Muhammad Emal Khan
AeroLeads people directory · profile

Muhammad Emal Khan Email & Phone Number

Senior Information Security Consultant at Lidl GB
Location: United Kingdom 9 work roles 7 schools
LinkedIn matched
✓ Verified July 2026 3 data sources Profile completeness 86%

Contact Signals

LinkedIn Profile matched
3 free lookups remaining · No credit card
Current company
Role
Senior Information Security Consultant
Location
United Kingdom
Company size

Who is Muhammad Emal Khan? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

Muhammad Emal Khan is listed as Senior Information Security Consultant at Lidl GB, a with 1403 employees, based in United Kingdom. AeroLeads shows a matched LinkedIn profile for Muhammad Emal Khan.

Muhammad Emal Khan previously worked as Senior Information Security Consultant - Deputy Head at Lidl Gb and Director Information Security - Governance, Risk and Compliance at Afiniti. Muhammad Emal Khan holds Masters Business Administration, Management Information Systems from Virtual University, Pakistan.

Company email context

Email format at Lidl GB

This section adds company-level context without repeating Muhammad Emal Khan's masked contact details.

Lidl GB

Review company-level records connected to Muhammad Emal Khan before choosing the right outreach path.

Profile bio

About Muhammad Emal Khan

As the Director of Information Security at Afiniti, I lead the development and implementation of a robust 'Afiniti Securiti' program that covers all aspects of information security, privacy, and GRC and its related practices, aligning security policies with the company's strategic objectives. I have over 16 years of experience in the field of Governance, Risk, and Compliance, Information Security and Systems Auditing, Process Improvement, and Quality standards creation and implementation.I have successfully led the implementation of PCI-DSS, ISO 27001, ISO 27701, and SOC 2 standards in both Service Providers and Financial Services sectors, collaborating with inter-company teams spread across 5 continents and 14 countries. I have also spearheaded the development and delivery of a security awareness and training program entitled 'Human Firewall', fostering a culture of security throughout the organization. I am passionate about improving IT governance policies, processes, and procedures, and developing and implementing innovative security programs that drive awareness, decrease exposure, and strengthen an organization's cyber controls and defenses.#informationsecurity #grc #governance #risk #iso27001 #securitymanager #securityjobs #pci #thirdpartyriskmanagement #thirdpartyrisk #itsecurity #tprm

Current workplace

Muhammad Emal Khan's current company

Company context helps verify the profile and gives searchers a useful next step.

Lidl GB
Lidl Gb
Senior Information Security Consultant
United Kingdom
Website
Employees
1403
AeroLeads page
9 roles

Muhammad Emal Khan work experience

A career timeline built from the work history available for this profile.

Senior Information Security Consultant

United Kingdom

Senior Information Security Consultant - Deputy Head

United Kingdom

Director Information Security - Governance, Risk And Compliance

London, England, United Kingdom

Adding to my responsibilities I had been moved to the UK to cater to the UK and EU regional needs to meet the information security and compliance gaps.

Director Information Security

Lahore, Punjab, Pakistan

As a member of the information security leadership team, I led the development and implementation of a robust 'Afiniti Securiti' program that covered all aspects of information security, privacy, and GRC and its related practices aligning security policies with the company's strategic objectives.Partnered with inter-company teams spread across 5 continents and 14 countries to ensure the information security policies are properly implemented to safeguard client and company data, as well as… Show more As a member of the information security leadership team, I led the development and implementation of a robust 'Afiniti Securiti' program that covered all aspects of information security, privacy, and GRC and its related practices aligning security policies with the company's strategic objectives.Partnered with inter-company teams spread across 5 continents and 14 countries to ensure the information security policies are properly implemented to safeguard client and company data, as well as ensuring internal processes and adherence to global standards. I also spearheaded the development and delivery of a security awareness and training program entitled 'Human Firewall', fostering a culture of security throughout the organization.- Lead the development and implementation of information security policies and procedures for compliance with ISO 27001, PCI DSS, SOC 2 Type 2, HITRUST, NIST, CMMC, and other regulatory standards.- Developed holistic models for assurance and compliance with the company’s Information Security and Certifications programs. - Conducted gap analysis, ISO 27001, ISO 27701, PCI DSS audits, and SOC 2 Assessments. Prepared the teams for external audits.- Administered internal and external vulnerability assessment, ASV, and penetration testing of the production environment, with the associated remediation efforts. - Supported the business continuity, and disaster management programs to ensure the resilience and continuity of critical business operations.- Drove the implementation of Afiniti's comprehensive information security and privacy awareness & training program to promote a culture of security.- Maintain the Cyber Security Event Response Procedure (CSERP) to proactively detect and respond to security events systematically.- Oversight and governance of the internal client assurance audit program using control self-assessment principles.- Interact directly with clients to support and meet their information security requirements. Show less

Avp Infosec & Compliance

Managing and administering information security and compliance practices in Systems Limited and Visionet Systems Inc. globally. Working with the global team to ensure successful information security practices implementation. Performing internal compliance functions on ISO 27001, PCI DSS, SSAE 16, and Information Security Guidelines.Responsibilities:• Leading with the implementation of information security policies and procedures for compliance with ISO 27001 security standards, PCI DSS… Show more Managing and administering information security and compliance practices in Systems Limited and Visionet Systems Inc. globally. Working with the global team to ensure successful information security practices implementation. Performing internal compliance functions on ISO 27001, PCI DSS, SSAE 16, and Information Security Guidelines.Responsibilities:• Leading with the implementation of information security policies and procedures for compliance with ISO 27001 security standards, PCI DSS Standards, and other regulatory standards and guidelines• Conducted internal SSAE 16, ISO 27001, and PCI DSS audit • Working in the development of a holistic approach to all compliance standards such as ISO 27001, PCI DSS, SSAE 16, and ISO 9001 & CMMi.• Ensure compliance with service industry standard of SSAE 16 (aka SAS 70)• Performing with vulnerability assessment and management of the internal company environment • Govern risk management program• Performed risk assessments of OT and industrial control systems, identifying vulnerabilities in ICS protocols, hardware, networking and applications. Aligned assessment methodologies to IEC 62443 and NIST SP 800-82 standards.• Oversee the company’s security awareness training program• Work with clients on projects ranging from risk analysis/management, vulnerability management, security policy documentation, ISMS & BCMS Consultancy, etc.• Experienced with software licensing & provisioning mechanisms. Show less

Feb 2015 - Jun 2017

Information Security Specialist

Implementation and overlooking of information security practices in TRG/ IBEX globally. Work closely with the global team to ensure the effectiveness of TRG/ IBEX Global’s information security program. Performing training on ISO 27001, PCI DSS, and Information Security Guidelines.Responsibilities:• Leading with the implementation of information security policies and procedures for compliance with ISO 27001 security standards, PCI DSS Standards, and other regulatory standards and… Show more Implementation and overlooking of information security practices in TRG/ IBEX globally. Work closely with the global team to ensure the effectiveness of TRG/ IBEX Global’s information security program. Performing training on ISO 27001, PCI DSS, and Information Security Guidelines.Responsibilities:• Leading with the implementation of information security policies and procedures for compliance with ISO 27001 security standards, PCI DSS Standards, and other regulatory standards and guidelines• Conducted internal PCI DSS and ISO 27001 audit for all TRG global sites which involves frequent travels to the USA, Philippines, and other global sites. • Worked in the development of PCI Compliant applications.• Initiation of service industry standard of SSAE 16 (aka SAS 70) and US Safe Harbor laws• Performing with vulnerability management of the company environment • Participate in risk analysis and management, also maintain a risk metrics program• Enforcing company policies and reporting to management when necessary for corrective action to be taken• Participate in the company’s security awareness training program• Review and analyze audit logs from systems, network devices, anti-malware, applications, and IDS\IPS systems, and report findings to management. Report on levels of risk from the findings.• Work with clients of TRG on various projects ranging from risk analysis/management, vulnerability management, security policy documentation, etc.• Experienced with software licensing mechanisms. Key contributions:• Helped TRG/ IBEX Global successfully certify with PCI Certification• Worked with PCI QSA on compliance with the TRG/ IBEX Global PCI Certification in US & PHI sites• Worked with PCI QSA Penetration Testing teams for PCI DSS Compliance requirements• Implementation and compliance of HIPAA/ HITECH Show less

Jul 2012 - Feb 2015

It Security & Compliance Manager (Project Manager- Pci Dss)

Mcb House

Implementing information security strategy and addressing compliance with regulatory bodies, PCI-DSS, ISO 27001, BASEL II EFT guidelines, SBP (Central Bank of Pakistan) information security policies , standards and guidelines implementation, internal and external audit findings analysis and remediation.Responsibilities: • Monitoring compliance with the organization’s information security policies, procedures, standards and guidelines among employees, contractors, alliances, and other… Show more Implementing information security strategy and addressing compliance with regulatory bodies, PCI-DSS, ISO 27001, BASEL II EFT guidelines, SBP (Central Bank of Pakistan) information security policies , standards and guidelines implementation, internal and external audit findings analysis and remediation.Responsibilities: • Monitoring compliance with the organization’s information security policies, procedures, standards and guidelines among employees, contractors, alliances, and other third parties to refer and escalate the non- conformances to appropriate management.• Providing written reports on all issues regarding non-compliance to information security policies and procedures.• Providing expert security involvement in the lifecycle of business and infrastructure projects including architecture reviews, application design, penetration testing and vulnerability scanning.• Assisting in maintaining frameworks for security risk management, disaster recovery and business continuity.• Execution of information security risk assessments and C.S.A (control self-assessment) as an internal assessor for information security processes.• Managing bank wide third party IT Security Audits/Assessments with Big Four audit firms. Show less

Mar 2010 - Jul 2012

Senior Information Security & Compliance Engineer

Major Role in definition, documentation, implementation, training of policies & procedure and requirements for the security standard. Actively working to establish organization-wide security standards (Payment Card Industry, ISO 27001, SAS No.70). Responsibilities:• Developing a comprehensive security program to establish Information Security • Assist in IT Security Strategy development and implementation• Formulation and implementation of information security policies… Show more Major Role in definition, documentation, implementation, training of policies & procedure and requirements for the security standard. Actively working to establish organization-wide security standards (Payment Card Industry, ISO 27001, SAS No.70). Responsibilities:• Developing a comprehensive security program to establish Information Security • Assist in IT Security Strategy development and implementation• Formulation and implementation of information security policies, standards, procedures, and guidelines• Actively working on implementation and roll out of enterprise wide vulnerability management, Antivirus, Antispyware• Evaluate the IT security risk that the organization is exposed to and develops strategies based on OCTAVE to minimize the risk• Plan and perform information systems audits, network security and physical security audits.• Perform technical security assessment of core applications• Facilitate in code security reviews, application and network vulnerability scans and penetration tests• Actively involved with network and application controls, security incident management• Liaison with internal & external auditors, Qualified Security Assessor and Approved Scanning Vendor• Assist in planning information security awareness program by utilizing different awareness channels such as portal, trainings, workshops, emails, etc.• Coordinate with vendors for product updates and new product evaluation for system updates and future expansion plans• Member of the InfoSec Process Group (ISPG)Key contributions:• Primary team member in implementation of ISO 27001 certification for 3 years• Key player in implementation and compliance of PCI DSS for 4 years• SAS 70 Type 1 Certifications • Team lead for Disaster Recovery and Business Continuity Planning & its testing Show less

Jul 2008 - Mar 2010

Software Quality Engineer

Innovative Pvt Ltd - I2C Inc Software

Played major part in CMMI (Capability Maturity Model Integrated (CMMI) v 1.2 Level 2) based process definition, documentation, implementation, training and institutionalization of processesResponsibilities:• Performed process Internal Auditing, monitoring of software processes and work products• Have performed software quality control and testing activities• Implementation assistance and training of US Policy & Regulations such as Anti Money Laundering (AML) activity… Show more Played major part in CMMI (Capability Maturity Model Integrated (CMMI) v 1.2 Level 2) based process definition, documentation, implementation, training and institutionalization of processesResponsibilities:• Performed process Internal Auditing, monitoring of software processes and work products• Have performed software quality control and testing activities• Implementation assistance and training of US Policy & Regulations such as Anti Money Laundering (AML) activity, Regulation-P based on the Gramm-Leach-Bliley Act 1999 and Regulation-E based on the Electronic Funds Transfer• Member of Software Engineering Process Group (SEPG)Key contributions:• Acted as the On-site Coordinator for the SCAMPI class A appraisal and as appraisal team member(ATM) in SCAMPI class B & C appraisals• Automation of Business Processes using JBPM (JBoss Business Process Management)• Initiative taken with the HR Team in Documentation and implementation of Level 2 Process Area People Capability Maturity Model for Level 2 Process Area Show less

May 2006 - Jul 2008
Team & coworkers

Colleagues at Lidl GB

Other employees you can reach at afiniti.com. View company contacts for 1403 employees →

7 education records

Muhammad Emal Khan education

Masters Business Administration, Management Information Systems

Virtual University, Pakistan

Intermediate, Pre-Engineering

Governement College

O Level, Igcse

Our Own English High School, Sharjah, Uae

Ibm Guardium Technical Enablement

Ibm Training

Iso 27001 Lead Auditor

Ukas
FAQ

Frequently asked questions about Muhammad Emal Khan

Quick answers generated from the profile data available on this page.

What company does Muhammad Emal Khan work for?

Muhammad Emal Khan works for Lidl GB.

What is Muhammad Emal Khan's role at Lidl GB?

Muhammad Emal Khan is listed as Senior Information Security Consultant at Lidl GB.

Where is Muhammad Emal Khan based?

Muhammad Emal Khan is based in United Kingdom while working with Lidl GB.

What companies has Muhammad Emal Khan worked for?

Muhammad Emal Khan has worked for Lidl Gb, Afiniti, Systems Limited, Ibex | Global, and Mcb Bank Limited.

Who are Muhammad Emal Khan's colleagues at Lidl GB?

Muhammad Emal Khan's colleagues at Lidl GB include Shahrukh Akbar, Muhammad Danial, Saeed Nawaz, Muhammad Kamran Shahzad -Cdcp, and Tehreem Jamshed.

How can I contact Muhammad Emal Khan?

You can use AeroLeads to view verified contact signals for Muhammad Emal Khan at Lidl GB, including work email, phone, and LinkedIn data when available.

What schools did Muhammad Emal Khan attend?

Muhammad Emal Khan holds Masters Business Administration, Management Information Systems from Virtual University, Pakistan.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.