Bayt.com
Naveed Ul, Chief Security Architect

Naveed Ul

Chief Security Architect

Finastra

Location
Canada
Education
Bachelor's degree, Engineering
Experience
3 years, 2 Months

Share My Profile

Block User


Work Experience

Total years of experience :3 years, 2 Months

Chief Security Architect at Finastra
  • Canada - Mississauga
  • My current job since March 2021

• Driving security posture maturity for about 200 products/applications with the help of around over 20 security champions, several architects and development leads.
• Leading in threat modelling, design reviews, and spot check peer code reviews as part of the secure development lifecycle.
• Evaluating risk and governing release signoff against Government of Canada standards such as the RCMP TRA model and ITSG-33 frameworks.
• Driving security requirements into Architecture Review Board owned by Enterprise Architecture and providing security signoff at several stages.
• Providing support to the dev teams to enhance the secure development lifecycle and automated security testing as part of the CI/CD pipelines.
• Helping to respond to questions driven by various audits such as SOC 2, banking client questionnaires, PCI requirements, NIST 800-53 etc.
• Assess security solutions and their compliance against contractual obligations which includes data residency requirements and regulations such as GDPR and PIPEDA.
• Assessing the application security maturity and building enhancement plans by
utilizing OWASP, SAMM and BSIMM continuous compliance audits.
• Working with the CRO and CISO teams to provide visibility into the security risks and compliance status against corporate standards.
• Helping onboarding products on WAF and creating related incident response processes.
• Assisting in assessing and integrating data governance requirements across the architecture.
• As a member of the Product and Data Security Leadership team, working with global product and security teams to identify program gaps and finalize target state roadmaps for the CISO which includes product, data and infrastructure security components.
• Performing research to evaluate and recommend technology solutions based on the latest technology trends, application capabilities, and best practices. Recent work relates to threat modelling, API security, security tool integration, supply chain risks and WAF.

Education

Bachelor's degree, Engineering
  • at Drexel University
  • June 2004

Telecom/DSP and Computers Engineering

Specialties & Skills

Cryptography
+Endorse 0
Data Privacy
+Endorse 0
Incident Management
+Endorse 0
Network Security
+Endorse 0
Application Security
+Endorse 0
SIEM
+Endorse 0
IR
+Endorse 0
Leadership
+Endorse 0
Architecture
+Endorse 0
ThreatModeling
+Endorse 0
Analystics
+Endorse 0
SDL
+Endorse 0
Management
+Endorse 0
Governance
+Endorse 0
AppSec
+Endorse 0
PAAM
+Endorse 0
IAM
+Endorse 0
Project Management
+Endorse 0

Languages

English
Expert

Training and Certifications

CISSP (Certificate)