security and cybersecurity professional with remarkable experience in the banking sector. Currently, Riyad is head of information security, IT Governance and business continuity at INVESTBANK group where he had successfully established the security function and restructured the IT Governance and business continuity functions. He played the major role in promoting the security governance at the bank by creating the security strategies, developing the security policies and procedures, establishing the executive information security steering committee and implementing the security program. Also, Riyad established the security infrastructure at INVESTBANK using risk-based approach and shaped the security culture by implementing mature security awareness program. Riyad plays key role of ensuring compliance with Central Bank of Jordan’s regulations and mandates including PCI DSS, Swift CSP, COBIT 2019 framework, and other regulatory requirements.

In addition, Riyad is responsible for managing INVESTBANK’s business continuity program according to ISO 22301 standard. He created the business continuity steering committee to oversee progress of business continuity efforts at INVESTBANK group, restructured the business continuity and recovery plans, established the business continuity site in addition to other duties in cooperation with the operational risk department. Riyad maintains strong relationship at executive and board levels by maintaining active membership in many of the executive and board committees in all domains under his responsibilities.

Previously, Riyad held the position of IT Security assistant manager at Arab Bank where he was responsible for managing the IT security operations for Arab Bank plc globally. He led the implementation of cutting edge security technologies to secure AB data centers worldwide. Besides his technical responsibilities, he worked with the management to establish the strategic plans for the department, manage the security budgets, create and maintain the IT security policies, procedures and work processes, develop the team competencies an promote IT Security at time of establishing the role in 2008.

Apart from his work duties, Riyad delivers professional training in cybersecurity and security management and write exam questions for CISM (ISACA). He maintains active membership in many professional organizations such as ISACA, ISC2, Project Management Institute, DRI and other professional organizations.