Information Services and Digital Transformation Manager
ACET Solutions LLP
Total years of experience :20 years, 3 Months
- As the person responsible for information technology and cybersecurity, I ensure that all policies, procedures, processes, tools, and systems related to information security are appropriate and in place.
- I continuously monitor and ensure compliance with cybersecurity policies and lead the implementation of ISO/IEC-27002 and auditing through ISO/IEC-27001. Additionally, I implement tools and systems to support other departments and functions in defining, documenting, enhancing, and optimizing business processes. I ensure compliance with these processes through monitoring and reporting.
- Oversee, evaluate and establish goals for every technology initiative, operations and information systems.
- Devise and establish information systems policies and systems to support the implementation of strategies set by the Board of Directors.
- Analyze the business requirements of all departments to determine their technology needs
- Purchase efficient and cost effective technological equipment and software
- Inspect the use of technological equipment and software to ensure functionality and efficiency
- Identify the need for upgrades, configurations or new systems and report to upper management
- Coordinate with managers and supervise computer scientists, technicians and other professionals to provide guidance
- Control budget and report on expenditure
- Building relationships with vendors and creating cost-efficient contracts
Automation of health facilities to HIMS (Hospital Information Management System)
- Vulnerabilities and Security Analysis of over 150 health projects
- Liaison with application developers to mitigate existing and latest security threats
- Developed and Implementing Information Security Policy
- Appropriate SOPs enforced, based on ISO 27001 guidelines and ISO 27002 security controls.
- Developing initiatives for onsite team’s Personal Growth opportunities through job rotation and hands-on trainings
- Maintaining organization's effectiveness and efficiency by defining, delivering, and supporting strategic plans for implementing information technologies
- Verifying application results by conducting IS audits of implemented technologies
- Preserving assets by implementing disaster recovery and back-up procedures and information security and control structures
- Maintaining professional and technical knowledge by attending educational workshops, reviewing professional publications, establishing personal networks, benchmarking, International best practices,
- Contributing to team effort by accomplishing related results as needed
- Creating, reviewing, revising, and, where appropriate, proposing new policies and procedures to ensure ISO 27001:2013 and SBP compliance with applicable laws and regulations
- Working with IT leaders / staff to develop new or updated ISMS policies
- Managing feedback and plans from audits for Information Technology Group
- Identifying major risk factors for IT leadership and developing and coordinating the implementation of strategies to reduce/remediation process, operational, regulatory and compliance risks under ISMS standards
- Providing support and oversight to Bank’s various IT audit projects and testing initiatives, including audits of its internal controls
- Ensuring that the appropriate ISO 27001:2013 and Industry Standard controls are considered throughout new system implementation projects and reviewing documentation for new IT processes that impact compliance, as required
- Working with internal and external audit, and the IT Lead Team to formulate, develop and review audit response
Advanced Malware Protection) Web Security, Email Security and
Central Management System at Ufone PTML Islamabad.
- Diagnosed latest network threats from Proxy servers e.g. Ultrasurf, etc
- Sized the environment and recommended for Proof of Concept (POC)
- Successful deployment and conducted Knowledge transfer session
Vital Contributions:
- Windows/Linux administration, network operating center (NOC) administration,
LAN/Wireless administration, VMware administration, and intrusion detection and
prevention (IDP) monitoring.
- Apache web servers, MS Active Directory/DNS, Wireless Management
Provided Network / Linux services to Head Office, Regional Offices and Remote
Construction sites.
- Fine-tuned Microsoft Windows Server 2003 and Exchange 2003. Installed and
Migrated DHCP and DNS servers from MS Windows servers to CentOS Linux
- Upgraded 3 branches (Junior, Senior Boys, and Senior Girls) with 4 Computer Labs.
- I was responsible for administration of Computer Labs (300+ Computers).
- Teachers Counseling about IT, Internet, Open Source, Emerging Technologies, etc.
- Deployed Microsoft Windows 2000 Advanced Server and Red Hat Linux 7.3 servers in 2 different premises as Head Office with 500 Clients,
- Designed and Deployed network and servers in 2 Regional Offices with 200 Clients and more than 100 Franchise School Labs.
- Teachers training about IT, Internet, Open Source, Emerging Technologies, etc.
.