Khwaja Naveed 

Cyber Security GRC Professional


Career Summary and Specialties:

Information Security Governance, Risk, and Compliance (GRC) specialist with 20 years in the BFSI, Petrochemical, Utility, and Telecom sectors. Expertise in cybersecurity programs, threat analysis, risk mitigation, Information Security Management, Privacy Management, Project Management, and Cyber Security Architecture.

Certifications and Compliance:

I am certified in CISSP, CISM, RMP, CRISC, ISO 31000:2018, CIPT, PMP, CISA, PCIP, CDPSE, CEH v8, Business Continuity (BS-25999-1/2), ITIL v4 Foundation. Proficient in regulatory compliance with ISO/IEC 27001:2022, ISO/IEC 27002:2022, PCI DSS, and Saudi Arabian regulations such as the Saudi Arabian Monetary Authority (SAMA) Cyber Security Framework (CSF), National Cybersecurity Authority (NCA) standards, and regulations of the Council of Cooperative Health Insurance (CCHI). In addition, I am well-versed with the Personal Data Protection Law (PDPL) requirements, ensuring strict adherence to data privacy and protection norms in the organizations I work with.

Education and Career Trajectory:

Holding Bachelor's and Master's degrees in Computer Science with Cyber Security, I've held critical roles at BUPA Arabia, Saudi National Bank, Versatile Solutions, SAMBA Bank, and SABIC. Contributed to organizations like the Gulf International Bank and Saudi Electricity Company.

Personal Development and Social Responsibility:

Completed courses on Communication Skills, Management & Leadership Skills, and Analytical and Interpersonal Skills. Actively volunteering with The Citizens Foundation, aiding underprivileged students in Pakistan, and contributing to disaster and humanitarian relief efforts in KSA and Pakistan.

Professional Associations:

Member of IRM, IAPP, BCS, AIRMIC, CIISec, APM, ISACA, ISC2, PMI, IEEE, FAIR Institute, PECB, ACFE, EC-Council, ISSA, BICSI, AMACOM, KPI Institute, and OWASP Leaders. Aiming to drive impactful transformations in the field of Information Security. 


Risk Management:


Project Management:


Information Security Management:


Auditing and Compliance:


Privacy and Data Protection:


Ethical Hacking:


Business Continuity:


IT Service Management:


KPI Management: