Total des années d'expérience: 20 Années, 0 Mois
mai 2022
A À présent
CISO
à United Bank Limited
Lieu :
Pakistan - Karachi
CISO for UBL Pakstan, UAE, Qatar & Bahrain
juin 2020
A mai 2022
Cluster Business Security Officer (CISO)
à Telenor Asia
Lieu :
Pakistan - Islamabad
It was a Security Leadership (Virtual CISO / vCISO) role reporting to Group CISO of Telenor.
1- Security Leadership role for Emerging Asian Business units of Telenor and core member of Telenor Group Security management team.
2- Ensured effective collaboration among security functions of business units to achieve group driven KPI’s.
1- Security Leadership role for Emerging Asian Business units of Telenor and core member of Telenor Group Security management team.
2- Ensured effective collaboration among security functions of business units to achieve group driven KPI’s.
mars 2019
A mai 2022
Business Security Officer (CISO)
à Telenor Group
Lieu :
Pakistan - Islamabad
(It’s a CISO Role for Telenor Pakistan, COO minus one).
1. Entire portfolio of information security.
2. Governance of physical security and service frauds
1. Entire portfolio of information security.
2. Governance of physical security and service frauds
janvier 2016
A janvier 2022
General Secretary
à Cloud Security Alliance, Pakistan Chapter
Lieu :
Pakistan - Islamabad
1. Manage communication for the chapter affairs with internal / external stakeholders and the CSA Global.
2. An outstanding member of event management team to organize the chapter events.
3. A subject matter expert for cloud security affairs from CSA Pakistan chapter platform.
2. An outstanding member of event management team to organize the chapter events.
3. A subject matter expert for cloud security affairs from CSA Pakistan chapter platform.
mars 2013
A mars 2019
Advisor GRC and Security Architecture & Solutions
à Telenor Group.
Lieu :
Pakistan - Islamabad
(It’s a leadership role with a breadth of expertise in security Governance, Security reviews, Risks and security transformation projects. In this role, I have worked with Telenor as Telco & bank. Refer Appendix-A for projects on Risk, Audit and security transformations.
---> Security compliance Manager (Pentest, Reviews & Audits)
1. Security risk assessment, Audits & reviews of Enterprise and Business partner’s information system during development, acquisition and operations stages.
2. To provide security assurance by conducting risk based IT Audits, reviews and VAPT and applicable security standards.
---> GRC Manager
3. Security risk assessments to identify major risks in projects follow through and facilitate mitigations.
4. Keep management aware of major risk and audit/reviews findings.
5. IS awareness across Telenor Pakistan 3rd party eco system to fortify the overall security posture.
6. Worked on People, process and products to achieve secure operating model and continually evolve security posture.
7. Developed and enforced a vendor security framework to effectively manage security around 3rd party eco system of TP, conduct regular vendor reviews and track risk against vendors.
8. Worked to translate group security strategy in local strategy and conduct technology review against approved strategy.
---> Telenor Asia Security Lead
9. Working as central security lead for all Asian Business Units of Telenor, a core network transformation using private cloud on open stack to ensure defendable security architecture.
10. Leading IT DA project security stream for Asia BU’s in Risk assessment and periodic security reviews of deliverables.
---> Security Architecture Management
11. Worked as Security lead architect to uplift Enterprise IT transformation project to defendable architecture state based on zero trust model, from technology stand point this involve latest IT & security solution from Cisco, F5, HP, MS and VMware etc. This project heavily involved risk assessments, design/Implementation reviews and periodic operational audits.
12. Successfully contributed risk based security control design of multiple technology solutions and business projects.
---> Security compliance Manager (Pentest, Reviews & Audits)
1. Security risk assessment, Audits & reviews of Enterprise and Business partner’s information system during development, acquisition and operations stages.
2. To provide security assurance by conducting risk based IT Audits, reviews and VAPT and applicable security standards.
---> GRC Manager
3. Security risk assessments to identify major risks in projects follow through and facilitate mitigations.
4. Keep management aware of major risk and audit/reviews findings.
5. IS awareness across Telenor Pakistan 3rd party eco system to fortify the overall security posture.
6. Worked on People, process and products to achieve secure operating model and continually evolve security posture.
7. Developed and enforced a vendor security framework to effectively manage security around 3rd party eco system of TP, conduct regular vendor reviews and track risk against vendors.
8. Worked to translate group security strategy in local strategy and conduct technology review against approved strategy.
---> Telenor Asia Security Lead
9. Working as central security lead for all Asian Business Units of Telenor, a core network transformation using private cloud on open stack to ensure defendable security architecture.
10. Leading IT DA project security stream for Asia BU’s in Risk assessment and periodic security reviews of deliverables.
---> Security Architecture Management
11. Worked as Security lead architect to uplift Enterprise IT transformation project to defendable architecture state based on zero trust model, from technology stand point this involve latest IT & security solution from Cisco, F5, HP, MS and VMware etc. This project heavily involved risk assessments, design/Implementation reviews and periodic operational audits.
12. Successfully contributed risk based security control design of multiple technology solutions and business projects.
décembre 2010
A mars 2013
Head of Information Security/IT (as Assistant Manager)
à ZED Group - AEDesign Pvt. ltd. (& a fore star hotel, ZED energy)
Lieu :
Pakistan - Lahore
Assistant Manager, IS/IT http://www.aedesign.com.pk/
(A people manager role, Started as Information security consultant in Dec 2010 and got promotion after 1 year as head of IT & IS).
1. Leading the IT & Information security role and to ensure secure yet smooth continuity of business operation for AEDesign and sister concerns.
o Driven the ISMS ISO 27001 certification project from scratch till Certificate issuance.
o Developed and maintained the Information Security policy in light of ISO 27001 and ensured continued compliance.
o Building IS awareness in a legacy environment to improve overall security posture.
o Conducted security assessments and incorporated risk based approach in transforming IT infrastructure & processes to improve overall security stance of organization.
o Deployment of DLP solution to proactively deter data leakage attempts.
2. Oversee and manage the IT infrastructure to ensure continued availability of IT services.
o Supervised infrastructure up-gradation/optimization to improve CIA.
o Supervised IT services operations, Capacity planning, IT room management and vendor management.
3. Successfully established & supervise the IT service desk to manage the IT incident response with customer oriented approach.
o Minimized IT downtime (below 0.5% including time required to work on users IT services requests) with continuous improvement approach to achieve agreed SLA.
o Established a knowledge management process to avoid rework for already faced problems.
o Removed personal dependencies by successfully delivering an employee’s training program to cross train my team.
o Worked on ITIL to improve IT services.
(A people manager role, Started as Information security consultant in Dec 2010 and got promotion after 1 year as head of IT & IS).
1. Leading the IT & Information security role and to ensure secure yet smooth continuity of business operation for AEDesign and sister concerns.
o Driven the ISMS ISO 27001 certification project from scratch till Certificate issuance.
o Developed and maintained the Information Security policy in light of ISO 27001 and ensured continued compliance.
o Building IS awareness in a legacy environment to improve overall security posture.
o Conducted security assessments and incorporated risk based approach in transforming IT infrastructure & processes to improve overall security stance of organization.
o Deployment of DLP solution to proactively deter data leakage attempts.
2. Oversee and manage the IT infrastructure to ensure continued availability of IT services.
o Supervised infrastructure up-gradation/optimization to improve CIA.
o Supervised IT services operations, Capacity planning, IT room management and vendor management.
3. Successfully established & supervise the IT service desk to manage the IT incident response with customer oriented approach.
o Minimized IT downtime (below 0.5% including time required to work on users IT services requests) with continuous improvement approach to achieve agreed SLA.
o Established a knowledge management process to avoid rework for already faced problems.
o Removed personal dependencies by successfully delivering an employee’s training program to cross train my team.
o Worked on ITIL to improve IT services.
janvier 2006
A décembre 2010
Assistant Manager IT
à Confidential
Lieu :
Pakistan - Islamabad
Assistant Manager, IT/IS
A people manager role, started as System Admin, later lead IT infrastructure & virtualization team and finally represented the IS function).
Acted as subject matter expert for Information Security policy and oversee its development and maintenance.
A people manager role, started as System Admin, later lead IT infrastructure & virtualization team and finally represented the IS function).
Acted as subject matter expert for Information Security policy and oversee its development and maintenance.
avril 2004
A septembre 2005
Assistant Network Administrator
à World Call ( An Omman Telecom Company )
Lieu :
Pakistan - Lahore
• Management and deployment of enterprise network at different office locations.
• Responsible for maintaining different servers on windows/Linux required by enterprise.
• Change management of configuration and upgrades in compliance with ISO 9001.
• Responsible for maintaining different servers on windows/Linux required by enterprise.
• Change management of configuration and upgrades in compliance with ISO 9001.
janvier 2004
A avril 2004
Liason Officer (Internship)
à Livestock & Dairy Development
Lieu :
Pakistan - Lahore
• Automation of Livestock and Dairy Dept, Government of Punjab.
• Negotiate software requirements with all required security requirements for its different parts.
• Negotiate software requirements with all required security requirements for its different parts.
Partager sur Facebook
Partager sur Twitter
Partager via Email