Ahmed
Alderai
Cybersecurity Leader & AI-Safety Researcher
13+ years securing financial services, telecommunications, and cloud infrastructure. Translating regulatory expectations into resilient, board-ready security programmes.
Securing what matters most
A cybersecurity leader combining senior governance, stakeholder engagement, and hands-on technical foundations across regulated environments.
Cybersecurity leader with 13+ years of experience across financial services, telecommunications, cloud, and other regulated environments. Deep expertise in second-line cyber risk oversight, control framework design, security governance, SOC operations, and regulatory compliance (ISO 27001, NIST CSF, NIS2, PCI-DSS, GDPR). Currently serving as Principal Information Security Engineer at Lebara Group, leading enterprise and telecom security risk assessments across MVNO operations and eSIM security programmes.
Second-Line Risk Oversight
Governance and control effectiveness testing across multi-country telecom and financial operations.
Telecom & eSIM Security
End-to-end eSIM security risk assessments, roaming/interconnect security, and MVNO operations assurance.
AI-Safety Research
Published peer-reviewed research on AI-secure techniques for IoT in healthcare environments.
Deep expertise across the security lifecycle
From board-level governance to hands-on technical execution — covering the full spectrum of modern cybersecurity.
Security Leadership & Governance
- Security Strategy & Programme Leadership
- Second-Line Risk & Control Oversight
- Executive & Board-Level Risk Reporting
- Risk Appetite & Tolerance Framing
- Control Framework Design & Effectiveness Testing
- KRI / KCI Metrics & Dashboards
- Regulatory Engagement
- PRINCE2 / Agile Delivery
Frameworks & Regulatory Compliance
- ISO 27001
- NIST CSF
- NIS2
- PCI-DSS
- GDPR
- Maturity Assessments
- Gap Analysis & Remediation Roadmaps
SOC, Threat Detection & Incident Response
- 24/7 SOC Operations Leadership
- SIEM Engineering (Splunk, LogRhythm)
- Threat Hunting
- Incident Response Playbooks & Tabletop Exercises
- Lessons-Learned Reviews
- Resilience Planning
Offensive Security & Assessment
- Penetration Testing
- Vulnerability Management
- Breach Simulations
- Red / Blue Team Exercises
- Threat Modelling
Cloud & Infrastructure Security
- Azure Security
- AWS Security
- Multi-Cloud Risk Assessment
- Cloud Migration Guardrails
- Compensating Controls
Telecom Security
- eSIM Security Risk Assessment
- Roaming & Interconnect Security
- MVNO Operations
- Third-Party Security Testing
A career built on security delivery
Progressive leadership across telecommunications, financial services, and consulting — from hands-on engineering to senior governance.
Principal Information Security Engineer
(Security Expert)- Lead enterprise and telecom security risk assessments across Lebara MVNO operations spanning the UK, France, Germany, Netherlands, and Denmark — governing control design, effectiveness testing, and regulatory alignment.
- Own end-to-end eSIM security risk assessments — encompassing threat modelling, control mapping, remediation tracking, and executive reporting across the full eSIM lifecycle.
- Serve as senior authority for roaming and interconnect security, overseeing third-party security testing and ensuring robust assurance across partner integrations.
- Support PCI-DSS and financial security governance for Lebara Money, embedding regulatory commitments into operational practice and control ownership.
- Produce executive risk registers and KPIs for leadership, providing C-suite visibility into cybersecurity risk posture and remediation progress.
Cyber Security Senior Manager
(Cyber Security Expert)- Led and mentored a multi-analyst security team across incident response, threat detection, and vulnerability management functions, building operational capability and maturity across multi-country environments.
- Directed 24/7 SOC operations encompassing threat hunting, SIEM engineering, IDS/IPS management, malware detection, SSL decryption, and packet analysis — establishing detection tuning and response standards.
- Delivered security assessments, breach simulations, and red/blue team exercises for banking and enterprise clients across EMEA, providing actionable remediation and proactive detection capabilities.
- Advised clients on control framework alignment to ISO 27001, PCI-DSS, and NIST CSF, embedding regulatory commitments into operational practice.
- Partnered with the CIISI-IE intelligence-sharing community — presenting on emerging threats and collaborating on cross-industry threat intelligence.
Cybersecurity Services Manager
- Managed concurrent cybersecurity consulting engagements for financial and enterprise clients from RFP through delivery, spanning network security, vulnerability management, and compliance programmes.
- Delivered security assessments and remediation guidance against ISO 27001 and PCI-DSS, translating findings into prioritised, board-presentable roadmaps.
- Advised client security teams on incident-response capability, containment strategy, and recovery procedures.
Information Security Compliance Officer
- Led financial-sector clients through ISO 27001 implementation and certification, owning gap analysis, control design, and remediation tracking.
- Conducted maturity assessments and developed remediation roadmaps aligned to industry frameworks and regulatory expectations.
Bridging AI and cybersecurity
Peer-reviewed research developing artificial intelligence techniques to secure Internet of Things (IoT) devices and data in healthcare environments.
Publications
AI-secure techniques for IoT in healthcare
Wiley Journal
Secure AI-driven IoT healthcare systems
TELEMEDICINE Journal
Community Engagement
CIISI-IE
Cyber Intelligence & Information Security Ireland
Active contributor to the intelligence-sharing community — presenting on emerging threats and collaborating on cross-industry threat intelligence.
Education
MSc Computer Science (AI & Security)
Ain Shams University, Cairo
Thesis: "Developing AI Secure Techniques for IoT in Healthcare." Research published in peer-reviewed journals.
BSc Computer Science
Egyptian Aviation Academy, Cairo
Languages
Continuously sharpening the edge
A blend of governance, project management, and deep technical certifications — with active investment in ongoing development.
CISA
Certified Information Systems Auditor
PRINCE2
Project Management Certification
eWPT
Web Application Penetration Testing
eCPPTv2
Professional Penetration Testing
OSCP
Offensive Security Certified Professional
CCNA
Cisco Certified Network Associate
Cisco CyberOps Associate
Cisco Cybersecurity Operations
JNCIA-Cloud
Juniper Cloud Fundamentals
Let's secure what's next
Open to senior cybersecurity leadership roles, consulting engagements, and research collaborations. Based in London — available globally.
UK Partner Visa — no sponsorship required