Sohrab Khan

As Security Architect responsible for the architecture and design of cloud
infrastructure security. Primary responsibilities include the adoption of
the new security technologies and improve cloud security measures.
Provide expert support to security operations.
▪ Building and migration of data center
▪ Implementation of Omni channels for banks digital journey
▪ Plan, built and run IAAS as private could services for KSA bank across
border
▪ Implementation of Saas services like Teams and HCM
▪ Instrumental in implementing the ISO27001:2015 & COBIT standard at
Sohar International
▪ Architected the country wide Bank Network and IT Security
▪ Noted for setting up the Infrastructure and Process to respond to security
threats; developed Early Warning systems.
▪ Responsible for defining Information Security strategy and processes to
support the organization’s information security challenges.
▪ As Information Security expert assessed and analyzed Business, IT and
Information Security Process.
▪ Manage and Run the entire IT Security operation and Network operation
▪ Evaluated Vendors; Engaged in Negotiations, developed RFPs and RFIs;
ensure that third party vendors are compliant with organizations security
standards.
▪ Hands on, Electronic Cheque Clearance (ECC), IP Telephony (CISCO),
Banking Oversight & Research, Physical Integrated Security, , Identity
and Access Management (IAM), PMO Procedures, Treasury &
Investment, Fraud Management, Active and passive Components, Data
Centre.
▪ Establish good relations across the various Functions within the
organization to check on Information Security and Network issues / need
for risk management; involve in internal Committees & Task forces.
▪ Setup infrastructure for emergency operations and high-impact incidents;
plan for business continuity, disaster recovery and incident investigation.
▪ Monitor the operations of the SOC/Security Forum on a regular basis.
▪ Facilitate trainings and awareness plans for employees on ISO 27001 and
Cobit standards.
▪ Provide regular reports and status updates to Sr. Management on security
improvements, risks and corrective actions.
▪ Serve as the SME on Information security; advice Senior Management
 Business continuity framework
 Information Security Risk
Policy
 Network Access control
 WIFI
 Finalist of Middle East
Networking professional of
the year (Two years in a
row -2016 & 2017)
 Successful architected,
established and operated
24* 7 SOC (Security
Operations Centre)
 Successfully implemented
ISMS/ISO27001
information security
standards with certification
and recertification
 Part of winning team of
Bank Sohar Core banking
transformation program
 Successful build-up
Information Security
Practice with team of IS
professionals
 Successfully replaced Bank
Sohar Datacentre Infra,
Network and Security
Technology
 Datacentre Automation
using Load balancer
 Established the security
forum
on all aspects of security management.
▪ Collaborate with other Function heads for budgets and other resource
requirements.
▪ Responsible for all the Audits. Internal/external/VA-PT and central Bank
▪ Devising strategies and implementing IT solutions to minimize the risk
of cyber-attacks.
▪ Responsible for conducting DR drills as per BCM specified applications
and services
▪ Yearly budgets for run the bank and transform the bank

Involved in defining strategies to protect data and information systems
against unauthorized access and modification; suggest applicable
controls and policies to the senior management forum (CISF).
and Sand Boxing solution.
 CEH training
 IBM DAM tanning
 PMP from (PMI institute)
trained
 Certified Information
Systems Security
Professional (CISSP)
trained
 Data loss prevention
(DLP) Trained from
Symantec, TrendMicro
and force point
 Q-radar Trained
 Cisco Nexus (ACI) trained
 Citrix VDI and WAF
(trained
 F5 GTM Load balancers
training from computer
links Dubai
 ISO 27001 trained
 CCIE Security 30 days