03/18/2026 updated

SS
100 % available

Senior Cyber Security Architect - Regulatory Compliance & Secure-by-Design

Copenhagen, Denmark BSc (Hons) Electronics and Computer Science
Copenhagen, Denmark BSc (Hons) Electronics and Computer Science

Profile attachments

Syed_Najam_Shah_CV.pdf

About me

Highly experienced IT Security Architect with 20+ years specialising in secure-by-design principles, regulatory compliance, and cyber security delivery across major financial services, pharmaceutical, and telecommunications organisations.

Kubernetes SecurityComputer-Aided DesignAmazon Web ServicesAmazon Elastic Compute CloudAmazon S3Penetration TestingMicrosoft AzureCloud ComputingCloud Computing SecurityApache CloudStackControl Objectives for Information and Related Technology (COBIT)ComplianceComputer SecurityComputer NetworksContinuous IntegrationIdentity ManagementInfrastructure ManagementIntrusion Detection SystemsISO/IEC 27001OpenShiftOpenStackOWASPPCI Data Security StandardsArcSight SIEM ToolSecure CodingSecurity TestingSecurity Information and Event ManagementVulnerabilityVulnerability ManagementThreat ModelingSecurity AuditsGoogle CloudSoftware SecurityNational Institute of Standards and Technology (NIST)Risk AssessmentTogafAmazon Relational Database ServiceKubernetesNessusFunctional ProgrammingCIS BenchmarksSafety PrinciplesSplunkRisk ManagementDevSecOpsDocker
Security Architecture & Design
Secure-by-design software development, security architecture frameworks, cloud security (AWS, Azure, GCP), and container & Kubernetes security implementation

Regulatory Compliance & Risk Management
ISO 27001/2, 27005, 27017/18 standards implementation, ISF IRAM2 risk methodology, regulatory compliance frameworks, and CRA readiness & vulnerability monitoring

Threat Modelling & Security Testing
STRIDE threat modelling methodology, risk assessment & management, OWASP Top 10 mitigation, vulnerability management lifecycle, and penetration testing & security reviews

DevSecOps & Development Security
CI/CD pipeline security, container orchestration security, secure coding review practices, and Infrastructure-as-Code security

Cloud Platforms Expertise
AWS (EC2, S3, RDS, Lambda, KMS, IAM), Microsoft Azure, Google Cloud Platform (GCP), OpenStack, and CloudStack

Container & Orchestration Technologies
Kubernetes, OpenShift, Docker with image scanning, runtime security, network policies, and secrets management

Security Tools & Technologies
Penetration testing tools, vulnerability management (Tenable Security Centre, Nessus), SIEM (HP ArcSight, Splunk), IPS/IDS, and various security assessment tools

Standards & Frameworks Implementation
ISO 27001/2, ISO 27005, ISO 27017/18, TOGAF, ISF IRAM2, COBIT, CIS Benchmarks, NIST, DISA STIGs, OWASP, PCI DSS, STRIDE, and CRA

Languages

GermanGoodEnglishNative speaker

Project history

Founder & Principal Security Consultant

CyberDefend.eu
Founded boutique cyber security consultancy providing specialised security architecture, compliance advisory, and technical security services to European SME and enterprise clients

Security Architect / Consultant

Major European Telecom Group
Led security architecture and consultancy for product development teams across a top-tier European telecom group, ensuring secure-by-design principles and regulatory compliance across new products and services

Cloud Security Architect

UK HMRC
Delivered cloud security architecture for large-scale containerised application migrations, implementing DevSecOps practices and secure-by-design principles for one of the UK's largest public sector IT programmes

Cyber Security Architect

Reckitt Benckiser
Established security architecture function from scratch during enterprise-wide cyber security transformation initiative

Cloud Security Architect

Barclays Bank
Architected security controls and design patterns for public cloud on-boarding initiative covering Barclays' Global Technology Infrastructure Services

Cloud Security Architect

Vodafone
Created security patterns and design documentation for 21 security controls (HLDs and LLDs) for strategic cloud broker product across AWS, OpenStack, and Azure

Security Architect

British Gas
Created ISF-aligned security controls catalogue and design patterns for AWS and Azure cloud migration programme

Security Architect

Novartis Pharma
Designed AWS cloud hosting reference security architecture for regulated pharmaceutical environment ensuring FDA/GxP compliance

IT Security Consultant

Prudential Insurance
Performed comprehensive security review of network infrastructure, operating systems, databases, and virtualisation platforms

Technical Security Architect

BNP Paribas
13-year career progression at BNP Paribas from security engineer to leading a technical security architecture team across international banking operations

Contact form

Log in to get in touch

You need to be logged in to use the contact form.

Sign upLog in