SHAIKHA AHMED MOHAMMED AL SHEHHI

Cybersecurity Analyst

United Arab Emirates

Profile summary

Cybersecurity Governance & Risk professional with experience leading PCI DSS certification, cloud risk assessments, and third-party security due diligence within enterprise environments. Skilled in managing PCI DSS v4.0 deliverables, developing governance workflows across CRA, DPIA, DPA, and enhancing security documentation and processes. Experienced in SSL/DMARC governance, strengthening visibility across applications and cloud services, and collaborating with auditors, IT teams, and business stakeholders to improve control maturity and ensure alignment with UAE PDPL, ISO 27001, NIST, and enterprise cybersecurity policies.

Career highlights

Ensured PCI DSS v4.0 Compliance: Led PCI DSS v4.0 certification renewals for 5 applications, ensuring compliance with updated security controls for a leading hospitality and entertainment group.

Key skills

Skills
PCI DSS v4.0 Compliance – certification renewals, gap assessments, audit preparation and supportCloud Security & Risk Assessments – third-party assessments, DPIA/DPA reviews, ISO 27001 and SOC 2 evaluationsSecurity Operations & Governance – SSL/DMARC management, access control reviews, security monitoring and reportingEndpoint & Network Security – CrowdStrike Falcon, Cisco Umbrella, Forcepoint Proxy, Arcon PAMApplication & Web Security – vulnerability scanning and code review (Qualys, Nessus, SonarQube)OT & Infrastructure Security – ExtraHop, Nozomi, firewall management, network segmentationGRC & Risk Management – security policy reviews, third-party risk management, data protection governanceCollaboration & Communication – functional coordination with Legal, Procurement, and external stakeholdersCybersecurity and GRCThreat Intelligence AnalysisSecurity Automation (SOAR)Cloud Security Architecture (AWS, Azure, GCP)Incident Response & HandlingReverse Engineering & Malware Analysis

Professional experience

Cybersecurity AnalystSep 2023 - Present
Emaar Properties | Dubai, UAE

Led PCI DSS v4.0 certification renewals for 5 applications in one of the UAE’s leading hospitality and entertainment groups, ensuring compliance with updated security controls Led third party due diligence and vendor onboarding by conducting cloud risk assessments (NDA, DPA, CRA, SOC 2, ISO 27001). - Delivered comprehensive risk assessments and DPIAs for 20+ SaaS vendors, ensuring compliance with ISO 27001, SOC 2, and global security frameworks Developed and maintained SSL and DMARC governance, ensuring certificate lifecycle management and secure email practices. - 2years, monthly Collaborated with cross-functional teams (Legal, Procurement, SOC, WAF, Application Owners, Vendors) to drive security compliance and governance initiatives. Performed periodic web application scanning for critical websites within the organization, OT security assessments, and code reviews to identify and mitigate vulnerabilities. Enhanced enterprise defense by managing endpoint security with CrowdStrike, Forcepoint, Cisco Umbrella, and Arcon PAM

Cybersecurity InternJan 2023 - Present
CyberGate Defense | Remote

Completed three-month online training covering penetration testing, digital forensics, and network defense fundamentals. Assisted in analyzing simulated cyberattacks and incident response scenarios.

InternshipJan 2022 - Present
Division of Information Technology, UAE University

Rotated across multiple teams, including ICT (Security, Networks, Windows/Unix OS, HPC) and ITSS (Helpdesk, Student Affairs, AV support). Gained hands-on exposure to IT operations, troubleshooting, and system administration.

Education

Professional Degree, Cyber Security & Ethical HackingJan 2023 - Present
Manchester Innovation And Technology Academy
Bachelor's Degree, information securityJan 2017 - Jan 2022
United Arab Emirates University