Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Thank you. Your report has been submitted and will be reviewed shortly.
Mushtaq Ahmed, GRC Manager (Remote)

Mushtaq Ahmed

GRC Manager (Remote)·AxiPro

Pakistan

Diploma, Computer Science

Work experience

Total years of experience: 8 years, 6 months

GRC Manager (Remote)

April 2026 - Present

AxiPro

Islamabad, Pakistan Remote

April 2026 - Present

• Implement and maintain security controls aligned with SOC 2 Trust Services Criteria, ensuring
continuous compliance across the organization.
• Gather, organize, and manage audit evidence for internal and external SOC 2 assessments,
maintaining complete and accurate workpaper documentation.
• Document security processes, control procedures, and remediation plans in line with audit and
regulatory requirements.
• Configure and monitor security tools including IDS/IPS systems and vulnerability scanners; review
outputs and escalate findings.
• Participate in incident response activities — investigating security events, documenting timelines,
and coordinating remediation.
• Collaborate with engineering, IT, and operations teams to align existing workflows with SOC 2
control requirements.
• Identify control deficiencies, assess risk impact, and track remediation activities through to
closure.

Company industry:
Cyber & Network Security

Security & Compliance Auditor (Remote)

April 2025 - Present

Prescient Security USA

Islamabad, Pakistan

April 2025 - Present

I am currently engaged in performing IT audit assignments focused on ISO 27001 and SOC 2
frameworks for clients across the US and EU regions. My role includes conducting readiness
assessments, evaluating the design and operational effectiveness of IT controls, and analysing client
submitted policies and evidence to ensure compliance with control requirements. I regularly identify
gaps in documentation or implementation, communicate findings clearly to management, and
suggest actionable remediation steps. I work closely with platforms such as Vanta, Drata, and
Secureframe to manage compliance workflows and evidence tracking. Additionally, I lead client
meetings, provide weekly status updates, and proactively report any potential issues or risks to team
leads. This role has further strengthened my ability to manage audit timelines, maintain accuracy in
documentation, and align client environments with international security standards.

Company industry:
Cyber & Network Security
Job role:
Information Technology

Security & Compliance Auditor

April 2025 - April 2026

Prescient Security

East New York, United States Remote

April 2025 - April 2026

• Performed SOC 2 control testing across security, availability, and confidentiality criteria for US and
EU clients.
• Gathered and reviewed audit evidence — system reports, configurations, screenshots, and policy
documents — to support testing conclusions.
• Utilised Vanta, Drata, and Secureframe for control mapping, evidence collection, population and
sample selection, and continuous compliance monitoring.
• Supported penetration testing engagements by coordinating scope documentation, reviewing
findings, and tracking remediation.
• Drafted audit reports, management comments, compliance findings, and remediation
recommendations for client delivery.
• Led client kickoff meetings and coordinated evidence collection activities across multiple
concurrent engagements.

Company industry:
Financial Services

Information Security Auditor

February 2025 - April 2025

Angular Quantum

Islamabad, Pakistan

February 2025 - April 2025

• Conducted SOC 2 compliance audits, analysing security policies and technical evidence against
Trust Services Criteria.
• Documented process walkthroughs, identified control gaps, and communicated findings to
engagement leads.

Company industry:
Cyber & Network Security
Job role:
Information Technology

Information Security Officer

February 2019 - April 2025

Max Technology

Islamabad, Pakistan

February 2019 - April 2025

• Implemented ISO 27001 ISMS from the ground up, achieving certification within 12 months and
establishing a repeatable security management framework.
• Configured and maintained network security systems including Fortinet firewalls, Cisco
infrastructure, VPN, and IDS/IPS — monitoring alerts and responding to incidents.
• Conducted periodic risk assessments, managed internal audit cycles, and tracked remediation of
identified vulnerabilities.
• Designed and enforced security policies and procedures aligned with ISO 27001 and applicable
regulatory requirements.
• Led organization-wide security awareness training — delivered 20+ sessions, achieving a 40%
improvement in policy compliance.
• Managed vendor security assessments and maintained continuous compliance monitoring across
business systems.
• Reduced organizational information security risk exposure by 30% through structured risk
assessment and mitigation programmes.

Company industry:
IT Services

Information Security Officer

February 2019 - February 2025

Max Technology Islamabad

Islamabad, Pakistan

February 2019 - February 2025

• Policy Development: Designed, documented, and updated comprehensive security policies,
procedures, and guidelines in line with ISO 27001 requirements.
• Risk Assessment: Conducted regular risk assessments to identify vulnerabilities, assess
impact, and implement mitigation strategies.
• Audit Management: Facilitated internal audits and prepared for external certification audits,
addressing non-conformities effectively.
• Incident Response: Developed and executed incident response plans, ensuring rapid
resolution and minimizing operational disruptions.
• Security Awareness: Conducted regular training sessions and awareness programs to instill a
culture of security among employees.
• Vendor Security Management: Ensured third-party vendors adhered to organizational
security policies through assessments and monitoring.
• Compliance Monitoring: Established a continuous monitoring process to track compliance
with ISO 27001 standards and other applicable regulations.

Company industry:
Software Development

IT Security Coordinator

January 2018 - January 2019

Max Health Hospital

Islamabad, Pakistan

January 2018 - January 2019

• Collaborated with the IT team to enhance network security and resolve vulnerabilities.

Company industry:
Medical Hospital

IT Security Coordinator (Internship)

January 2018 - January 2019

Max Health Hospital

Islamabad, Pakistan

January 2018 - January 2019

• Assisted in implementing security protocols and controls to safeguard organizational data and
systems.
• Supported audit record maintenance, policy documentation, and network security improvements.

Company industry:
Medical Hospital

Education

Virtual University of Pakistan

May 2021

May 2021

Diploma, Computer Science

Pakistan

GPA (point): 2.82 out of 4

GPA (point): 2.82 out of 4

PGD-IT

Riphah International University

September 2018

September 2018

Master's degree, Business Administration

Pakistan

Riphah International University

April 2018

April 2018

Master's degree, Business Administration

Pakistan

Virtual University of Pakistan

January 2016

January 2016

Bachelor's degree, Information Technology

Pakistan

Skills

INFORMATION SECURITY OFFICER

Expert

INFORMATION SECURITY MANAGEMENT

Intermediate

PROJECT RISK MANAGEMENT

Intermediate

POLICY DEVELOPMENT

Intermediate

Network Security

Expert

COMPUTER SECURITY

Expert

SOC 2 AUDITING

Expert

COMPLIANCE AUDITING

Expert

ISO 27001

Expert

COMPLIANCE REPORTING

Intermediate

CYBER SECURITY

Intermediate

FINANCE

Intermediate

FIREWALL

Intermediate

GOVERNANCE RISK MANAGEMENT AND COMPLIANCE

Intermediate

OPERATIONS

Intermediate

ORGANISATIONAL POLICIES

Intermediate

RISK MANAGEMENT

Intermediate

VULNERABILITY MANAGEMENT

Intermediate

Training and Certifications

Certifications
Cybersecurity Compliance Framework, Standards & Regulations — IBM / Coursera
Vanta Auditor Academy Certificate
Certified in Governance, Risk and Compliance
ISO 27001 Lead Auditor — IRCA
— Certified Information Systems Auditor (ISACA)
Certified Information Systems Security Professional
Vanta Auditor Academy Certificate
Remote Work: Cyber and Physical Security
Certified in Governance, Risk and Compliance (CGRC)
ISO 27001 Lead Auditor
SOC
27001 Implementation & Certification

Hobbies and interests

Watching Movies