Divisional Head – Technology Compliance
Allied Bank Limited
Total years of experience :34 years, 7 Months
• As Divisional Head - Technology Compliance responsible for developing IS Compliance Program and monitoring the implementation of Information Security strategy, policies based on regulatory requirements and guidelines from ISO27001, ITIL, CoBIT, PCI-DSS.
• Actively take part in development and review of policies and procedures to ensure the regulatory requirements are appropriately covered for effective design of general and application controls within the Bank’s IT Infrastructure.
• Collaborate with Information Security team for managing technology risks and exposures at Bank wide.
• Review Incident reports and root cause analysis reports covers the appropriate remedial/ mitigation actions to address the identified/ related weaknesses.
• Obtain compliance action plans for observations raised in IS and Management Audit reports of SBP/ 3rd Party / Internal audit.
• Monitor and review Vulnerability Assessment reports and obtain compliances of exceptions
• Coordination for BCP document preparation, and BCP exercises as per schedule/ requirements.
• Work closely with the different compliance functions to achieve the goals set by Compliance Group.
• Development of Compliance Risk review checklist of regulatory requirements for technology infrastructure.
• Manage and coordinate the execution of user acceptance test (UAT) to assure functionality developed by technology is in alignment with business requirements.
• Coordinate for extraction of Top100 depositor data by IT for off-site review as per regulatory requirements.
• Review FATCA data for US indicia and forward results for off-site review.
• As Unit Head - Service Quality Assurance & Compliance in Information Security, responsible for developing and implementation of Information Security Program.
• Design, implement and integrate security solutions to address enterprise risks and exposures.
• Develop Information Security policies in coordination with concerned and follow-up with internal IT functions for its implementation.
• Responsible for developing, administering and monitoring the Information governance; IT related standards & compliance.
• Develop IT Security Architecture
• Develop procedures which are necessitated by information security policies, in coordination with respective IT functions.
• Develop and implement IT control self-assessment program.
• Coordinate for external/ 3rd party penetration test.
• Develop and implement vulnerability management plan.
• Coordinate in Technical Risk Assessment
• Log Analysis and its reporting using SIEM tool (ArcSight of HP, )
• Designated PoC for coordination of audit activity by internal auditors/ external auditors/ regulator.
• Designated PoC for coordination of compliance implementation of observations raised in IS/ IT audit reports.
• Monitor Data Centers to verify compliance of required controls
• Act as IT Surveillance team member to monitor the legitimacy of email and internet use as per policy and execute warning alerts to violators.
• As Head Networks & Communication responsible to Plan, Develop & implement the Telecommunication Connectivity for bank’s all branches, controlling offices and main office locations.
• Coordinate to design and establish bank’s new Data Center for a centralized core banking application with co-existence of legacy application on distributed network.
• Responsible for complete project life cycles, including requirements determination, capacity planning, design, security, implementation, testing, and define post-implementation network support procedures.
• Ensure smooth operations of countrywide LAN/WAN Connectivity through dual links.
• Having the ability to negotiate existing contracts to deliver better price and or service. Managed 3rd party telecoms service providers to ensure service SLA’s are met.
• Designing and coordinating in Call Centers PRI, PABX, IVR, call logging software for telecom helpline, NAC and LAN.
• Budgeting for Projects in line with vision/ strategy/ business needs and bank’s policies.
• Ensure compliances of policies
• Provided server administration to include backups, patching, anti-virus, security, active directory, monitoring, review of logs, change and configuration management, tuning and monitoring
• Managing Audio/Video Local and International Conferences.
• Managed effectively core network services, including firewalls, switches and load balancers.
• To investigated, recommended and implement new server, network, storage, and virtualization and application delivery technologies.
• Primary responsibility is to manage and develop the IT network operations through out the Group. Give plan, design and support in installation of all server and network systems enterprise wide.
• Provide consultation/ coordination to Allied Bank (having 735 branches network countary wide) ownd by the Group.
• Provide consultation/ coordination to AASML a sister company in ERP deployment project.
• Started as Senior Officer LAN & Communication and promoted to Assistant IT Manager on first years completion. Keeping my outcome in front, management was pleased to promote me as Project Manager after a year and half to meet the upcoming new projects
• Responsible for complete project life cycles, including requirements determination, technical planning, scheduling, design, implementation, testing, and define post-implementation support procedures.
• Served as liaison between company and ABL technical and executive management teams to got old eMail system replaced with Microsoft based platform.
• Decide & define standards for purchase of all required software and hardware to integrate new systems into existing network or for new deployments.
• Served as Project Coordinator and Team Lead for multiple installation, on-site support, and system administrator training.
• Developed and implemented security procedure improvements in several areas and liaised on with vendor in configuration of routers, firewalls and Anti-Virus gateway Appliance.
• Organized managed backup functions for all non-production servers and clients.
• Organize company-wide hardware and software audit. Designed provisions for automatically maintaining audit on quarterly basis.
• Attended many seminars/ workshops and exhibitions at national/ international level.
PROJECTS List can be provided if desired.
• Primary responsibilities were to manage and develop the IT network operations at the Branch level.
• Provide technical support to all users to ensure the accuracy of Banking transactions, Payroll System and Loan/ Advance System.
• Execute all Applications Processes of PIBAS Banking Software and Transfer compiled data to H/O on daily basis, using PCAnywhere.
• Perform Strat of Day of Branch system to enable daily Banking transactions/ business.
• Run End-of-Day process to compile daily data.
• Take Printouts of required MISs for respective departments to meet the internal audit requirements to keep the branch operation alive with the help of these printed results.
• Served as liaison between IT vendors and Branch’s IT matters/ complaints.
• Decide for purchase of all required accessories and their arrangements.
• Primary responsibility was to provide support of Business Applications on AS/400 systems, Hardware issues support, Data Communication Issues of all inter-networked sites.
• Perform posting process of Applications on AS/400, like, Payroll, Sales, General Ledger and Payables.
• Provide technical support for procurement of new Hardware and Software.
• Maintain Backups of Applications and AS/400 system configuration.
• Configure Communication lines on AS/400 system for WAN/ remote connectivity establishment and do the needful to keep the LAN operation smooth.
• Installation of 5250 emulation adaptors, installation of Microsoft Applications on clients, Group wide.
• Administrate the working of Voice Mail System VM-2000 being in use with SIEMENS Hi-Com 130 and Call logging/ Call Attendant software.
• Provide support at remote locations like: Sale office, Godown and others.
• Performed additional jobs assigned time to time
• Liaison IT vendors as per requirement/ need.
• Developed initial Sale System and Vehicle Insurance System
• Liaison with bandwidth service provider.
My primary responsibility was to develop Inventory System in D Base III plus to manage their stock. In addition to this I had performed these tasks:
•Prepare accounts in custom made accounting package.
•Prepare all MIS reports (detail/ summary reports) required time to time.
I was responsible for the installation of software and hardware & development of small application programs as per office requirement in Dbase III plus. Other tasks which undertaken are listed below:
•I had developed an application program for fetal bio-matery calculations.
•Designed & programmed formats of Ultra Sound reports in WinWord for automatic printing after taking certain inputs from the operator.
•Prepared a fully automated presentation /slid show of 3 hours for provincial level conference of Doctors (Ultra Sound Specialists)
•Worked to compile data of research on biopsy and case study to be presented at international conference of orthopedics at Karachi, PAKISTAN.
BCMS (Business Continuity Management System Auditor/ Lead Auditor Course. Course Number A17494: certified by the International Register of Certified Auditors (IRCA)