Bassel Kablawi

Strategic business-minded CIO and CISO with 10+ years of leadership experience across fintech, banking, and heavily regulated environments. Proven ability to translate business needs into scalable technology solutions that drive growth, operational resilience, and digital transformation. Experienced in communicating with C-level executives, boards, and investors to shape and deliver technology roadmaps. Strong regulatory background and high experience in implementing major frameworks and standards, including but not limited to NIST CSF, ISO 27001, GDPR, PCI DSS, DORA, SOC 2,FCA, PRA, and SOX. 
Two-time Arab CISO Award Winner, endorsed by UK Tech Nation as an Exceptional Global Talent, and trusted Subject Matter Expert by ISACA.

Chief Information Officer (CIO)

Yana Banking Services, May 2024 – Aug 2025 

• Promoted to CIO to lead a cross-functional team , achieving an 80% rate of e-transactionapproval and an increase in system availability by 10%, which drove revenue growth and expanded market share.
• Cut the dependency on third-party support by 50% through upskilling internal IT staff effectively, aligning with business objectives.
• Optimised vendor and service provider performance by enforcing KPIs and applying SLA monitoring, resulting in a 15% enhancement of project delivery timeline and quality.
• Established an IT governance system based on COBIT standards, ensuring full compliance with the local regulatory requirements and improved ROI and operational efficiency.
• Collaborated with product managers to translate the business needs into technical functions, leveraging OKRs to ensure producing well-defined products aligned with the organizational strategic objectives.
• Delivered timely insights on IT strategy and operational performance to the CEO, which enabled informed executive decisions and accelerated business growth. 
   

Chief Information Security Officer (CISO)

Yana Banking Services, Apr 2021 – Aug 2025 

• Designed and executed an information strategy to protect 200+ digital assets that reduced incidents by 90%.
• Directed the successful completion of 8 audits including PCI-DSS, PCI-PIN, PCI-CPP, and ISO27001, with no major findings, resulting in regulatory compliance with the Central Bank of Iraq, Mastercard, VISA, and K2 Integrity, which played a key role in maintaining the company’s standing with the US Federal Reserve Bank.
• Developed and implemented an information security program that safeguarded confidential data for over 1 millioncardholders and secured a high volume of transactions through different e-payment channels such as ATM, POS, and e-commerce.
• Launched and delivered an awareness program reducing phishing incident response time by 75%.
• Served as a key advisor to the CEO guiding decisions on cyber risk posture and investment priorities.

Information Security and Data Privacy Consultant

OFFTEC, Jun 2021 – Feb 2022

• Advised on GDPR and data privacy best practices as part of an EU-funded project with Expertise France.
• Delivered a targeted cybersecurity awareness program for 100 employees across 10 NGOs operating in diverse industries, boosting privacy and cybersecurity awareness by 65% and mitigating data breaches by 95% resulted in safeguarding PII information.
• Developed SOPs and training materials to streamline daily operations and ensured compliance with stakeholder and investor expectations, and improved process efficiency and team performance.

Information Security Manager

National Gate for E-Payment and Financial Services, Aug 2020 – Apr 2021

• Implemented PCI-DSS controls aligned with the organizational strategy and regulatory requirements, strengtheningthe overall security posture.
• Developed and implemented an information security program that safeguarded confidential data for over 500,000cardholders.
• Facilitated communication between InfoSec, Legal, and Compliance teams resulting in improved alignment and faster decision making.
• Evaluated third-party products and services to ensure risk mitigation and compliance adherence to internal and external standards.

Expert Engineer

ScopeSky Communications LLC, Mar 2013 – Aug 2020

• Drove tech-business alignment efforts with the CTO and product managers to modernize the solutions portfolio.
• Managed service roadmap in alignment with business goals and market dynamics resulting in 20% expansion of  the service portfolio and contributing to 10% increase in revenue.
• Led implementation of security enhancements and infrastructure resilience for high-scale multi-million strategic government projects.
• Delivered high-impact capacity-building training to upskill operational staff and improve service delivery. 

Univeristy of Greenwich.

Bachelor Degree in Business Information Technology