Muhammad Aqeel Khan

Highly skilled and dedicated cybersecurity specialist with 7 years+ of experience in safeguarding digital assets and protecting against cyber threats. Proficient in implementing security standards & frameworks like ISO 27001, PCI-DSS, NIST, CIS CSC, conducting risk assessments, and implementing proactive measures to mitigate vulnerabilities. Adept at analyzing complex security systems, identifying potential weaknesses, and devising strategic plans to enhance overall protection. Strong expertise in network security, incident response, and security architecture design. Committed to staying up-to-date with the latest industry trends and best practices to ensure the highest level of cybersecurity. Demonstrated ability to collaborate with cross-functional teams and effectively communicate complex concepts to both technical and non-technical stakeholders. Seeking an opportunity to leverage my expertise in a dynamic organization dedicated to maintaining robust cybersecurity defenses.

Exemplar Global Certified Lead Cloud Security Manager

• Developed Cybersecurity framework and organizational policies for FFCL, establishing a robust and consistent approach to cybersecurity governance, risk management, and incident response.
• Played a key role in the implementation & maintenance of standards ISO 27001 & PCI-DSS
• Vast experience in performing internal security audits based on standards ISO27001, PCI-DSS, NIST & CIS Critical Security Controls
• Led & participated in performing different Vulnerability Management Programs:
• VAPT of IT Infrastructure
• Security assessments of in-house developed Web Applications, Mobile Applications & Web APIs
• Develop & implement a cybersecurity strategy to secure ERP & cloud environment
• Supervise & execute different security awareness campaigns within the organization
• Evaluation of public-facing organization assets to ensure resilience against cyber threats

• Linux Kali
• Nessus Pro
• Rapid7 InsightVM
• Acunetix
• Burp Suite
• Metasploit
• PT Application Inspector
• SIEMONSTER
• SecurityOnion
• SNORT, OSSEC & SURICATA
• Mobile Security Framework
• MITRE ATT&CK Framework
• OSINT Framework
• OWASP

• ISMS Lead Auditor (ISO 27001)
• Lead Cloud Security Manager based on ISO 27017/27018 Cloud Security Standard
• Integrated Management System - Internal Audit
• System Center 2012 - Deploying & Configuring Private Cloud
• Introduction to ICS/OT Cybersecurity
• Cyber Incident Response Management
• Lean Six Sigma Yellow Belt
• Microsoft Official Course 6425C Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services