Maaz Khan
Riyadh
Summary
Cybersecurity and IT executive with over 13 years of progressive experience leading security strategy, cloud architecture, and regulatory compliance across financial services, fintech, and critical sectors. Demonstrated success in building cybersecurity departments from the ground up, achieving SAMA CSF Maturity Level 3, and ensuring alignment with PDPL, NCA ECC, ISO 27001, NIST, and ISO 22301 (BCM). Adept at embedding AI/ML and LLM technologies into SecOps and detection programs, enhancing threat intelligence and operational efficiency. Proven ability to drive AI-driven cybersecurity, integrate secure architectures (GCP/OCI), lead SOC and IR operations, and align cyber programs with board-level strategic outcomes. Maaz is a compliance-focused, risk-aligned leader ready to scale cybersecurity in regulated, innovation-driven financial & other environments.
Overview
13
13
years of professional experience
1
1
Certification
Work History
HEAD OF INFORMATION / CYBER SECURITY
LENDO FOR FINANCE
09.2022 - Current
- Founded and led Lendo’s cybersecurity department from scratch, establishing GRC, SOC, AI-driven SecOps, Data Protection, and Enterprise Security Architecture functions.This transformation significantly enhanced the organization’s security posture and industry trust contributing to a 200% increase in company capital.
- Hired, Mentored, Managing and trained staff
- Developed, architect, implement and embed budget, strategies, frameworks, solutions, tools programs, policies, processes and procedures.
- Achieved SAMA CSF Level from 0 to 3 compliance with zero gaps.
- Implemented a 5-year security strategy based on business objectives, aspirations, NIST and regulatory frameworks.
- Developed GRC, Architecture, SOC, DFIR, TI, VAPT, SDLC, Devsecops, KPIs, KRIs integrations, use cases processes, BCM, PDPL, Enterprise Risk Management
- Built and led Cybersecurity & BCM Committee under CEO and Board direction.
- Led PDPL gap assessment and successful implementation.
- Developed and enforced data protection policies.
- Integrated AI-driven SecOps capabilities into SOC and Threat Intelligence functions.
SR. CYBERSECURITY/VIRTUALIZATION CONSULTANT & ARCHITECT
THE SAUDI INVESTMENT BANK
08.2018 - 09.2022
- Led design and compliance with SAMA, ISO, NIST, SWIFT standards.
- Architected security and hybrid cloud solutions and oversaw audits and remediation plans.
- Conducted staff mentoring and led infrastructure cybersecurity & IT initiatives.
- Review techno commercial proposal and architect solutions like VDI, MDM, PAM, Firewalls
- Build and implemented DRC from scratch the exact replica of main data center
- Develop multiple processes, procedures and operational & support plans
- Implemented SSL encryption/Decryption, Integration of tools with SIEM
- Architect and implemented Per App VPN, S2S VPNs, SSL Remote VPNs
- Achieved 100% compliance across SAMA, SWIFT, PCIDSS and ISO 27001 audits by architecting secure solutions and leading remediation efforts.
- Reduced operational failover time by 60% through the design and implementation of a fully replicated Disaster Recovery Center (DRC) from the ground up.
SR. SECURITY CONSULTANT | PRE/POST SALES NETWORK & SECURITY ENGINEER
DYNAMIC SYSTEMS SOLUTIONS
08.2013 - 08.2018
- Designed and delivered secure enterprise network and cybersecurity architectures across critical sectors, integrating perimeter, endpoint, Infrastructure and application-level defenses.
- Led large-scale deployments and compliance projects aligned with NIST, SAMA, ISO 27001, SWIFT, and PCI DSS, including architecture design, documentation, and stakeholder reporting.
- Served as SME and project lead for cybersecurity solutions involving Fortinet, Cisco, Juniper, and Imperva, managing full delivery lifecycle from POC to support handover.
- Built and mentored technical teams, delivering knowledge transfer, training workshops, and scalable frameworks for implementation and operational continuity.
- Acted as client advisor & consultant in solution procurement, vendor evaluation, security integrations, and policy alignment for high-impact government and financial sector clients.
- Delivered over 25+ secure infrastructure and compliance projects across 10+ national sector entities, enabling regulatory alignment and operational maturity.
- Reduced security incident response time by [70%] through optimized architecture and integration of firewall, endpoint, and SIEM technologies across client networks.
NETWORK/SECURITY ENGINEER
JSOUR AL KHATEET
08.2012 - 08.2013
Education
Bachelor of Science - Information Technology
Islamic University of Pakistan
PakistanHigh School Diploma -
Cambridge University
EnglandSkills
Cybersecurity Leadership & Strategy
- Cybersecurity Leadership Strategic Security Planning Business-Aligned Cyber Programs
- Cybersecurity Governance Risk Management Cybersecurity Maturity Assessment
- Policy & Framework Design (SAMA CSF, NIST, ISO 27001, NCA ECC, ISO 22301)
GRC & Data Protection
- GRC Implementation Compliance Management SOC Oversight
- Data Privacy & Protection (PDPL, GDPR) Privacy Gap Assessment & Implementation
- Department KPIs RASCI Matrix Development Budgeting & Vendor Management
Security Architecture & Design
- Enterprise Security Architecture Cloud (OCI/GCP), Hybrid & On-Prem Environments
- Secure Architecture Design Security Control Mapping & Integration
- Threat Modeling (STRIDE, DREAD) Risk-Based Architecture Assessments
- Embedding Security by Design Security Solution Lifecycle Management
Network & Infrastructure Security
- Secure Network Architecture Segmentation Zero Trust Network Design
- Firewalls (Fortinet, Palo Alto), IDS/IPS, VPN (IPSec/SSL), WAF
- Secure Routing & Protocols Cloud & Hybrid Infrastructure Protection
Technology Integration & Tooling
- Solution Design (NGFW, EDR, DLP, PAM, IAM, SIEM, SOAR)
- Vendor Evaluation Security Tools Procurement & Implementation
- AI/ML & LLM in SecOps Automation Advanced Threat Detection
Certification
- Info/Cyber security GRC, Management & Technical Trainings & Certifications like CISSP, CISM, CRISC
- Network & Technical Security Certifications
- Network Security Architect Certifications
- Wireless Security Certifications
- Systems security and server training & certifications
- Cloud training & certifications
- Web Applications & Database Security training & Certifications
- Enterprise Routing & Switching Certifications
Languages
Arabic
Upper intermediate (B2)
English
Bilingual or Proficient (C2)
Urdu
Advanced (C1)
Timeline
HEAD OF INFORMATION / CYBER SECURITY
LENDO FOR FINANCE
09.2022 - Current
SR. CYBERSECURITY/VIRTUALIZATION CONSULTANT & ARCHITECT
THE SAUDI INVESTMENT BANK
08.2018 - 09.2022
SR. SECURITY CONSULTANT | PRE/POST SALES NETWORK & SECURITY ENGINEER
DYNAMIC SYSTEMS SOLUTIONS
08.2013 - 08.2018
NETWORK/SECURITY ENGINEER
JSOUR AL KHATEET
08.2012 - 08.2013
Bachelor of Science - Information Technology
Islamic University of Pakistan
High School Diploma -
Cambridge University
Similar Profiles
Mohammad S. ObeidatMohammad S. Obeidat
Branch network officer at Lendo for financeBranch network officer at Lendo for finance
Mahmoud AL-RdaidehMahmoud AL-Rdaideh
Business Analyst at Lendo for financeBusiness Analyst at Lendo for finance
Robert ChoRobert Cho
Senior Mortgage Advisor at Lendo ABSenior Mortgage Advisor at Lendo AB
Ahmad Ibrahim Al-ArajAhmad Ibrahim Al-Araj
Internship at general authority of civil aviationInternship at general authority of civil aviation
ABDELAZIZ GOURASHIABDELAZIZ GOURASHI
Volunteer Biomedical Engineer at King Fahad HospitalVolunteer Biomedical Engineer at King Fahad Hospital