Leonid Baiakhchev

CISO · Head of GRC · AI Infrastructure Builder

Executive Summary

CISO and Head of GRC with 13+ years in information security, built on 20+ years in regulated financial technology. Former dual executive as CISO for Lab49 and Global Head of Information Security GRC for ION Group (13,000+ employees). Built enterprise security and compliance programmes from scratch across global organisations. Now building autonomous AI agent systems — one of very few senior security executives in the world who can credibly claim both.


Current

AI Infrastructure Builder 2025 – Present

Designs, deploys, and operates autonomous multi-agent AI systems. Builds AI tools for GRC workflows — the same workflows previously run manually as a CISO. Runs a production AI agent fleet handling research, orchestration, code generation, knowledge management, and task coordination.

The next generation of security, governance, and compliance will be shaped by people who build with AI, not just manage it.


Security & GRC Career

CISO at Lab49 / Global Head of Information Security GRC at ION Group 2021 – 2025

Lab49 — Fintech capital markets software (~200 employees)
ION Group — Financial technology group (~13,000 employees)

Delivered enterprise-grade security and compliance across a global group under extreme resource constraints — no team, no budget, just process rigour and tooling.

Director of Security and Compliance 2019 – 2021

Luxoft — IT Services / Global Technology Services (13,000+ employees, 20+ countries)

Built a company-wide BCM programme from nothing — policy, BIA, RTO/RPO definitions, crisis simulations — covering all global offices and risk scenarios including pandemics and geopolitical events.

Head of Security and IT Infrastructure — Financial Services 2016 – 2019

Luxoft — All financial services clients globally (~5,000 employees, 20+ countries)

Head of Security and IT Infrastructure — Top-Tier Banking Account 2014 – 2016

Luxoft — Top-tier international bank (~2,000 employees)

Head of Compliance — Top-Tier Banking Account 2014

Luxoft

Primary point of contact for client compliance and security teams. Managed client audits, assessments, and compliance questionnaires.

Senior Project Manager 2012 – 2014

Luxoft — Top-tier international bank


Earlier Career

Internal Auditor 2010 – 2011

Guta Group — Conglomerate / Finance / Banking

Hired directly by the group shareholder to independently audit internal processes. Audited vendor bidding systems for fraud resistance and bank payment processes for compliance. Reported directly to the shareholder — high trust, high discretion role.

CEO 2007 – 2008

BetZet — VIP Sports Betting

Built a private, high-stakes VIP sports betting company from the ground up. ~$20 million annual turnover. ~50 active VIP clients with $5,000 minimum bet threshold. Full executive responsibility: strategy, operations, finance, product, compliance, vendor management. 99% uptime. ~20% profit margin.

Co-Founder 2008 – 2011

Mage's Tower — Board Games Club

Built and operated a board games club (Magic: The Gathering focus) across three locations. ~200 active members. Hosted competitive events with 50+ players. Managed everything: leases, operations, bar, community, finances.

Product Manager 2005 – 2007

Fair Play Club — Online Gaming / Poker

Built a full poker module from scratch for a major online gaming platform. Led 17-person cross-functional team. Grew active user base from 50 to 300.

Sportsbook Manager 2008

Top-Tier Casino — Moscow

Built and operated a sportsbook function inside a major casino. Increased monthly betting turnover from $20,000 to $400,000. Zero operational incidents.

Linemaker 2008 – 2009

BetCruise — Sports Betting Exchange

Managed 50+ active sports betting markets daily. Fewer than two late line changes per month. Used firsthand knowledge of scalping strategies to protect exchange market quality.

Poker Club Manager 2005

Bermuda Triangle — Online Poker Services

Managed online poker access service. ~100 monthly customers. ~$500,000 monthly cash turnover. Resolved account issues directly with PartyPoker support.


Skills & Competencies

Security & GRC

  • Information Security Governance, Risk & Compliance
  • CISO-level strategy and operations
  • Enterprise risk management
  • Third-Party Risk Management (TPRM)
  • Business Continuity Management (BCM)
  • Regulatory compliance: FCA, SEC, GDPR, DORA, SOX
  • Audit management (internal, external, client)
  • Incident response and crisis management

AI Infrastructure

  • Autonomous multi-agent system design
  • AI agent fleet management
  • AI-driven GRC automation
  • AI risk and governance
  • Prompt injection defence
  • Agent trust boundaries

Standards & Frameworks

Languages


Consulting Services

LinkedIn

Open to remote or global roles