Qamar Abbas Email & Phone Number
@kpmg.ca
LinkedIn matched
Who is Qamar Abbas? Overview
A concise factual answer block for searchers comparing this professional profile.
Qamar Abbas is listed as Deputy CISO and Director- Information Security, Governance, Risk and Compliance at KPMG Canada, a with 9904 employees, based in Greater Toronto Area, Canada. AeroLeads shows a work email signal at kpmg.ca and a matched LinkedIn profile for Qamar Abbas.
Qamar Abbas previously worked as Deputy CISO & Director- Information Security, Governance, Risk & Compliance at Kpmg Canada and Principal, Cyber Risk Management at Trackernetworks. Qamar Abbas holds 100% from Wharton Online.
Email format at KPMG Canada
This section adds company-level context without repeating Qamar Abbas's masked contact details.
AeroLeads found 1 current-domain work email signal for Qamar Abbas. Compare company email patterns before reaching out.
About Qamar Abbas
Qamar is a seasoned cybersecurity professional with over 20 years of experience in leading and transforming security programs for global organizations. Qamar is a Cyber Security Leader who combines technical expertise with a strategic mindset, emphasizing the ability to navigate complex security landscapes while aligning security initiatives with broader business objectives.Qamar has proven expertise in Security Governance, Risk Management, Compliance, Automation, Artificial Intelligence, and Data Governance. A strategic thinker with a track record of implementing robust security frameworks aligned with industry standards such as NIST, ISO, and SOC2.Collaborative and communicative leader, fostering a culture of security awareness and accountability. Proven ability to align security initiatives with business goals and communicate effectively with executive leadership and cross-functional teams.Key Competencies:1. Security Governance:• Spearheaded the development and implementation of comprehensive security governance frameworks, ensuring alignment with business objectives and regulatory requirements..2. Risk Management:• Led enterprise-wide risk cloud and on-prem assessments to identify and prioritize potential threats and vulnerabilities along with implementation of risk mitigation strategies, ensuring a balance between risk reduction and business agility.3. Security Compliance:• Successfully navigated organizations through regulatory landscapes by implementing and maintaining compliance with industry standards such as NIST, ISO, and SOC2.• Led regular compliance audits and assessments, ensuring adherence to data protection laws and industry-specific regulations.4. Automation and Artificial Intelligence (AI):• Pioneered the integration of automation and AI-driven solutions in security operations, optimizing incident detection and response.5. NIST and ISO Standards:• Expertise in implementing and managing security controls based on NIST Cybersecurity Framework and ISO 27001/27002 standards.6. SOC2 Compliance:• Orchestrated and implemented continuous monitoring processes to maintain SOC2 compliance initiatives, enhancing the organization's ability to assure clients of the security, availability, and confidentiality of their data.7. Data Governance:• Developed and implemented data governance transformational organization wide initiative to ensure the confidentiality, integrity, and availability of sensitive information.• Established data classification policies and access controls, promoting a culture of responsible data stewardship.
Listed skills include Information Technology, Sap, It Audit, Cobit, and 17 others.
Qamar Abbas's current company
Company context helps verify the profile and gives searchers a useful next step.
Qamar Abbas work experience
A career timeline built from the work history available for this profile.
Deputy Ciso & Director- Information Security, Governance, Risk & Compliance
CurrentFramework DevelopmentDevelop Multi-cloud & GRC framework inclusive of Cloud RACI structure covering Azure, AWS, and GCP platforms with alignment to NIST 800-53 rev5 & ISO 27001 guidelines ensuring solid cloud security posture. Data GovernanceLead Firm wide Data Classification initiative through providing leadership and management awareness & deep dive technical sessions to facilitate the adoption of data governance practices across the firm.Global StandardsCanadian CISO delegate for KPMG global standards adherence within Canada. AI (Artificial Intelligence)Champion AI governance principles within AI User forums.Stay abreast of relevant regulations and standards related to AI, ensuring compliance with data protection, privacy, and ethical guidelines.Security AutomationDevelop and implement comprehensive security automation use cases for Security Risk & Client queries response resulting in 90% efficiency. Cyber Security Regulation and Vendor AuditsDevelop and maintain a compliance roadmap that outlines milestones, timelines, and resource requirements for achieving and maintaining compliance with ISO, SOC 2, NIST, and Law 25.Establish and enforce compliance governance policies through key performance indicators (KPIs), ensuring alignment with Authority to Operate (ATO) for business and managed services and Canadian federal security standards and regulations.CSPM (Cloud Security Posture Management)Develop a strategic vision for the implementation and optimization of Prisma CSPM within the firm leading to significant improvement in firm’s cloud security posture. Security Operations (SEC-OPS)Define clear goals and outcomes for the PAM (Privileged Access Management) and Qualys implementation to enhance the firm’s security operational landscape.SIEM (Security Information and Event Management)Build and lead a cross-functional team of security analysts, engineers, and administrators responsible for implementing and maintaining Sentinel SIEM.
Principal, Cyber Risk Management
Financial Services: Developed the IT Governance Risk and Compliance framework in alignment with COBIT 4.1 for Technology Services enabling to streamline bank GRC processes.Oil & Gas sector: Developed Vendor Information Risk Assessment for Canadian Oil & Gas sector with key focus on Data Security along with leading and facilitating C Suite Risk workshops.
Senior Manager, Advisory Services
Integrated ICFR Audits: Executive In Charge of various ICFR (Internal Control over Financial Reporting) Audits, worked closely with financial audit counterparts to define scope, execute, perform quality reviews and manage overall progress. Audits consisted of IT general control reviews of highly complex IT processes for financially significant applications across multiple platforms (UNIX, Windows, AS400) and testing programmed custom and vendor (SAP and Oracle) application embedded and configurable controls and IPEs (Information produced by Entity).IT Internal Audits and Enterprise IT Risk Assessments: Led IT Enterprise Risk Assessment for $5 Billion Global Manufacturing Concern. Developed 5 Year Internal Audit Road Maps and scoped each Internal Audit. Formulated Statement of Work for In Scope ITGC and SAP Application audits. Project Management Office (PMO):Project Management champion for Atlanta office to ensure ICFR excellence through application of project management (PM) principles to audits. Provided Training to entire IT Audit team (70+) for effective utilization of Project Management templates.
It Governance Experienced Manager & Sap Controls Assurance Lead
Advised large organizations in the government and private sector in identifying key technology risks posed to the organization and implement effective controls in reducing, removing and managing the impact associated with these risks. Specialized in SAP BASIS and Segregation of Duties and provides services to a wide range of local clients. Qamar has developed experience in the Oil & Gas, Consumer service and Health Care sector . Has experience in delivering end to end SAP Post Implementation review for large scale SAP environments with a user base of 150 plus.IT Risk ResilienceExperience in the implementation of maturity road maps for IT Governance controls frameworks, COBIT 5.Worked closely with senior leadership team to identify risks and mitigation strategies.Advised organizations on COBIT/ITIL frameworks with objective of performing Enterprise IT Risk Assessment.Governance & Controls AdvisoryProvided guidance to large private setups in designing effective IT governance forums through re-engineering of technology processes and formulation of key IT Strategy, Governance, Management, Processes, Policies, and Information Security.Benchmarked IT Governance, Risk , Processes and Procedures through utilization of proprietary IT Risk Diagnostic tool.SAP Security and ControlsDeveloped key automated Health care control solutions sets, used by the UAE practice for auditing SAP systems, primarily in relation to SAP Business Processes and BASIS.Delivery of SAP Post Implementation review and Internal Audits Delivery was inclusive of both audit and non audit clients focusing on recommending improvements to the SAP control environment.IT Internal AuditsDirected all aspects of IT audits, including planning, scoping, resourcing, execution, closing and report formulation. Drove high-level performance and productivity via Business Process/Service Management/Project Risk Assurance reviews such as Top Down & Bottom Up Reviews.
It Risk And Audit Manager Iii
As an IT Risk and Audit Manager of the Abu Dhabi Assurance & Advisory practice, managed entire portfolio of Abu Dhabi IT audit engagements (approximately 100+ clients) as part of the Financial Audit process along with Internal Audit assignments, Risk Assessments, COBIT/ITIL Maturity Assessments, and ERP (SAP & Oracle) Post Implementation reviews. Key responsibilities at a high level included: Managed IT Audit engagements for Aviation, Health Care, Government, Oil and Gas, Education, Five Star Hotel Properties, Automotive and Manufacturing Industries.Planned, scoped, budgeted, resourced, coordinated and managed External and Internal IT audit and controls assurance engagements. Planned scoping of Audit risk assessments, and managed the work of IT audit teams comprising of around 10 resources, reviewing testing documentation, working papers, conclusions, audit impact documents and finalizing audit files and reports for partner review.Formulated work programs for SAP and Oracle Access Security and Configurable controls for Mid East Regional Roll out. Presented IT Audit Conclusions to Audit Committees along with monitoring project economics, WIP and billing pipeline for audit fee collection and revenue reporting.Provided on-the-job coaching to team members and acting as a coach/mentor for assigned staff.Assisted Senior Managers and Partners in proposals, sales process, expanding Regional ERP practice and business development activities as well as various internal firm initiatives.
Experienced Senior Associate
Managed and participated in, third party assurance on internal controls (under section 5970 of the CICA Handbook) related to items and transactions processing for a leading Service concern in the Technology sector with processing centres in all provinces in Canada. The engagement involved Physical Security, Environmental controls, Change Management, Problem Management, Logical Security, and Computer Operations.Third party reviews and reporting (such as SAS 70 / Bill 198) for outsourced business processes and infrastructure.Formulated Information Security, Application, and Operational Policies and Procedures.IT control design and risk identification / mitigation reviews.Business Applications’ (SAP, Oracle, JD Edwards, and BASEL Banking applications) pre and post implementation reviews covering business process / application functionality controls, security controls (technical and segregation of duties) and implementation project reviews.Reviewed over all SAP R/3 security environment, including the review of security polices and procedures, overall process for user administration, profile creation and profile maintenance and security management.SAP R/3 Basis review through use of appropriate security analysis work programs and Big 4 proprietary software tools. Analysis of high-risk profiles and access to sensitive transactions.Reviewed SAP R/3 program change management process.Reviewed over all Oracle security environment, including user security administration (Roles based access control), processing/program management, user and data auditing, profile management and change control.
Credit Portfolio Management Analyst
Managed Cross-functional teams of Developers, Business Analysts, Consultants and End Users regarding development and implementation of Re-engineered Business Processes from a Lotus Notes to Dot Net. Project Duration was over a Year. Developed and implemented procedures for integrating multiple credit applications into a single web application platform.Formulated entire Change Management procedures relating to implementation of BASEL II projects. Developed effective Test Manuals to ensure application is effectively tested prior to global Roll Outs.Formulated Project Budgets encompassing Resources, Deliverables, Proposed Cost, and Cost/Benefit Analysis and detailed Project Plans encompassing Key Milestones and Critical Path.Managed Risk Issues logs for all projects, ranked each risk in terms of High, Medium, and Low and set deadlines for High Risk corrective actions.Formulated Project Charter and managed Business Requirements to meet all BASEL II requirements going forward. For example, fields such as Obligor, rating, and facility were included.
Senior Technical Support Analyst
Developed Incident and Problem Management Policies.Developed Change Management and Support procedures utilizing In-House Methodologies.Developed functional documentation defining production severity procedures.
Assistant Vice President
Developed 5 Year Strategic Plan for the Information Technology department, enabling the Information Technology department to add revenues to the company. Managed Web Site Development for Company and accomplished record milestones.Managed maintenance and support for Oracle Based Investment Banking Modules:Managed Development, Networking Administration and Business Analysts throughout various successful project lifecycles, for upto 6 employees.Managed relationship management with preferred hardware/software vendors.
Qamar Abbas education
100%
Executive Program: Artificial Intelligence: Implications For Business Strategy, Exceptional Performance
Ai For Business Specialization
B.S, Management Information Systems
Cisa, Crisc, It Audit, It Risk Assessments, It Governance, Sap Itgc, It Policies And Procedures
Ai Strategy Governance, 100%
Ai Fundamentals For Non-Data Scientists, 95.5%
Frequently asked questions about Qamar Abbas
Quick answers generated from the profile data available on this page.
What company does Qamar Abbas work for?
Qamar Abbas works for KPMG Canada.
What is Qamar Abbas's role at KPMG Canada?
Qamar Abbas is listed as Deputy CISO and Director- Information Security, Governance, Risk and Compliance at KPMG Canada.
What is Qamar Abbas's email address?
AeroLeads has found 1 work email signal at @kpmg.ca for Qamar Abbas at KPMG Canada.
Where is Qamar Abbas based?
Qamar Abbas is based in Greater Toronto Area, Canada while working with KPMG Canada.
What companies has Qamar Abbas worked for?
Qamar Abbas has worked for Kpmg Canada, Trackernetworks, Ernst & Young Llp, Pwc, and Deloitte.
How can I contact Qamar Abbas?
You can use AeroLeads to view verified contact signals for Qamar Abbas at KPMG Canada, including work email, phone, and LinkedIn data when available.
What schools did Qamar Abbas attend?
Qamar Abbas holds 100% from Wharton Online.
What skills is Qamar Abbas known for?
Qamar Abbas is listed with skills including Information Technology, Sap, It Audit, Cobit, Enterprise Resource Planning, Business Analysis, It Risk, and Erp.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trialCheck these profiles if this is not the Qamar Abbas you were looking for.
View similar profiles