A Flagship PCI DSS Training Program, Led by Qualified Assessors, jointly organised by Risk Associates and National Institute of Banking & Finance – NIBAF Pakistan.
PCI DSS v4.0 is the global benchmark for securing today’s payment environments. As regulatory demands and security risks intensify, organisations must ensure their teams are well-prepared to align with compliance requirements effectively & sustainably.
How to Register
Send your nominations to: registration@nibaf.gov.pk
Fee: PKR 30,000+taxes
Advance fees must be submitted via Pay Order in favour of: NIBAF, Pakistan
Payment Term
- SBP-regulated banks and financial institutions will be invoiced post-training under a 30-day credit policy.
- All other participants are required to make advance payment.
Trainers Profile
- Kashif Hassan – Engagement Lead | PCI QSA, QPA, SSA
Kashif Hassan brings over a decade of experience in cybersecurity, governance, and compliance, with a unique foundation in software development. Starting his career in the financial sector, he specialised in mobile banking, digital transformation, and regulatory compliance before transitioning into a full-time information security leadership role.
As a PCI Qualified Security Assessor (QSA) and a PCI SSC-certified assessor across multiple domains — including PIN (QPA), 3DS (3DS QSA), and Secure Software (SSA) — Kashif has conducted PCI DSS assessments for over 10 banks annually, guiding both technical and business teams through successful compliance journeys.
Kashif leads end-to-end GRC projects aligned to PCI DSS, ISO 27001, NIST, and COBIT frameworks, with a focus on practical implementation, control assurance, and continuous improvement. He is also passionate about capability building, regularly mentoring cybersecurity teams and promoting best practices across regions.
- Zahidur Rahman – PCI Lead | PCI QSA, CISSP, ISO/IEC 27001 LA
Zahidur Rahman is a seasoned IT and cybersecurity professional with over 17 years of experience spanning Information Security, Infrastructure, and Network Operations. He has delivered complex implementations across banks, multinational corporations, ISPs, and NSPs, bringing a deep understanding of regulatory requirements, enterprise security, and operational resilience.
As a PCI Qualified Security Assessor (QSA) and a Certified Information Systems Security Professional (CISSP), Zahidur has successfully led PCI DSS and ISO 27001 implementations across high-stakes environments, including Tier-1 banks and technology companies in the APAC and MENA regions.
His technical expertise is backed by real-world execution — from implementing Security Operations Centres (SOC) using IBM QRadar to deploying Privileged Access Management (PAM) tools like CyberArk and leading antivirus migration projects across multiple countries. Zahidur Rahman currently serves as PCI Lead at Risk Associates, guiding clients through PCI DSS v4.0 readiness, scoping, and control implementation.
