Mohd Mazhar Email and Phone Number

As a GRC Consultant, role and responsibilities are:• Ensuring the customer policies & SOW/MSA compliancerequirements are adhered in the deliverables.• Driving end to end IT security risk management activities andperform ISMS GAP Analysis.• Develop & maintain documents like Control Procedure Documents,Access Control Policy, Password Policy, BCP etc.• Create Infosec awareness related training documents.• Focus on regulatory and contractual compliance e.g., Data… Show more As a GRC Consultant, role and responsibilities are:• Ensuring the customer policies & SOW/MSA compliancerequirements are adhered in the deliverables.• Driving end to end IT security risk management activities andperform ISMS GAP Analysis.• Develop & maintain documents like Control Procedure Documents,Access Control Policy, Password Policy, BCP etc.• Create Infosec awareness related training documents.• Focus on regulatory and contractual compliance e.g., Data Privacy,SOX etc.• Governance and audit coordination surrounding customer drivenand ERM driven cybersecurity and compliance audits.• Publishing weekly/monthly dashboard, status reports on overallcompliance and tracking for non-compliance with deliveryleadership/respective stakeholders.• Regular connect with account delivery leadership, PDM/PDL on riskand compliance delivery.• Update Risk, Vulnerabilities, Audit details etc. on central trackershared with the respective stakeholders. Show less

Worked as an Internal Application Security Auditor, conducting policy-basedsecurity assessments for applications to determine compliance or noncompliancewith the standards and frameworks (e.g., ISO, PCI etc.).• Executing Application Security Risk Assessment and Gap Analysis forfinancial Institution’s 2nd line of defence with applicationincorporating Confidentiality, Integrity and Availability (CIA) policiesand standards.• Follow the bank's methodology incorporating… Show more Worked as an Internal Application Security Auditor, conducting policy-basedsecurity assessments for applications to determine compliance or noncompliancewith the standards and frameworks (e.g., ISO, PCI etc.).• Executing Application Security Risk Assessment and Gap Analysis forfinancial Institution’s 2nd line of defence with applicationincorporating Confidentiality, Integrity and Availability (CIA) policiesand standards.• Follow the bank's methodology incorporating regulatory and ISOstandards towards CIA assessment posture for: User AccountManagement, User Access Management, Logging and Monitoring,Data Access Protection, Authentication Services, Confidentiality DataControl and Privileged Access Review.• Write findings/observation for remediation for the applications notmeeting the respective policy/controls.• Work routinely with technical/application teams, risk partners,remediation teams and SMEs on a variety of application levels in theassessment of confidential data, user access, user account,authentication services and privileged access etc.• Monitor the audit findings which are followed up by the applicationowners for closure of any non-conformances. Following up withsecondary audits to ensure the work is being completed.• Facilitates the collection and validation of the evidence with the FLU.• Perform assessment Quality Assurance (QA) reviews. Show less

Identity and Access Management (IAM)

Lead Operations

Lead Operations