Khwaja Naveed

Cyber Security GRC Professional


Having a transversal profile by possessing competencies and skills in Information Security (GRC) Governance, Risk and Compliance Management, Privacy Management and Cyber Security Architecture. Expertise in Regulatory and Contractual Compliance Frameworks and Standards (ISO/IEC 27001:2013, 27002:2022, SAMA CSF, NCA, PCI DSS) along with Risk and Project Management standards (ISO/IEC 27005:2018, ISO/IEC 31000:2018, NIST SP800-30, PMBOK), backed by continuous extensive training and certifications in IT Risk Management, Compliance Management, IT Service Management, Threat Modeling, Cloud Security, Privacy Management, Project Management, KPI Management (Security Metrics), Leadership and Team Management.


Risk Management:

  • RMP – Risk Management Professional, PMI USA

  • CRISC – Certified in Risk and Information Systems Control, ISACA USA

  • ISO 31000:2018 - Enterprise Risk Management from ERM31000 Training and Consulting, USA

  • PECB Certified ISO 27005 Lead Risk Manager, Canada

  • CISRM - Certified Information Systems Risk Manager, Mile2, USA, (Training)

Project Management:

  • PMP – Project Management Professional, PMI USA

Information Security Management:

  • CISSP – Certified Information Systems Security Professional, ISC2 USA

  • CISM – Certified Information Security Manager, ISACA USA

Auditing and Compliance:

  • CISA – Certified Information Systems Auditor, ISACA USA

  • PCIP – Payment Card Industry Professional, PCI USA

  • ISMS ISO 27001 Master Implementer status from IT Governance, UK

Privacy and Data Protection:

  • CDPSE – Certified Data Privacy Solutions Engineer, ISACA USA

Ethical Hacking:

  • CEH v8 - Certified Ethical Hacker Program (CEH v8)

Business Continuity:

  • Business Continuity (BS-25999-1/2) - Kingswell Business Continuity

IT Service Management:

  • ITIL v4 Foundation

KPI Management:

  • Certified KPI Professional