Khwaja Naveed
Cyber Security GRC Professional
PROFILE SUMMARY
Having a transversal profile by possessing competencies and skills in Information Security (GRC) Governance, Risk and Compliance Management, Privacy Management and Cyber Security Architecture. Expertise in Regulatory and Contractual Compliance Frameworks and Standards (ISO/IEC 27001:2013, 27002:2022, SAMA CSF, NCA, PCI DSS) along with Risk and Project Management standards (ISO/IEC 27005:2018, ISO/IEC 31000:2018, NIST SP800-30, PMBOK), backed by continuous extensive training and certifications in IT Risk Management, Compliance Management, IT Service Management, Threat Modeling, Cloud Security, Privacy Management, Project Management, KPI Management (Security Metrics), Leadership and Team Management.
PROFESSIONAL CERTIFICATIONS
Risk Management:
RMP – Risk Management Professional, PMI USA
CRISC – Certified in Risk and Information Systems Control, ISACA USA
ISO 31000:2018 - Enterprise Risk Management from ERM31000 Training and Consulting, USA
PECB Certified ISO 27005 Lead Risk Manager, Canada
CISRM - Certified Information Systems Risk Manager, Mile2, USA, (Training)
Project Management:
PMP – Project Management Professional, PMI USA
Information Security Management:
CISSP – Certified Information Systems Security Professional, ISC2 USA
CISM – Certified Information Security Manager, ISACA USA
Auditing and Compliance:
CISA – Certified Information Systems Auditor, ISACA USA
PCIP – Payment Card Industry Professional, PCI USA
ISMS ISO 27001 Master Implementer status from IT Governance, UK
Privacy and Data Protection:
CDPSE – Certified Data Privacy Solutions Engineer, ISACA USA
Ethical Hacking:
CEH v8 - Certified Ethical Hacker Program (CEH v8)
Business Continuity:
Business Continuity (BS-25999-1/2) - Kingswell Business Continuity
IT Service Management:
ITIL v4 Foundation
KPI Management:
Certified KPI Professional