Howdy, I’m M. I’m a seasoned GRC Leader with over 20 years of experience driving governance, risk, and compliance programs across major banks and financial institutions. Proven expertise in establishing enterprise-wide GRC frameworks aligned with ISO 27001, ISO 22301, NIST CSF, HIPAA, GDPR, CCPA, PCI-DSS, and SWIFT CSP. Strong track record in leading cybersecurity governance, risk assessments, internal audits, third-party risk programs, and regulatory compliance across complex environments.

Recognized for transforming organizational maturity through policy governance, risk mitigation planning, audit readiness, security awareness programs, and compliance automation. Adept at bridging the gap between technical teams, auditors, and executive leadership to ensure operational resilience and regulatory alignment. Experienced in developing IT security baselines, cloud/data privacy controls, and enterprise GRC roadmaps while enabling secure, compliant business operations.

Backed by global experience in Bangladesh, Saudi Arabia, and Malaysia—combined with strong consulting expertise, ISO lead auditor credentials, and more than 800+ man-days of audit experience. Known for strategic leadership, analytical decision-making, and building a culture of accountability, transparency, and continuous improvement within IT governance and cybersecurity functions.