سلطان حكيم

Information Security Analyst في THE BANK OF KHYBER

• باكستان - بيشاور
• أشغل هذه الوظيفة منذ مايو 2011

Clients The Bank of Khyber

• Guaranteeing that the framework for information security policies, standards, and procedures remains current.
• Ensuring adherence to security practices and standards, thereby minimizing the likelihood of audits, regulatory issues, and legal liabilities. Any exceptions must be formally documented and approved following the agreed-upon process.
• Devising, Constructing, Strategizing, Coordinating, Implementing, and Sustaining the Framework for Managing Information Risk.
• Emphasizing process enhancements, rectifying deficiencies, and bolstering existing tools to reduce the overall risk profile.
• Coordinating information security audits and ensuring timely resolution of audit findings within the agreed-upon timeframe.
• Planning and conducting sessions to promote information security awareness.
• Carrying out impromptu tasks or leading small projects when necessary.
• Maintaining, overseeing, and updating the compliance tracker and dashboard for IS audits.
• Facilitating and overseeing the preparation of management responses by IT/IS teams.
• Engaging teams in cross-training and awareness programs to ensure effective succession planning.
• Managing and ensuring timely completion of audit fieldwork and responding to requests for information (RFI).
• Cultivating strong relationships with cross-functional teams and owners of processes.
• Proficient in the documentation and interpersonal skills.
• Designing, Developing, and Establishing a comprehensive program for enhancing security awareness.
• Promoting education and awareness about security.
• Monitoring recommendations for security controls and tracking the remediation of any shortcomings.
• Ability to convert technical and security requirements into business terms.
• Handling security-related inquiries from various teams and process owners.
• Review requests for new applications and software to ensure compliance with our security policies and requirements.