Khalil Jemghili
Casablanca
Summary
Experienced cybersecurity professional with expertise in developing and implementing awareness strategies, conducting NIST assessments in 30+ countries, and leading SWIFT CSP assessments for major global banks. Specialist in risk analysis, regulatory compliance, and access management, with a proven record in improving organizational resilience and safeguarding digital assets through innovative awareness campaigns and rigorous vulnerability & maturity assessments.
Overview
2
2
years of professional experience
Work History
Cybersecurity Consultant
PwC
02.2023 - Current
- Cybersecurity Awareness: Developed and implemented cybersecurity awareness strategies, including training campaigns, human risk assessments, and phishing/smishing/vishing simulations. Devised annual roadmaps to continually enhance organizational security awareness and preparedness.
- Cybersecurity Maturity Assessment: Conducted NIST-based assessments across more than 30 countries to ensure alignment with cybersecurity best practices, facilitating client workshops to discuss and improve their cybersecurity posture. Performed risk analyses to identify threats and vulnerabilities, providing strategic recommendations and roadmaps to enhance resilience and safeguard digital asset
- SWIFT CSP Independent Assessments: Conducted independent assessments for major banks globally to ensure compliance with SWIFT Customer Security Programme (CSP) standards. Led workshops to review infrastructure and evaluate evidence for each control, delivering comprehensive compliance reports;
- Systemic Importance Classification Assessments: Evaluated the systemic importance clarification (SIC) of major European financial institutions. Conducted detailed risk assessments, analyzed impact scenarios, and provided strategic recommendations to ensure compliance and mitigate systemic risks;
- Access Review and Recertification: Reviewed and implemented controls for account management, including creation, deletion, administrative, and generic accounts. Developed and formalized access creation and deletion processes. Identified and engaged direct managers (N+1) across the organization, requesting certification for their subordinates' access requirements and role appropriateness. Conducted a detailed recertification of transactions based on departmental affiliation, addressing significant discrepancies through a validated process involving managers and responsible teams.
Education
Engineering Degrees - Computer Science And Engineering
Mohammadia School of Engineers
Rabat, Morocco06.2023
Skills
- Cybersecurity Strategy and Awareness
- Cybersecurity Maturity Assessment
- SWIFT CSP Independent Assessments
- SIC Assessments
- Access Review and Recertification
- Web & Mobile development
- Web Penetration Testing
- Vulnerability Assessment
Timeline
Cybersecurity Consultant
PwC
02.2023 - Current
Engineering Degrees - Computer Science And Engineering
Mohammadia School of Engineers
Similar Profiles
Kübra AKKübra AK
Auditrice financière at PwCAuditrice financière at PwC
Aila Joyce PeñaAila Joyce Peña
Specialist Representative at PwCSpecialist Representative at PwC
Joseph MooreJoseph Moore
W/R SR Treat PLT Operator at PWCW/R SR Treat PLT Operator at PWC
SHATHA ALGHAMDISHATHA ALGHAMDI
Senior Consultant at PwCSenior Consultant at PwC
Imad ARIFIImad ARIFI
Regional ERP Lifecycle Leader at Michelin MarocRegional ERP Lifecycle Leader at Michelin Maroc