About
The firm behind the proof.
Noor Cybersecurity Assurance Solutions: a frontier technology consulting firm built in East Africa to a global standard.
Founded on a refusal.
Founder portrait, to come
NCA began with a refusal: to accept that institutions in emerging markets should settle for checkbox security while their counterparts in London or Singapore buy proof. The banks, operators, and agencies of this region carry the same obligations and face sharper threats with thinner cover.
So we built the firm we couldn't find. Certified senior practitioners. Global frameworks applied without dilution. Engagements that end in evidence, delivered from Mogadishu to wherever the work is.
The name carries the intent: Noor, the light the block stands on. It is the gold line at the base of our mark, and the standard under everything we sign.
Abdulrahman Nur
Founder & Principal Consultant
Abdulrahman is a cybersecurity leader whose career spans global professional services and enterprise security. He holds three of the field's most demanding credentials, CISSP, CISA, and CISM, and brings deep working experience across SOC 1, SOC 2, ISO 27001, and ISO 42001 engagements for regulated organizations. Mentored by senior practitioners from across the Big Four, he serves today as Chief Information Security Officer at a Canadian technology company. Clients of NCA work directly with him, and with the standard of security assurance, audit, risk, and compliance practice expected at the frontier of the industry, applied to institutions across East Africa and beyond.
How we work.
Institutions in our markets deserve the same standard of proof as any bank in the world. NCA exists to deliver it.
Evidence over assurance
We do not ask you to trust us. Every engagement ends in something you can verify: an exploit chain, a passing retest, a signed attestation.
Senior hands, small teams
The practitioner who scopes your engagement runs it. We grow by reputation, not by leverage ratios.
Your language, your framework
Findings arrive mapped to the standards your board, auditor, or regulator already reads. Translation is our job, not yours.
Stay until it holds
Reports do not fix anything. We stay through remediation and prove closure, because the outcome is the deliverable.
Certified, not self-declared.
Practice certifications held across the team. Individual rosters are shared under NDA during scoping.
- ISO 27001
- CISSP
- OSCP
- CEH
From Mogadishu, outward.
NCA is headquartered in Mogadishu, Somalia, and delivers engagements across East Africa and remotely worldwide. Working hours follow East Africa Time; response commitments are written into every retainer.
- Base
- Mogadishu, Somalia
- info@ncacyber.com
- Hours
- 08:00-18:00 EAT
Bring us a hard problem.
A consultation is a working session with senior practitioners, not a sales call.