I have extensive experience in the field of Information Technology and Cybersecurity risk-based internal audits, IT and CS risk assessments, technology, cybersecurity, business continuity risk advisory, and consulting across various industry verticals in the (GCC) region and Pakistan. I have focused on helping organizations assess and manage their information and cyber risks effectively. Besides, I have conducted risk-based internal audits to evaluate the adequacy of information security controls, identify vulnerabilities/ gaps, provide independent assurance to the management, and recommend remediation measures. By assessing IT and CS risks, I have helped organizations identify potential threats, assess their impact, and develop strategies or way forward to mitigate them. With a proven track record of expertise in information technology and cybersecurity, I deliver effective solutions to clients across various industry verticals and am well-equipped and leveraged this knowledge to provide tailored risk advisory and consulting services to my clients in order to provide valuable insights and guidance to organizations seeking to enhance their cybersecurity posture and mitigate business risks.

• Lead Auditor in Risk-Based Information Systems Security

• Lead Implementer and Assessor in various frameworks SAMA CSF, ITGF, MVC, CRFR, BCMS including NCA ECC, CSCC, CCC, and CITC/ CST.

• Consultant in Technology and Cybersecurity Risk Advisory (Security Advocate)

• Proficient in conducting Vulnerability, Compliance, Gap, Maturity, Implementation, and Risk Assessments

• Expertise in IT and Cybersecurity Governance, Risk, and Compliance

• Familiarity with Digital Government Authority (DGA), National Data Management Office (NDMO), ISMS 27001, NIST, ITIL, GDPR, COBIT, PCI DSS, ISO 20000, BCMS 22301, 27701 PIMS, PDPL, 27017, 27018 and other contractual obligations, regulatory requirements, business requirements, or industry best practices.