Available for senior security leadership roles

Ahmed
Alderai

Cybersecurity Leader & AI-Safety Researcher

13+ years securing financial services, telecommunications, and cloud infrastructure. Translating regulatory expectations into resilient, board-ready security programmes.

London, UK
ISO 27001
NIST CSF
NIS2
PCI-DSS
Scroll
About

Securing what matters most

A cybersecurity leader combining senior governance, stakeholder engagement, and hands-on technical foundations across regulated environments.

Cybersecurity leader with 13+ years of experience across financial services, telecommunications, cloud, and other regulated environments. Deep expertise in second-line cyber risk oversight, control framework design, security governance, SOC operations, and regulatory compliance (ISO 27001, NIST CSF, NIS2, PCI-DSS, GDPR). Currently serving as Principal Information Security Engineer at Lebara Group, leading enterprise and telecom security risk assessments across MVNO operations and eSIM security programmes.

13+
Years Experience
5
European Markets
5
Compliance Frameworks
MSc
AI & Security Research

Second-Line Risk Oversight

Governance and control effectiveness testing across multi-country telecom and financial operations.

Telecom & eSIM Security

End-to-end eSIM security risk assessments, roaming/interconnect security, and MVNO operations assurance.

AI-Safety Research

Published peer-reviewed research on AI-secure techniques for IoT in healthcare environments.

Expertise

Deep expertise across the security lifecycle

From board-level governance to hands-on technical execution — covering the full spectrum of modern cybersecurity.

Security Leadership & Governance

  • Security Strategy & Programme Leadership
  • Second-Line Risk & Control Oversight
  • Executive & Board-Level Risk Reporting
  • Risk Appetite & Tolerance Framing
  • Control Framework Design & Effectiveness Testing
  • KRI / KCI Metrics & Dashboards
  • Regulatory Engagement
  • PRINCE2 / Agile Delivery

Frameworks & Regulatory Compliance

  • ISO 27001
  • NIST CSF
  • NIS2
  • PCI-DSS
  • GDPR
  • Maturity Assessments
  • Gap Analysis & Remediation Roadmaps

SOC, Threat Detection & Incident Response

  • 24/7 SOC Operations Leadership
  • SIEM Engineering (Splunk, LogRhythm)
  • Threat Hunting
  • Incident Response Playbooks & Tabletop Exercises
  • Lessons-Learned Reviews
  • Resilience Planning

Offensive Security & Assessment

  • Penetration Testing
  • Vulnerability Management
  • Breach Simulations
  • Red / Blue Team Exercises
  • Threat Modelling

Cloud & Infrastructure Security

  • Azure Security
  • AWS Security
  • Multi-Cloud Risk Assessment
  • Cloud Migration Guardrails
  • Compensating Controls

Telecom Security

  • eSIM Security Risk Assessment
  • Roaming & Interconnect Security
  • MVNO Operations
  • Third-Party Security Testing
Technical Skills:
PythonPowerShellBashFirewallsVPNNetwork MonitoringIAM / PAM Governance
Experience

A career built on security delivery

Progressive leadership across telecommunications, financial services, and consulting — from hands-on engineering to senior governance.

Current Sep 2025 – Present

Principal Information Security Engineer

(Security Expert)
Lebara Group · London, UK
  • Lead enterprise and telecom security risk assessments across Lebara MVNO operations spanning the UK, France, Germany, Netherlands, and Denmark — governing control design, effectiveness testing, and regulatory alignment.
  • Own end-to-end eSIM security risk assessments — encompassing threat modelling, control mapping, remediation tracking, and executive reporting across the full eSIM lifecycle.
  • Serve as senior authority for roaming and interconnect security, overseeing third-party security testing and ensuring robust assurance across partner integrations.
  • Support PCI-DSS and financial security governance for Lebara Money, embedding regulatory commitments into operational practice and control ownership.
  • Produce executive risk registers and KPIs for leadership, providing C-suite visibility into cybersecurity risk posture and remediation progress.
May 2018 – Sep 2025

Cyber Security Senior Manager

(Cyber Security Expert)
Vodafone Group · London, UK
  • Led and mentored a multi-analyst security team across incident response, threat detection, and vulnerability management functions, building operational capability and maturity across multi-country environments.
  • Directed 24/7 SOC operations encompassing threat hunting, SIEM engineering, IDS/IPS management, malware detection, SSL decryption, and packet analysis — establishing detection tuning and response standards.
  • Delivered security assessments, breach simulations, and red/blue team exercises for banking and enterprise clients across EMEA, providing actionable remediation and proactive detection capabilities.
  • Advised clients on control framework alignment to ISO 27001, PCI-DSS, and NIST CSF, embedding regulatory commitments into operational practice.
  • Partnered with the CIISI-IE intelligence-sharing community — presenting on emerging threats and collaborating on cross-industry threat intelligence.
Sep 2016 – May 2018

Cybersecurity Services Manager

Vodafone · Cairo, Egypt
  • Managed concurrent cybersecurity consulting engagements for financial and enterprise clients from RFP through delivery, spanning network security, vulnerability management, and compliance programmes.
  • Delivered security assessments and remediation guidance against ISO 27001 and PCI-DSS, translating findings into prioritised, board-presentable roadmaps.
  • Advised client security teams on incident-response capability, containment strategy, and recovery procedures.
May 2015 – Sep 2016

Information Security Compliance Officer

E-Finance · Cairo, Egypt
  • Led financial-sector clients through ISO 27001 implementation and certification, owning gap analysis, control design, and remediation tracking.
  • Conducted maturity assessments and developed remediation roadmaps aligned to industry frameworks and regulatory expectations.
Research & Publications

Bridging AI and cybersecurity

Peer-reviewed research developing artificial intelligence techniques to secure Internet of Things (IoT) devices and data in healthcare environments.

Publications

Peer-Reviewed Journal

AI-secure techniques for IoT in healthcare

Wiley Journal

Peer-Reviewed Journal

Secure AI-driven IoT healthcare systems

TELEMEDICINE Journal

Community Engagement

Intelligence Sharing

CIISI-IE

Cyber Intelligence & Information Security Ireland

Active contributor to the intelligence-sharing community — presenting on emerging threats and collaborating on cross-industry threat intelligence.

Education

MSc Computer Science (AI & Security)

Ain Shams University, Cairo

2021 – 2025

Thesis: "Developing AI Secure Techniques for IoT in Healthcare." Research published in peer-reviewed journals.

BSc Computer Science

Egyptian Aviation Academy, Cairo

2008 – 2012

Languages

English
Fluent (Professional)
Arabic
Native
Certifications

Continuously sharpening the edge

A blend of governance, project management, and deep technical certifications — with active investment in ongoing development.

In Progress

CISA

Certified Information Systems Auditor

Leadership & Audit
In Progress

PRINCE2

Project Management Certification

Leadership & Audit
Certified

eWPT

Web Application Penetration Testing

Technical
Certified

eCPPTv2

Professional Penetration Testing

Technical
In Progress

OSCP

Offensive Security Certified Professional

Technical
Certified

CCNA

Cisco Certified Network Associate

Technical
Certified

Cisco CyberOps Associate

Cisco Cybersecurity Operations

Technical
Certified

JNCIA-Cloud

Juniper Cloud Fundamentals

Technical
Contact

Let's secure what's next

Open to senior cybersecurity leadership roles, consulting engagements, and research collaborations. Based in London — available globally.