Independent cybersecurity consultant with over 25 years spanning government, critical infrastructure, and enterprise sectors. Former Head of Cybersecurity Committee at Kuwait's Ministry of Electricity, Water & Renewable Energy (MEWRE), contributing to the nation's inaugural national cybersecurity framework. Specializes in protecting critical systems, AI-driven security solutions, red team operations, and layered defense strategies. Creator of Threat Atlas โ a self-hosted intelligence and defense ecosystem featuring automated firewall controls, ClickHouse-based telemetry, geolocation attack visualization, and machine-learning enrichment, designed for sovereign and air-gapped deployments.
Developing and operating Threat Atlas โ a sovereign-grade, self-hosted cyber-defense platform. Providing AI risk advisory to enterprise and government clients. Designing Security Operations Centers (SOCs) and OT/ICS security architectures. Serving as international conference speaker and moderator on AI security, critical infrastructure resilience, and emerging threat landscapes.
Led end-to-end OT/ICS security strategy for Kuwait's national energy infrastructure. Directed incident management, threat hunting, and policy framework development. Built and mentored Kuwait's first dedicated OT security team from the ground up. Managed advanced persistent threat (APT) defenses. Contributed directly to the drafting of Kuwait's inaugural national cybersecurity policy in coordination with government bodies.
Directed large-scale enterprise resource planning (ERP) implementations and digital transformation programmes. Managed business continuity planning, IT risk assessments, and cross-functional project portfolios. Oversaw vendor negotiations and strategic technology partnerships across business units.
Managed national-scale telecommunications and infrastructure projects. Conducted comprehensive vulnerability assessments and penetration tests across enterprise and government systems. Contributed to early red-team methodology development in Kuwait's emerging cybersecurity landscape.
Self-hosted, sovereign-grade multi-layer cyber-defense platform. Integrates automated firewall response actions, ClickHouse-backed telemetry at scale, real-time geolocation attack visualization, and AI/ML threat enrichment. Designed for air-gapped and sovereign deployments with vendor-agnostic log ingestion, automated TTP tagging aligned to MITRE ATT&CK, operational SOC dashboards, and structured containment playbooks.
Privacy-first credential breach verification tool using SHA-1 prefix matching (k-anonymity model) over a ClickHouse infrastructure. Enables sub-100ms queries across billions of hashed credentials without storing or transmitting plaintext passwords. Designed for enterprise deployment within Kuwait's regulatory environment.
Established Kuwait's first dedicated OT/ICS security team and operational framework within the national energy ministry. Transformed the organisation's cybersecurity posture from reactive to proactive โ including threat modeling of industrial control systems, secure network segmentation, and incident response playbooks specific to SCADA/ICS environments.