Back to candidate list
Default Avatar
Candidate Name
Assistant Director GRC
Pakistan
Summary

I am an Information Security Professional having over 9 years of experience in IT and Information Security fields. I have provided services like penetration testing, consultancy for ISMS, BCP, IT risk assessment, PCI DSS and enterprise security audit services in different countries i.e. Saudi Arabia, United Kingdom and Pakistan. I have worked in different verticals i.e. IT, Defense, Banking and Telecom. I am currently serving as Assistant Director (GRC) at Pakistan Telecommunication Authority and leading the GRC assignments. I led Information Security audits for 12 telecom companies, including major CMOs such as Mobilink, Telenor, Ufone, and Zong, to verify compliance with CTDISR regulations, additionally I led the development of an “Audit Portal” to enhance efficiency in external audit processes.

My Specialties are:
• Enterprise (IT) security audits
• ISO/IEC 27001 (ISMS) consultancy
• ISO 22301:2018 consultancy
• Risk management using ISO/IEC 27005 guidelines
• PCI DSS implementation
• Project management
• Developing information security policies, procedures, guidelines and standards
• Network vulnerability assessment & penetration testing
• Web application vulnerability assessment & penetration testing
• Technical configuration review using CIS, NSA and DISA best practices

International prestigious certifications includes: PECB ISO 27001 Lead Implementer
PECB ISO 27001 Lead Auditor

Work experience
01/01/2024
19/01/2026
Assistant Director (GRC)
01/03/2023
01/12/2023
Principal Information Security Engineer
01/11/2022
01/02/2023
System Manager (CSOC & GRC)
Education & certifications
01/01/2016
01/01/2018
Masters Degree
Information Security (IS)
01/01/2010
01/01/2014
Bachelor’s Degree
Information Technology
Open to relocate
Skills
Cybersecurity Information Security Penetration Testing Incident Response Risk Management Security Auditing Compliance Governance Security Information and Event Management (SIEM) Data Privacy Disaster Recovery Business Continuity Data Loss Prevention (DLP) Endpoint Detection and Response (EDR) Security Policy Development NIST Cybersecurity Framework ISO 27001 HIPAA Security Awareness Risk Assessment EDR Security Infrastructure QRadar COBIT SOC 2 Compliance Business Continuity Planning (BCP) Analytical Skills

You need to log in as an employer to view full candidate details.

Connect with us

© State Government of Victoria 2026.

TalentConnect platform is powered by Cturtle.