Senior Associate

Summary Resume of Najwa Aaraj
Senior Associate in the Communications, Media and Technology practice in Booz & Company

Executive Summary

  • 7 years+ research in information and systems security
  • 5 years experience: IT and Telecommunications industries experience

Select Relevant Engagements

  • Information Security and Risk Management – Leading US Financial Organization
  • Develop risk assessment framework and conducted internal and external penetration tests to systems and platforms
  • Developed and implemented new solution for prevention and detection of security attacks (vulnerabilities and malware) on computing systems
  • Developed and implemented new methodologies for data integrity monitoring in virtual environments (security in the cloud)
  • Set-up and implemented access control mechanisms in virtual machine systems
  • Set-up and implemented information governance and access control mechanisms in virtual machine systems

Other Relevant Engagements

  • Developed information governance framework, including, information classification scheme, and security policies and standards for a Leading global telecom operating Group
  • Developed new methodologies for operating systems integrity monitoring within IBM Labs
  • Performed internal and external penetration tests to systems and platforms in three leading organizations in the USA
  • Developed new security architecture for energy-constrained embedded systems and smart phones within NEC labs and Xtensa
  • Supervised implementation of security solutions on embedded systems
  • Performed penetration tests to highlight vulnerabilities and assess security risks in a new processor technology in a leading organization in the USA
  • Participated in reviewing/auditing IT security in a USA-based institution (system-level and network-level, including security settings on firewalls, DDoS attacks configurations, etc.)
  • Developed ICT investment strategy for a Middle-East based sector developer
  • Conducted comprehensive end-to-end Operating Model  design, including organization structure, Corporate Governance, decision rights, and processes
  • Developed corporate strategy and strategic business plans for telecom operators, and telecom Groups across the Middle East, Africa, Asia, and Australia

International experience

  • Middle East (UAE, Qatar, Oman, and Kuwait), USA, Australia, Africa (Ivory Coast, Benin, Togo, Gabon, Ghana, and Nigeria), Asia (Sri Lanka)


  • Ph.D. with Highest Honors in Computer Engineering from Princeton University (thesis: Software and hardware architectures for secure computing systems)
  • Masters Degree in Computer Engineering from Princeton University
  • B.Eng. in Computer and Communication Engineering from American University of Beirut

Employment History

  • Research Staff Member, NEC Labs-Princeton University, NJ, USA
  • Research Staff Member, IBM T. J. Watson, NY, USA
  • Research Staff Member, Intel Corporation, Oregon, USA

Cyber Security-related Publications and Patents

    • INVISIOS: A Lightweight, Minimally Intrusive Secure Execution Environment (2012)
    • A framework for defending embedded systems against software attacks (2011)
    • Analysis and design of a hardware/software trusted platform module for embedded systems (2008)
    • Dynamic Binary Instrumentation-Based Framework for Malware Defense (2008)
    • Hybrid Arch. for Efficient and Secure Face Authentication in Embedded Systems (2007)
    • Energy and execution time analysis of a software-based trusted platform module (2007)
    • Architectures for efficient face authentication in embedded systems (2006)
    • Neighbor stranger discrimination: a new defense mechanism against DDOS attacks (2005)
    • Patents: