Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic
Maaz Khan

Maaz Khan

Riyadh

Summary

Cybersecurity and IT executive with over 13 years of progressive experience leading security strategy, cloud architecture, and regulatory compliance across financial services, fintech, and critical sectors. Demonstrated success in building cybersecurity departments from the ground up, achieving SAMA CSF Maturity Level 3, and ensuring alignment with PDPL, NCA ECC, ISO 27001, NIST, and ISO 22301 (BCM). Adept at embedding AI/ML and LLM technologies into SecOps and detection programs, enhancing threat intelligence and operational efficiency. Proven ability to drive AI-driven cybersecurity, integrate secure architectures (GCP/OCI), lead SOC and IR operations, and align cyber programs with board-level strategic outcomes. Maaz is a compliance-focused, risk-aligned leader ready to scale cybersecurity in regulated, innovation-driven financial & other environments.

Overview

13
13
years of professional experience
1
1
Certification

Work History

HEAD OF INFORMATION / CYBER SECURITY

LENDO FOR FINANCE
09.2022 - Current
  • Founded and led Lendo’s cybersecurity department from scratch, establishing GRC, SOC, AI-driven SecOps, Data Protection, and Enterprise Security Architecture functions.This transformation significantly enhanced the organization’s security posture and industry trust contributing to a 200% increase in company capital.
  • Hired, Mentored, Managing and trained staff
  • Developed, architect, implement and embed budget, strategies, frameworks, solutions, tools programs, policies, processes and procedures.
  • Achieved SAMA CSF Level from 0 to 3 compliance with zero gaps.
  • Implemented a 5-year security strategy based on business objectives, aspirations, NIST and regulatory frameworks.
  • Developed GRC, Architecture, SOC, DFIR, TI, VAPT, SDLC, Devsecops, KPIs, KRIs integrations, use cases processes, BCM, PDPL, Enterprise Risk Management
  • Built and led Cybersecurity & BCM Committee under CEO and Board direction.
  • Led PDPL gap assessment and successful implementation.
  • Developed and enforced data protection policies.
  • Integrated AI-driven SecOps capabilities into SOC and Threat Intelligence functions.

SR. CYBERSECURITY/VIRTUALIZATION CONSULTANT & ARCHITECT

THE SAUDI INVESTMENT BANK
08.2018 - 09.2022
  • Led design and compliance with SAMA, ISO, NIST, SWIFT standards.
  • Architected security and hybrid cloud solutions and oversaw audits and remediation plans.
  • Conducted staff mentoring and led infrastructure cybersecurity & IT initiatives.
  • Review techno commercial proposal and architect solutions like VDI, MDM, PAM, Firewalls
  • Build and implemented DRC from scratch the exact replica of main data center
  • Develop multiple processes, procedures and operational & support plans
  • Implemented SSL encryption/Decryption, Integration of tools with SIEM
  • Architect and implemented Per App VPN, S2S VPNs, SSL Remote VPNs
  • Achieved 100% compliance across SAMA, SWIFT, PCIDSS and ISO 27001 audits by architecting secure solutions and leading remediation efforts.
  • Reduced operational failover time by 60% through the design and implementation of a fully replicated Disaster Recovery Center (DRC) from the ground up.

SR. SECURITY CONSULTANT | PRE/POST SALES NETWORK & SECURITY ENGINEER

DYNAMIC SYSTEMS SOLUTIONS
08.2013 - 08.2018
  • Designed and delivered secure enterprise network and cybersecurity architectures across critical sectors, integrating perimeter, endpoint, Infrastructure and application-level defenses.
  • Led large-scale deployments and compliance projects aligned with NIST, SAMA, ISO 27001, SWIFT, and PCI DSS, including architecture design, documentation, and stakeholder reporting.
  • Served as SME and project lead for cybersecurity solutions involving Fortinet, Cisco, Juniper, and Imperva, managing full delivery lifecycle from POC to support handover.
  • Built and mentored technical teams, delivering knowledge transfer, training workshops, and scalable frameworks for implementation and operational continuity.
  • Acted as client advisor & consultant in solution procurement, vendor evaluation, security integrations, and policy alignment for high-impact government and financial sector clients.
  • Delivered over 25+ secure infrastructure and compliance projects across 10+ national sector entities, enabling regulatory alignment and operational maturity.
  • Reduced security incident response time by [70%] through optimized architecture and integration of firewall, endpoint, and SIEM technologies across client networks.

NETWORK/SECURITY ENGINEER

JSOUR AL KHATEET
08.2012 - 08.2013

Education

Bachelor of Science - Information Technology

Islamic University of Pakistan
Pakistan

High School Diploma -

Cambridge University
England

Skills

Cybersecurity Leadership & Strategy

  • Cybersecurity Leadership Strategic Security Planning Business-Aligned Cyber Programs
  • Cybersecurity Governance Risk Management Cybersecurity Maturity Assessment
  • Policy & Framework Design (SAMA CSF, NIST, ISO 27001, NCA ECC, ISO 22301)

GRC & Data Protection

  • GRC Implementation Compliance Management SOC Oversight
  • Data Privacy & Protection (PDPL, GDPR) Privacy Gap Assessment & Implementation
  • Department KPIs RASCI Matrix Development Budgeting & Vendor Management

Security Architecture & Design

  • Enterprise Security Architecture Cloud (OCI/GCP), Hybrid & On-Prem Environments
  • Secure Architecture Design Security Control Mapping & Integration
  • Threat Modeling (STRIDE, DREAD) Risk-Based Architecture Assessments
  • Embedding Security by Design Security Solution Lifecycle Management

Network & Infrastructure Security

  • Secure Network Architecture Segmentation Zero Trust Network Design
  • Firewalls (Fortinet, Palo Alto), IDS/IPS, VPN (IPSec/SSL), WAF
  • Secure Routing & Protocols Cloud & Hybrid Infrastructure Protection

Technology Integration & Tooling

  • Solution Design (NGFW, EDR, DLP, PAM, IAM, SIEM, SOAR)
  • Vendor Evaluation Security Tools Procurement & Implementation
  • AI/ML & LLM in SecOps Automation Advanced Threat Detection

Certification

  • Info/Cyber security GRC, Management & Technical Trainings & Certifications like CISSP, CISM, CRISC
  • Network & Technical Security Certifications
  • Network Security Architect Certifications
  • Wireless Security Certifications
  • Systems security and server training & certifications
  • Cloud training & certifications
  • Web Applications & Database Security training & Certifications
  • Enterprise Routing & Switching Certifications

Languages

Arabic
Upper intermediate (B2)
English
Bilingual or Proficient (C2)
Urdu
Advanced (C1)

Timeline

HEAD OF INFORMATION / CYBER SECURITY

LENDO FOR FINANCE
09.2022 - Current

SR. CYBERSECURITY/VIRTUALIZATION CONSULTANT & ARCHITECT

THE SAUDI INVESTMENT BANK
08.2018 - 09.2022

SR. SECURITY CONSULTANT | PRE/POST SALES NETWORK & SECURITY ENGINEER

DYNAMIC SYSTEMS SOLUTIONS
08.2013 - 08.2018

NETWORK/SECURITY ENGINEER

JSOUR AL KHATEET
08.2012 - 08.2013

Bachelor of Science - Information Technology

Islamic University of Pakistan

High School Diploma -

Cambridge University
Maaz Khan