Resumé

Joshua Theoder

Information Security Engineer | B.S. Cybersecurity, Al Ain University

me@joshuatheoder.comlinkedin.com/in/joshuatheoderUnited Arab Emirates+971566871000

EXPERIENCE

Information Security Engineer

May 2023 - Present

ASTRA TECH (BOTIM), United Arab Emirates

Compliance & Regulatory
  • • Led end-to-end compliance projects, achieving PCI-DSS and PCI-PIN certifications from the ground up in a fast-paced fintech environment.
  • • Successfully implemented the UAE-IAR NESA framework, ensuring national cybersecurity standards adherence.
  • • Managed CBUAE technology risk audits, collaborated closely with the federal bank to address technical risks, and executed comprehensive remediation strategies.
  • • Functioned as an internal auditor to ensure ongoing adherence to UAE-IAR NESA, PCI-PIN, and PCI-DSS standards, identifying key areas for improvement.
  • • Designed, led, and presented routine security awareness campaigns (SAT) to foster a security-conscious culture within the organization.
Security Architecture & Implementation
  • • Architected enterprise security frameworks integrating PCI-DSS, PCI-PIN, UAE-IAR NESA, and CBUAE technology risk requirements for fintech operations.
  • • Led the full lifecycle of critical security solutions (HSM, PAM, EDR, DLP), from procurement and scoping to implementation and successful deployment.
  • • Oversaw the deployment of EDR, DLP, and SOC for cloud environments within a secure fintech infrastructure.
  • • Configured Azure Web Application Firewall (WAF) across multiple environments and availability zones to align with security best practices.
Cryptographic Systems & Payment HSM Management
  • • Managed the complete Thales PayShield Payment HSM infrastructure for payment processing, with expertise in key generation (ZMK, BDK) and delegation.
  • • Performed HSM configuration, hardening, and scripting automation to ensure robust security for financial transactions.
  • • Managed day-to-day key injection activities for POS devices and oversaw all Payment-HSM maintenance and operations.
Security Operations
  • • Led cross-functional security operations, implementing robust frameworks for access management, third-party risk assessments, application security, and network management.
  • • Designed and authored a complete Information Security Management System (ISMS), including policies and procedures tailored for global and regional fintech compliance.
  • • Coordinated with vendors for all security engagements, ensuring effective scoping, collaboration, and implementation of security projects.
PCI-DSSPCI-PINUAE-IAR NESAHSMPAMEDRDLPAzure WAFThales PayShieldISMS

CERTIFICATIONS

ISO 27001 Lead AuditorTUV, January 2024
Certified Ethical Hacker v11EC-Council, June 2022
The GRC Approach to Managing CybersecurityCoursera, August 2023
AWS Fundamentals SpecializationCoursera, July 2020

EDUCATION

Bachelor of Science in Cybersecurity

September 2019 - September 2023

Al Ain University, Abu Dhabi

PUBLICATIONS

Securing Domain Name Systems with Blockchain

J. Theoder, B. S. Metharath and S. Alouneh

4th International Conference on Intelligent Data Science Technologies and Applications (IDSTA), Kuwait - IEEE

November 20, 2023

Share Resume