Taher Afridi

As CISO & CCO, develop Information Security methodologies and standards, formulating long- and short-term operational objectives and plans. Oversee cyber security & AI initiatives in InfoSec & Privacy cyber operations, including InfoSec, privacy (GDPR), GRC, sanctions, AML/ABC. Manage multiple compliance and information security teams and departments, maintaining up-to-date knowledge of existing and emerging regulatory compliance requirements. Lead development and implementation of policies and programs.
• Certified entire Group under GDPR, ISO27001, 9001, 14001, and 45001 within two years; grew department exponentially from four to 65 employees in three years
• Managed FinTech, RegTech, and Maritime sectors, leading diverse team of 65 professionals across multiple verticals.
• Supported the implementation of PCI-DSS compliance, SOC2 reporting, and successful registration on SWIFT, UKs FCA, and Portugal’s Banco de Portugal.
• Reduced cyber insurance costs by 20% annually, despite dramatic global increases in all cyber insurance.
• Streamlined operations, automating 85% of processes to improve efficiency and reduce external audit and certification costs by 30% annually.
• Decreased carbon footprint, digitalizing multiple automations for incident reporting, infosec and privacy assessments, internal self-audits, and assessments.
• Transformed backend cost center department to another unit's P&L, creating compliance tool and building team that generated $1M+ USD annually.
• Drove successful implementation of comprehensive ISO 27001/9001/14001/45001/ and GDPR compliance programs, ensuring adherence to regulatory requirements and best practices, resulting in zero compliance violations.
• Led development and implementation of enterprise-wide information security strategy, significantly reducing data breaches and unauthorized access incidents.

• Manage the Network and Security teams to deliver a secure and operational environment for multiple sites across the UAE.
• Manage team to administers the network and security of infrastructure and IT services over the LAN/WAN
• In a role of Security Audit Specialist for Senior Directors
• Ensure governance and compliance with UAE Military Armed Forces - Air Force/Navy regulations.
• Ensure governance and compliance with ITAR regulations.
• Deliver network infrastructure (physical and virtual) for the purpose of ensuring effective and efficient networking systems.
• Serve as an internal information security consultant to the organization through the team
• Document security policies and procedures created by the information security team
• Provide direct training and oversight to all employees, affiliate marketing partners, alliances, or other third parties, ensuring proper information security clearance in accordance with established organizational information security policies and procedures
• Initiate, facilitate, and promote activities to create information security awareness within the organization
• Gather information security risk assessments for security issues
• Implement information security policies and procedures for the organization
• Participate in a variety of planning and development activities for the purpose of creating short and long range plans for extending reliable and secure communications
• Review all system-related security plans throughout the organization's network, acting as a liaison to information systems
• Monitor compliance with information security policies and procedures, referring problems to the appropriate department manager
• Coordinate the activities of the information security committee
• Manage principal vendor, partners, implementer relations and contractors
• Monitor the internal control systems to ensure that appropriate access levels are maintained
• Deliver the disaster recovery plan
• Deliver a stable network and ensures encrypted communication over the WAN

• Manage a team of Network, Systems and Security professionals, handling the LAN and WAN secure and operational environment for 13 campuses and 10 entities, servicing over 6, 000 clients and users in the UAE.
• Direct the team to configure, design and maintain a secure and reliable network that provides high availability. Plan and implement mechanisms that document existing infrastructure and maximize knowledge sharing among team members. Manage team KPI's and assessment, as well as project progress and work performance. Plan and manage infrastructure and network-related projects that address the expansion of the organization.

• In a role of CIO - Managed multiple military & government education initiatives, VEDC/IAT/ACTVET/ADEC/ADVETI
• Identify information technology needs and provide/recommend hardware and software solutions
• Lead Network Operations Center in Network and Security infrastructural design, implementation and testing. Review preliminary budgets and adjust items for conformance to anticipated needs. Evaluate departmental effectiveness and initiate change. Prepare IT policy and plan strategy development and oversee the provision of IT training for employees. Implement IT Security policies and force conformance of all users and appliances.

• Network administration for the TSI camp with over 700 staff computers.
• Network support, configuration, and deployment for CISCO routers, CISCO and 3COM switches, DLINK switches and hubs, CISCO FIREWALL, CISCO IDS.
• Network administration for client computers, running Windows XP, 2000.
• Network setup, configuration for Server farms, running Windows 2000 Server, Windows 2003 Server Enterprise, MS Exchange 5.5 and 2003, along with DNS, DHCP, WINS server, Web Server, FTP and File servers.
• Network design, deployment, maintenance, and support for high network security.
• System administration of user accounts and group policies.
• System administration of user mail exchange accounts.
• ISA Server, FIREWALL and IDS deployment and configuration.
• Server migrations.

• Network administration, system administration and service for over 40 staff computers including Windows 98, Windows NT 4.0 Workstation, Windows 2000 Professional, Windows 2003 Server Enterprise, and Windows XP Professional.
• System administration for network servers of department. Including Windows NT 4.0 Server, Windows 2000 Advanced Server, Windows 2003 Server Enterprise, .NET Server (beta version), Microsoft IIS 4.0, Microsoft IIS 5.0 (for web and ftp service), Microsoft IIS 6.0, Windows NT Domain System for laboratories, Windows 2000/2003 Domain System with Active Directory, Windows Server 2000/2003 working as Web Server, DNS Server, WINS Server in Active Directory.
• Installation and maintenance of Microsoft Windows 2000 and Windows Server 2003 Enterprise Domain System with Active Directory for Student Laboratories including 2 servers and 200 Windows 2000 workstations.
• Entire System and Network migration to Windows 2003 Server Enterprise.
• Migration of MS Exchange 5.5 to MS Exchange 2003.
• Arrangement, installation, management, problem solving and maintenance for more than 1000 student accounts in Windows 2000/2003 Server Domain System with Active Directory.
• Arrangement, installation, management, problem solving and maintenance for more than 1000 student accounts in Windows NT Domain in departmental computer system.
• Installation and maintenance of Windows NT Domain System for laboratories (including 2 servers and more than 200 workstations (account arrangement, workstation and server security, profile sizes)

I was a trainee in the Hardware Maintenance Group. Training and work was given regarding computer hardware assembly, hardware troubleshooting and fixing, system setup and maintenance, and a full study on various mother boards.

I was a trainee in three different departments in the company.
1) Hardware Design and Analysis Group,
Assembly Team,
2) VisualBasic6.0 Software Development Group,
3) Networking Group.