Amjad A.

• Collaborated with Solution Architects, Tech Leads, and Engineers, undertaking threat modeling to generate Security Patterns, Reference Architectures, and Solution Security Design patterns, significantly influencing the standardisation of security controls across enterprise capabilities, business product solutions.

• Contributed to key components of enterprise AI security frameworks and patterns, conducting security reviews of AI systems to ensure alignment with broader security assurance frameworks like SAIF and OWASP.

• Provided strategic technical direction to mature security capabilities by conducting in-depth analysis of current state and defining industry-aligned target states supported by maturity models for key enterprise cyber capabilities, including Edge Protection, API Security, Application Security, DevSecOps, Software Supply Chain Security, and Customer Identity and Access Management, AI governance.

• Uplifted processes, procedures and reporting, developed an automated actionable dashboard for visibility of Key Risk Indicators with clear attribution and prioritised, actionable intel, thereby significantly uplifting governance, security posture, and coverage of edge protection controls.

• Led cyber risk governance forums with senior leadership stakeholders, presenting key cyber and risk metrics with actionable insights to drive the uplift of the overall cyber posture.

• Partnered with digital product teams to strategically elevate security posture through comprehensive evaluations of people, processes, technology and governance, delivering prioritised security initiatives.

• Provided strategic technical direction and leadership for critical cyber capabilities, including DevSecOps, Application Security, Vulnerability Management, and Offensive Security services.

• Defined and maintained target state architectures for each capability, ensuring alignment with the group-wide security strategy and serving as the technical strategy owner for service roadmaps.

• Managed security capability roadmaps and maturity, including invest/divest positions by documenting architectural positions.