Tauseef Aslam

CISO for UBL Pakstan, UAE, Qatar & Bahrain

It was a Security Leadership (Virtual CISO / vCISO) role reporting to Group CISO of Telenor.
1- Security Leadership role for Emerging Asian Business units of Telenor and core member of Telenor Group Security management team.
2- Ensured effective collaboration among security functions of business units to achieve group driven KPI’s.

(It’s a CISO Role for Telenor Pakistan, COO minus one).
1. Entire portfolio of information security.
2. Governance of physical security and service frauds

1. Manage communication for the chapter affairs with internal / external stakeholders and the CSA Global.
2. An outstanding member of event management team to organize the chapter events.
3. A subject matter expert for cloud security affairs from CSA Pakistan chapter platform.

(It’s a leadership role with a breadth of expertise in security Governance, Security reviews, Risks and security transformation projects. In this role, I have worked with Telenor as Telco & bank. Refer Appendix-A for projects on Risk, Audit and security transformations.
---> Security compliance Manager (Pentest, Reviews & Audits)
1. Security risk assessment, Audits & reviews of Enterprise and Business partner’s information system during development, acquisition and operations stages.
2. To provide security assurance by conducting risk based IT Audits, reviews and VAPT and applicable security standards.
---> GRC Manager
3. Security risk assessments to identify major risks in projects follow through and facilitate mitigations.
4. Keep management aware of major risk and audit/reviews findings.
5. IS awareness across Telenor Pakistan 3rd party eco system to fortify the overall security posture.
6. Worked on People, process and products to achieve secure operating model and continually evolve security posture.
7. Developed and enforced a vendor security framework to effectively manage security around 3rd party eco system of TP, conduct regular vendor reviews and track risk against vendors.
8. Worked to translate group security strategy in local strategy and conduct technology review against approved strategy.
---> Telenor Asia Security Lead
9. Working as central security lead for all Asian Business Units of Telenor, a core network transformation using private cloud on open stack to ensure defendable security architecture.
10. Leading IT DA project security stream for Asia BU’s in Risk assessment and periodic security reviews of deliverables.
---> Security Architecture Management
11. Worked as Security lead architect to uplift Enterprise IT transformation project to defendable architecture state based on zero trust model, from technology stand point this involve latest IT & security solution from Cisco, F5, HP, MS and VMware etc. This project heavily involved risk assessments, design/Implementation reviews and periodic operational audits.
12. Successfully contributed risk based security control design of multiple technology solutions and business projects.

Assistant Manager, IS/IT http://www.aedesign.com.pk/
(A people manager role, Started as Information security consultant in Dec 2010 and got promotion after 1 year as head of IT & IS).

1. Leading the IT & Information security role and to ensure secure yet smooth continuity of business operation for AEDesign and sister concerns.
o Driven the ISMS ISO 27001 certification project from scratch till Certificate issuance.
o Developed and maintained the Information Security policy in light of ISO 27001 and ensured continued compliance.
o Building IS awareness in a legacy environment to improve overall security posture.
o Conducted security assessments and incorporated risk based approach in transforming IT infrastructure & processes to improve overall security stance of organization.
o Deployment of DLP solution to proactively deter data leakage attempts.

2. Oversee and manage the IT infrastructure to ensure continued availability of IT services.
o Supervised infrastructure up-gradation/optimization to improve CIA.
o Supervised IT services operations, Capacity planning, IT room management and vendor management.

3. Successfully established & supervise the IT service desk to manage the IT incident response with customer oriented approach.
o Minimized IT downtime (below 0.5% including time required to work on users IT services requests) with continuous improvement approach to achieve agreed SLA.
o Established a knowledge management process to avoid rework for already faced problems.
o Removed personal dependencies by successfully delivering an employee’s training program to cross train my team.
o Worked on ITIL to improve IT services.

Assistant Manager, IT/IS

A people manager role, started as System Admin, later lead IT infrastructure & virtualization team and finally represented the IS function).
Acted as subject matter expert for Information Security policy and oversee its development and maintenance.

• Management and deployment of enterprise network at different office locations.
• Responsible for maintaining different servers on windows/Linux required by enterprise.
• Change management of configuration and upgrades in compliance with ISO 9001.

• Automation of Livestock and Dairy Dept, Government of Punjab.
• Negotiate software requirements with all required security requirements for its different parts.