Irfan Khaja Mohammed

• Conduct comprehensive cybersecurity architecture reviews to ensure alignment with enterprise security strategies and regulatory frameworks.
• Perform in-depth security assessments of infrastructure and application changes as part of change control processes, ensuring seamless and secure implementation of changes.
• Lead secure configuration reviews across critical platforms (e.g., firewalls, servers, databases) to identify and remediate vulnerabilities.
• Develop and maintain security baseline standards in accordance with international best practices (e.g., CIS Benchmarks, NCA ECC guidelines).
• Led vulnerability management efforts, identifying and mitigating security risks across critical systems.
• Collaborate with stakeholders to ensure compliance with internal security policies and external regulatory requirements (SAMA, NCA, ISO 27001).
• Provide expert advisory on security design decisions, risk mitigation strategies, and GRC-related initiatives.

• Lead and direct the IT department, managing a cohesive team of skilled IT professionals.
• Develop and execute strategic IT initiatives that align with organizational goals, fostering a secure and resilient technology environment.
• Provide expert guidance on cybersecurity strategies, ensuring robust compliance with industry standards and regulations.
• Drive the comprehensive implementation of cybersecurity solutions across the enterprise, proactively safeguarding against evolving threats and vulnerabilities.
• Spearhead digital transformation projects, ensuring the integration of cutting-edge technologies.
• Manage IT budgets effectively, vendor relationships, and procurement processes.

• Oversaw full spectrum of IT solutions, services, projects, and enhanced overall IT security posture.
• Lead the development and execution of the organization's information security strategy, ensuring alignment with business objectives.
• Develop and implement comprehensive information security programs, policies, and awareness campaigns.
• Conduct regular security audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement.
• Aligned department goals and budgets with organizational objectives for a streamlined IT framework.
• Analyzed IT infrastructure, software, and system performance to optimize costs, enhance productivity and address upgrade requirements.
• Developed an efficient ISMS certified with ISO 27001, enhancing mitigation of IT risks by 40%.
• Implemented a comprehensive security awareness program for employees, increasing staff compliance and reduction of 90% in social engineering attacks.
• Headed the integration of advanced threat intelligence tools, boosting threat detection by 50%.
• Managed external vendors, negotiating contracts and SLAs, ensuring optimal service levels.
• Led Business Continuity and Disaster Recovery Planning, optimizing infrastructure and site design.
• Ensure compliance with industry standards, regulatory requirements, and data protection laws.
• Identified, monitored, and remediated security compliance issues, liaising with auditors.

• Applied adept project management skills, leading end-to-end project phases with a focus on efficiency and timely completion.
• Rebuilt the Data Center within budget, ensuring optimal functionality and adherence to timelines.
• Maintained servers, firewalls, network connectivity, databases, systems backup, and IP Telephony systems.
• Executed a seamless migration from physical to high availability Virtual server environment using Microsoft Hyper V and System Center Virtual Machine Management.
• Architected the expansion of the virtual server environment, significantly improving application performance across the enterprise.
• Served as the primary escalation point for Active Directory, Exchange Environment, Network Infrastructure, End User Devices, and Applications, ensuring effective end-user support for all IT issues.
• Oversaw planning, installation, configuration, maintenance, and optimization of network hardware and systems.
• Managed LAN/WAN network operations, systems disaster recovery, database backup, and network security.
• Led IT Purchase Management, including BOM, RFQ, and vendor management for SLA compliance.

• Designed, configured, and managed corporate IT infrastructure for 50+ retail stores and service centers in KSA.
• Spearheaded the successful termination of the outsourcing contract for IT infrastructure maintenance, resulting in significant cost savings for the organization.
• Achieved high-performance levels, prompting the establishment of a separate IT company to generate revenue, showcasing the positive impact on organizational growth.
• Negotiated with vendors, ensuring cost-effective technology purchases, and optimizing agreements.