Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Information Security Professional, [ITIL v3F, CobiT 4.1, C|EH, ISO 27001 LA Qualified] (+92-333-9224853), adabbas.is@gmail.com
Seeking challenging career in Information Security with a progressive organization. Passionate about the role that the Information Security can play in these times to drive and engage the talent in an organization.
Objective
Personal Profile
Solution oriented information security Professional and strong believer in continuous improvement with 5 years of professional experience in operational and strategic IT and Security Management, leadership and change management in diverse organizations. Have worked in Government Sector and cross-cultural teams providing guidance and support to Executive management teams and operational management teams on all IT activities, including design, change and implementation, employee training & awareness and communications. Also been involved in in-house information security trainings and consulting services for number of projects and have solid background of delivering services up to the required standard.
Career Achievements
Establishment, Design & Compliance of Information Security Policies Conducted Risk Assessment based on ISO 27001:2005, ISO 27005 & NIST Conducted Information Security Management Review Meetings of the organization and suggested for improvement of organizational systems, policies and operating mechanism. Developed & Conducted Internal ISMS Audits Experience in Information Security management with expertise in: Governance Technical implementation Technical evaluation & assessment Compliance Management
as IT Security Officer
Responsible for GRC (Governance, Risk & Compliance). Analyzing Information Security policies & procedures with a view to improve the overall workflow of the information systems procedures and processes, particularly focusing on business use. Conducting Security Awareness Training Programs. Working on implementations of best practices throughout the organization and developing strategies for continual improvement.
Responsible for management of Information Security Governance acting as Team Lead. Policies Review: Analyzing Information Security policies & procedures with a view to improve the overall workflow of the information systems procedures and processes, particularly focusing on business use. Working with technical team, as a domain expert, for designing and reorganizing the different sections of the information system. Provide support & deliver metrics to Senior Management and Executives with analysis. Working closely with Higher Management for all initiatives, process and plan enterprise wide Initiated and implemented Information Security Policies and Risk Management Completion of successful audit of NADRA Networks Directorate for ISMS Certification Ensuring systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the security plan. Applying security risk assessment methodology to system development to work on threat model development, vulnerability assessments, web application security testing and resulting security risk analysis. Provide Security Risk Assessment & Compliance Services, IT strategic planning, IT risk management, business process analysis, information and network security, information systems audits, business continuity management, information life cycle management and information technology service management. Conducting Security Awareness Training Programs Responsible for Team development, Motivation and Retention Take part in strategic level Information Security related decisions and work as change agent for Organizational Development Working on implementations of best practices throughout the organization and developing strategies for continual improvement
as System/Network Admin
Maintenance and Configuration of LAN/WAN. Conducted Workshops/Trainings/Labs and Intermediate Short Course for Government Employees, E-Government Project. Implementation of various Provincial Projects, monitoring the status and daily reporting. Designing and implementing security tests in accordance with Government stated criteria. System Administration included Antivirus Update, Security Patches, and other security relevant issues.
as System/Network Support
2
Aug 05 to Apr07
Advising and providing support to staff & management on the operational issues of Linux platform. Coordinate with customers and handle all issues Responsible for Installation/Configuration & Monitoring of Systems/Servers
as Guest Speaker
Qualification
MS Information Security 2005-07 National University of Sciences & Technology (NUST), Islamabad
2001-05
Trainings/Workshops Attended
ISO 27001:2005 Lead Auditor training course from SGS Pakistan APTC Certified Ethical Hacker Training from Trillium Info Sec Systems Attended a workshop on National Conference on Information Assurance NCIA 2010 NUST Linux Fedora 8 Intermediate from Emerging Systems Islamabad Sun Solaris 10 Intermediate System Admin Training from SEECS NUST Islamabad