Khalid Chaudhry
Birmingham
Summary
Accomplished security operations professional with expertise in designing and managing SIEM platforms, incident response, and alert tuning. Proficient in infrastructure and network security, including IDS/IPS deployment and hardening hybrid/cloud environments. Demonstrates strong governance and compliance skills with ISO 27001 & ISO 42001, GDPR, and AI management systems. Technical proficiency spans Linux systems, Python/Bash scripting, digital forensics tools, and cloud security measures. Adept at risk management through threat modelling and vulnerability assessments. Career goals include advancing security architecture strategies to enhance organisational resilience against emerging threats.
Overview
4
4
years of professional experience
Work history
Cyber Security Engineer
West Midlands Trains
2024.05 - 2026.04
- Security Integration: Lead the integration of security controls across train fleets and backend systems, embedding cybersecurity into the full system lifecycle.
- Infrastructure Defense: Designed and implemented SIEM, IDS, and IPS capabilities to provide real-time visibility across operational and IT environments.
- AI Governance & Audit: Apply practitioner-level ISO/IEC 42001 knowledge to assess AI-adjacent systems, data flows, and automated decision processes during internal and external audits.
- Strategy & Policy: Developed rail-specific cybersecurity standards and act as the primary security authority for engineering and IT teams.
- Developed cybersecurity policies that significantly reduced the risk of internal threats.
- Led incident response activities, including investigation of security breaches.
- Collaborated with IT team to ensure proper deployment of new software, boosting system security.
- Streamlined cybersecurity measures which resulted in smoother daily operations without compromising security integrity.
Cyber Security Consultant / SOC Lead
YTM Industries
2022.08 - 2024.05
- SOC Leadership: Led security operations for cloud and on-prem environments, performing remote monitoring, alert triage, and root cause analysis via LogRhythm.
- Posture Improvement: Enhanced organizational security through network segmentation, access control improvements, and continuous monitoring.
- Risk Advisory: Advised leadership on threat modeling and risk prioritization while supporting ISO 27001 audit readiness.
- Identified weak points in the system, enhancing overall security performance.
- Developed comprehensive cyber security strategies to enhance digital safety.
- Contributed towards regulatory compliance by assisting in GDPR-related procedures.
- Assisted in devising business continuity plans, ensuring resilience against potential cyber incidents.
- Delivered concise reports detailing findings from routine vulnerability scans.
- Reduced chances of data breaches by regularly auditing information systems for vulnerabilities.
- Conducted risk assessments for identifying potential vulnerabilities.
Education
BSc (Hons) - Cyber Security
Birmingham City University
Birmingham, UK 05.2022
Skills
- Security Operations (SOC): Designing and managing SIEM platforms (LogRhythm), incident response, and alert tuning
- Infrastructure & Network Security: IDS/IPS deployment, network segmentation, and hardening hybrid/cloud (AWS) environments
- Governance & Compliance: ISO 27001, GDPR, and ISO/IEC 42001 (AI Management Systems) at a practitioner level
- Technical Proficiency: Linux (Ubuntu/Kali), Python/Bash scripting, and digital forensics (FTK Imager, EnCase)
- Risk Management: Threat modeling, vulnerability assessments, and AI-related risk assessment
- SIEM/SOC: LogRhythm, Wireshark
- Cloud: AWS IAM, Security Groups, Shared Responsibility Models
- Operating Systems: Ubuntu, Kali Linux
- Security Tools: Metasploit, FTK Imager, EnCase
- Automation: Python, Bash
- Incident response management
- Vulnerability assessment
- Security architecture familiarity
- IoT security measures
- Information assurance competence
- Cyber threat intelligence
- Operating systems expertise
- Compliance regulations knowledge
- Incident response coordination
- GDPR compliances
- Threat mitigation
Key Projects & Impact
Railway Operational Security: Bridged legacy operational technology (OT) with modern monitoring by deploying IDS/IPS into live safety-critical environments., Smart Device Research: Identified real-world vulnerabilities in IoT devices and mapped findings to UK regulatory frameworks., Hybrid Hardening: Redesigned hybrid architectures to improve resilience and incident response capabilities.
References
References available upon request.
Personal Attributes
- Communication: Strong ability to translate technical security risks into actionable language for management.
- Mindset: Engineering-first approach; calm and focused under pressure in regulated environments.
Timeline
Cyber Security Engineer
West Midlands Trains
2024.05 - 2026.04
Cyber Security Consultant / SOC Lead
YTM Industries
2022.08 - 2024.05
BSc (Hons) - Cyber Security
Birmingham City University