Cloud Security Professional

MiMS
Al-Sahabi

Instructor · Tuwaiq Academy  |  ISC² CCSP · Cloud Security

Building the next generation of cloud security professionals in Saudi Arabia. Specialising in cloud security architecture, compliance frameworks, and Zero Trust.

View CV Read the Blog
6+
Years in Cloud Security
500+
Students Trained
12+
Projects Delivered
4
Certifications
Certifications
ISC² CCSP — Certified Cloud Security Professional
AWS Certified Security — Specialty
NCA ECC Practitioner
CompTIA Security+
About Me

Who I Am

I am a cloud security instructor and practitioner at Tuwaiq Academy, Saudi Arabia's premier technology training organisation. I specialise in helping professionals understand, design, and implement cloud security frameworks aligned with Saudi regulatory requirements.

My teaching focuses on practical, exam-ready content for the ISC² CCSP certification, while grounding every topic in real-world Saudi compliance context — NCA ECC, PDPL, and SAMA CSF.

Outside the classroom, I consult on cloud security architecture, Zero Trust implementations, and compliance readiness for organisations navigating Saudi Arabia's evolving regulatory landscape.

Cloud Security Architecture Zero Trust ISC² CCSP NCA ECC PDPL SAMA CSF AWS Security Azure Security CSA CCM NIST CSF Threat Modelling Data Security
Current Role
Cloud Security Instructor — Tuwaiq Academy
Location
Riyadh, Saudi Arabia
Specialisation
Cloud Security · Compliance · Zero Trust
Languages
Arabic (Native) · English (Professional)
Available For
Consulting · Speaking · Advisory
Career

CV & Experience

⬡  Experience
2022 — Present
Cloud Security Instructor
Tuwaiq Academy, Riyadh
Delivering ISC² CCSP curriculum across 9 domains. Developing exam-ready content with NCA ECC & PDPL compliance context for Saudi professionals.
2019 — 2022
Cloud Security Architect
[Organisation Name], Riyadh
Designed cloud security frameworks for government and enterprise clients. Led Zero Trust adoption and NCA ECC compliance assessments.
2016 — 2019
Information Security Analyst
[Organisation Name], Riyadh
Managed SIEM operations, incident response, and vulnerability management. Supported ISO 27001 certification programme.
↓  Download Full CV (PDF)
⬡  Education
20XX
MSc Information Security
[University Name]
Focus on cloud security, cryptography, and security governance frameworks.
20XX
BSc Computer Science
[University Name]
Foundation in networks, systems, and software engineering.
⬡  Certifications
Active
ISC² CCSP
Certified Cloud Security Professional
Active
AWS Security Specialty
Amazon Web Services
Active
NCA ECC Practitioner
National Cybersecurity Authority, KSA
Work

Projects & Portfolio

Curriculum Development
ISC² CCSP Study Deck Series
A complete 9-domain CCSP slide deck series with Saudi compliance context (NCA ECC, PDPL, SAMA CSF) built for Tuwaiq Academy students.
CCSP NCA ECC Cloud Security
View Project →
Security Architecture
Zero Trust Roadmap for Saudi Enterprise
Designed a 6-phase Zero Trust implementation roadmap aligned with NIST SP 800-207 and NCA ECC for a large Saudi government entity.
Zero Trust NIST 800-207 NCA ECC
View Project →
Compliance
Cloud Security Framework Assessment
Led CSA CCM v4.0 assessment across 17 domains for a financial sector client, mapping findings to SAMA CSF and ISO 27017 requirements.
CSA CCM SAMA CSF ISO 27017
View Project →
Training Programme
Cloud Data Security Workshop
Hands-on training programme covering data lifecycle, encryption key management, DLP, and PDPL compliance for cloud environments.
Data Security PDPL DLP
View Project →
Research
Multi-Cloud Security Reference Architecture
Published reference architecture combining NIST SP 500-292 with CSA frameworks for organisations operating across AWS, Azure, and GCP.
NIST SP 500-292 Multi-Cloud CSA
View Project →
Speaking
Cloud Security in the Saudi Vision 2030 Era
Keynote and panel participation on aligning cloud adoption with Saudi Vision 2030 goals while maintaining robust cybersecurity posture.
Vision 2030 Strategy Speaking
View Project →
Writing

Blog & Articles

Zero Trust March 2025 · 8 min read
Why Zero Trust Is Not a Product — It's a Strategy
Unpacking the most misunderstood principle in modern cybersecurity and how Saudi organisations can implement it practically.
Read Article →
Compliance February 2025 · 6 min read
PDPL vs GDPR: What Saudi Cloud Engineers Need to Know
A practical comparison of Saudi Arabia's Personal Data Protection Law and GDPR, with guidance for cloud architects.
Read Article →
Certification January 2025 · 10 min read
How I Prepared for the CCSP Exam — A Practical Guide
My study strategy, recommended resources, and tips for the ISC² CCSP exam from an instructor who has coached hundreds of candidates.
Read Article →
Cloud Security December 2024 · 7 min read
CSA CCM v4.0: The Framework Every Cloud Team Should Know
A walkthrough of the 17 domains of the Cloud Controls Matrix and why it should be the cornerstone of your cloud security programme.
Read Article →
NCA ECC November 2024 · 5 min read
NCA ECC and the Cloud: Mapping Controls to AWS & Azure
A practical mapping of the National Cybersecurity Authority's Essential Controls to native cloud security services on major CSPs.
Read Article →
Data Security October 2024 · 9 min read
BYOK vs HYOK vs CSP-Managed Keys: Making the Right Choice
A decision framework for choosing the right key management strategy based on your regulatory obligations and risk tolerance.
Read Article →
Get in Touch

Contact

Let's Work Together

Whether you're looking for consulting on cloud security architecture, a speaker for your event, or a training partner — I'd love to hear from you.

m@example.com in linkedin.com/in/m-alsahabi 𝕏 @malsahabi 📍 Riyadh, Saudi Arabia