Europe · Australasia · MENA

MaxAlhourani

Chief Information Security Officer
AI Governance · Data Protection · Cyber Resilience

Master of Information Technology
Cybersecurity · Merit

A technical CISO, securing and governing AI for regulated European markets.

01 · Profile

Chief Information Security Officer with 18+ years building and leading security programs, setting strategy, owning risk and governance, and aligning security with the business. Now focused on securing and governing AI in regulated European markets, from EU AI Act and GDPR readiness to cross border data protection, ISO 27001 and ISO 42001, with real engineering never far from hand.

02 · Expertise

AI Governance & EU AI Act

Risk classification, controls for high risk systems, human oversight, ISO 42001.

Data Protection & Privacy

GDPR · DPIAs · cross border transfers (SCCs) · automated decision safeguards.

Security Strategy & Leadership

Building the security program, roadmap, budget ownership, board & executive reporting.

Risk, Compliance & Frameworks

ISO 27001 · SOC 2 · NIST CSF · third party & vendor risk.

Incident Response & Resilience

IR leadership, post incident review, BCP/DR, tabletop exercises.

Security Automation & Engineering

Python · Bash · Terraform · SIEM/SOAR · cloud (AWS · Azure · Cloudflare).

03 · Experience
Military Experience
  • Led incident response in high pressure, mission critical operational environments.
  • Established and streamlined ITIL based processes, raising operational efficiency and compliance.
Enterprise Experience
  • Built and led security operations and automation programs, setting detection strategy that cut false positives 42% and improved response time 28%.
  • Embedded security into CI/CD and cloud infrastructure (DevSecOps) with Ansible and Terraform, hardening environments by design.
  • Owned SOC 2 and ISO 27001 audit readiness, automating evidence collection and shortening audit cycles 20%+.
  • Established post incident review and governance, reducing repeat incidents ~30% across critical infrastructure.
  • Directed vulnerability management and red team assessments, prioritising remediation by business risk.
  • Advised executives and stakeholders across energy, transport and public sector on security strategy and compliance.
  • Published open source security tooling and led cybersecurity awareness and training programmes.
04 · Education
Master of Information Technology · Cybersecurity Merit Whitecliffe Technology & Innovation
05 · Certifications & Training
Certified Ethical HackerCourse completed
AI Red TeamingIn progress
06 · Mentoring

Developing security talent and the next generation of practitioners, from the fundamentals through hands on offensive security.

100+
person cohort organised together with a mentee through Cisco Networking Academy · Introduction to Cybersecurity. Currently guiding mentees through the AI Red Teamer path.
07 · Research

Paper under peer review · IEEE 2026. Ongoing research in secure infrastructure and security automation.

08 · Contact

Looking for a security leader, an advisor, or a conversation? Send a note.