Information Systems Auditor, Security Specialist with 25 YEars exp. MBA, CISA, CISM, CCNA

To lead the Information Systems Audit and Security Teams and continuously review and improve controls required for the organization on the Information Systems Technology and software

I am an Information Systems Security and Audit professional. I carry a total of twenty five years of professional Information Systems practice experience out of which I worked for 18 years with professional firms such as Systems (Pvt.) Ltd (leading software development house for 6 years), KPMG Peat Marwick, Chartered Accountants (IT consulting firm for 6 years), Khalid Majid Hussain Rahman, Chartered Accountants (previous Deloitte for 3 years) and M. Yousuf Adil Saleem & Co. Chartered Accountants (present Deloitte for 3.5 years.). In the remaining six years I worked in the Information Systems departments of MNCs and banks supporting and implementing the organizations initiatives.
General
1. In the last 18 years, I have been responsible for senior management / top positions in the Information Systems industry in Pakistan and Middle East.
2. In these years I delivered services to almost 100 clients in Pakistan and Middle East.
3. I provided different services to more than a dozen banking and leasing companies for 8 years in Pakistan and Middle East.
4. I am highly committed, flexible, serious, hardworking, energetic, result oriented, self motivated, team builder with strong communication and inter personal skills.

Application Systems designed, developed and Implemented
5. I studied, designed, developed and implemented more than 40 commercial application systems for 15 large clients using various computer hardware, operating systems and application development tools.
6. As project manager, I led a team to implement Oracle Financials (5 modules) at two manufacturing concerns.

Information Systems Security Consultancy and implementation
7. I provided Information Systems Security related consultancy and implementation services such as BCP and DRP development, implementation, testing and maintenance, ISO 27001 Standard implementation and Certification, Vulnerability Assessment and Penetration Testing, Enterprise Security Policy preparation, implementation and awareness, network evaluation and strengthening network security.

Educational and Professional
„X I graduated from the Institute of Business Administration Karachi two decades ago (1985) achieving masters in MIS, Finance and Marketing.
„X I passed Certified Information Systems Security Manager (CISM) exam in June 2006 from Information Systems Audit and Control Association (ISACA) USA. .
„X I passed Certified Information Systems Auditor (CISA) exam in June 2003 and was certified in 2004 by Information Systems Audit and Control Association (ISACA) USA.
„X I have also attended four courses of Cisco Certified Security Professional (CCSP).
„X I passed Certified Cisco Network Associate (CCNA) and also completed one year diploma in Computer Networking.
„X I have attended courses on Business Continuity Planning, ISO 27001 Information Security Management System, Ethical Hacking and Penetration Testing, Security Incident Management, Information Classification, Retention, and Purging etc. in the last one year.
„X

Tools, OS, development tools, Hardware
20. I have experience working on ACL, COBIT, CONCT, MBSA, SekChk, Routers, IDS, managed switches, Concentrators, several security software and hardware, Security Strategy, Security Policy, OS/400 and utilities, IBM VM and utilities, Windows 2003 and utilities, Unix, Oracle Developer, Oracle Report Writer, RDBMS, SQL Plus, COBOL, IBM AS/400, IBM 4331, 4341, Client Server LAN, WAN etc.

Information Systems Training
15. As part of my professional career, I have conducted several professional courses, more than 1100 hours, related to Information Systems Audit, MIS, management and computers.
16. I have also attended almost 200 seminars and training programs on Information Systems.

Visiting Faculty at the IBA
17. I am also a visiting faculty member at the IBA for several IS related courses and give them 3 hours per week. IBA is one of the oldest (since 1955) and largest business administration institutes outside North America.

Community Contributions
18. I am one of the Directors of the Board of ISACA Karachi Chapter (CISM Coordinator) and a member of IT Sub Committee of Institute of Chartered Accountants of Pakistan.

Present engagement
19. I am at present leading the Information Systems Security Section of Central Depository Company of Pakistan as Chief Security Officer.

Information Systems Audit and Computer Assurance Reviews
8. I conducted detailed Information Systems Audit of fifteen clients in Pakistan and Middle East for eleven years (1994-2005) using latest methodologies, questionnaires and software tools as recommended by Information Systems Audit and Control Association (ISACA) USA, KPMG Peat Marwick USA Practice and Deloitte and Touch New Zealand Practice.
9. I performed Computer Assurance reviews as part of statutory audit for more than 50 clients for approximately five years.