Sidra Fatima

Sidra Fatima Email and Phone Number

Information Security Professional | ISO 27001:2022 | Lean SIX Sigma WB | IS Auditing | Cyber Operations & Forensics | Compliance, Risk & Threat Management | Infrastructure & Application Security | Data Analyst @ HBL
karachi, sindh, pakistan
Sidra Fatima's Location
Karāchi, Sindh, Pakistan, Pakistan
Sidra Fatima's Contact Details

Sidra Fatima work email

Sidra Fatima personal email

n/a
About Sidra Fatima

Dedicated and Seasoned Cyber Security Professional with over 10 years of extensive industrial experience and more than 7 years in the banking and financial sector of Pakistan, I bring proven expertise in conducting Information Security audits and implementing robust cybersecurity measures to safeguard critical assets. I am adept at identifying and mitigating potential threats, ensuring compliance with industry regulations, and enhancing overall security postures.I have demonstrated leadership in managing complex security projects, collaborating with cross-functional teams, and providing strategic guidance to executive stakeholders. My comprehensive understanding of evolving cyber threats and commitment to staying abreast of the latest technological advancements fortify organizational defenses. As a results-driven professional, I have a track record of successfully navigating the dynamic landscape of financial cybersecurity to protect sensitive information and uphold the integrity of systems.Professional Strengths/Technical skills: Extensive knowledge of IS-Audit & Artificial Intelligence (IBM-Cognos, Power BI, Qlik Sense). Proficient in Cybersecurity (SIEM-IBM Q Radar, T-Eye (Honeypot), Phish Rod, FireEye, Sophos, Kaspersky) & IT Security (Encryption, Authentication, Hashing). Expertise in IT-Governance Risk Management (Risk Register, Risk Classification - Identification & Treatment). Skilled in the development & implementation of policies, procedures & controls, networks and server management, IT operations. Comprehensive knowledge of CISCO networking technologies and protocols (OSI Layers, VLANs, ACL, IP Sec VPN) & server management.Public Speaking & Time Management: Proficient in both technical and non-technical communication, oral and written. Skilled in technical writing and effective work practices.Resourceful and Well Organized: Skilled in activity planning, task management, and project follow-through.Focus on Result: Effective at identifying and resolving problems using creativity and available resources. Capable of tackling problems and following through to satisfactory conclusions.Strong Communications and Interpersonal Skills: Collaborative team player, working alongside managers, engineers, and other key professionals. Excellent convincing skills and adaptability to various environments. Proficient in developing new and smooth communication channels for groups.

Sidra Fatima's Current Company Details
HBL

Hbl

View
Information Security Professional | ISO 27001:2022 | Lean SIX Sigma WB | IS Auditing | Cyber Operations & Forensics | Compliance, Risk & Threat Management | Infrastructure & Application Security | Data Analyst
karachi, sindh, pakistan
Website:
hbl.com
Employees:
5389
Sidra Fatima Work Experience Details
  • Hbl
    Manager & Team Lead - International & Technology Audit
    Hbl Dec 2023 - Present
    Responsibilities:• Successfully led international technology audit engagements, coordinating with cross-functional teams across multiple time zones.• Assessed the effectiveness of IT controls against industry standards such as COBIT, ITIL, ISO 27001, HBL Standard Policies & Procedures, and international government regulations.• Identified and evaluated IT-related risks, including cybersecurity threats, data privacy breaches, and operational disruptions.• Developed scope documents, Audit Announcement Memoranda (AAM), Audit Plan Memoranda (APM), Process Risk Control Matrices (PRCM), system process flows, technical drawings, and documentation of audit plans to assess the design and operational effectiveness of IT controls.• Contributed to the development and implementation of IT audit methodologies and best practices.• Prepared findings in accordance with relevant management system standards and final audit reports, presenting results in an objective and unbiased manner.Projects:• Successfully led comprehensive international technology audits for HBL Bangladesh, HBL Türkiye, HBL Singapore, HBL UAE, and more.• Led regulatory technology audits of digital customer onboarding and cloud computing.• Performed risk assessments for cloud computing regulatory audits and data leak prevention.• Conducted technology and application audits for the Financial Crime & Compliance Division and Safe Watch System infrastructure.• Actively participated in and provided technology and cybersecurity awareness training in Technology Audit Master Classes.• Involved in e-audit SAS deployment, onboarding, and troubleshooting.• Conducted validation testing for all international technology-related outstanding audit findings.
    View
  • Hbl - Habib Bank Limited
    Manager (Business Assurance & Integration Audit)
    Hbl - Habib Bank Limited Feb 2023 - Dec 2023
    Responsibilities:• Planning and developing audit program and procedures in accordance with departmental guidelines, international standards and state laws and regulations.• Conducting cyber security risk management to assess and treat risks associated with IT processes by assessing effectiveness of controls in place.• Involved in Audit Announcement Memorandum (AAM) and Audit Planning Memorandum (APM).• Involved in Process Risk Control Mechanism (PRCM), system process flows and technical drawings and documentation.• Reporting audit findings in an objective and unbiased manner by preparing complete audit reports.• Involved in writing test case validations and user acceptance tests (UAT).• Validation testing of all IT-related outstanding audits.
    View
  • Bank Al Habib Limited
    Assistant Manager (Data Science & It Audit)
    Bank Al Habib Limited May 2022 - Feb 2023
    Karāchi, Sindh, Pakistan
    Responsibilities:• Performing cyber security risk management by examining internal controls, evaluating operational effectiveness, determining exposure to risk, and developing mitigation strategies to minimize overall residual risk.• Conducting IT security audits to test implemented controls in commissioned banking systems.• Plan, implement, monitor and upgrade security measures for banking systems and network for protection of bank’s data, systems, and networks.• Preparation of SOPs for Off-Site Monitoring Unit.• Preparation of monthly, quarterly and annual report templates for Off-Site audit.• Programming SQL queries on IBM Cognos and customize reports accordingly.• Involved in deducing observations of implemented security in IT infrastructure and systems through technical controls and walkthroughs for fulfilment of mentioned audits: Core Banking IS Audit, HR IS Audit, System & Procedure IS Audit, BCI Outsourcing Audit, IT Security, Database and BI, IT-Governance, Datacenter, ICFR of IT and IS departments.• Involved in Special bank-wide audit findings for presenting to Audit Board Committee: Exceptions of advance payment export, ADC pending charges, Pensioners pending charges, Expired CNICs active accounts, eKYC pending accounts, Student filer accounts.• Lead role in Information Security Audit Compliance in: o Development of MIS dashboard of outstanding observations. o Timely follow-up and intimation of rectification status. o Collection of evidence and closure of outstanding audits. o Development of data visualizations of outstanding observations for board meetings and for SBP audit.
    View
  • Bank Al Habib Limited
    Senior Is Auditor + Data Scientist + Is & Branch Compliance
    Bank Al Habib Limited Oct 2018 - May 2022
    Karachi, Pakistan
    IS-AUDIT CONDUCTED:INVOLVED IN THE OBSERVATION OF IT SECURITY, IT-INFRASTRUCTURE & IT SYSTEM CONTROLS CHECK & WALKTHROUGHS OF BELOW IT AUDIT: 1. BAHL CORE BANKING IS- AUDIT.2. BAHL HR IS-AUDIT.3. BAHL SYSTEM & PROCEDURE IS-AUDIT.4. BAHL BCI OUTSOURCING AUDIT. 5. BAHL IT-SECURITY.6. BAHL DATABASE & BI.7. BAHL IT-GOVERNANCE.8. BAHL DATACENTER.9. ICFR OF INFORMATION TECHNOLOGY DEPARTMENT & INFORMATION SECURITY DEPARTMENT.SPECIAL BANKWIDE AUDIT FINDINGS FOR BOARD AUDIT COMMITEE:1. BANKWIDE EXCEPTIONS OF ADVANCE PAYMENT EXPORT.2. BANKWIDE ADC PENDING CHARGES.3. BANKWIDE PENSIONERS PENDING CHARGES.4. BANKWIDE EXPIRED CNICs ACTIVE ACCOUNTS.5. BANKWIDE EKYC PENDING ACCOUNTS AT DIFFERENT LEVEL OF AUTHORIZATION.6. BANKWIDE STUDENT FILER ACCOUNTS - LACK OF DUE DILIGENCE. PROGRAMMED SQL QUERIES ON COGNOS & CUSTOMIZE REPORTS ACCORDINGLY. IDENTIFIED E-KYC ARCHITECTURAL DIAGRAM GAP AUDIT ISSUE. IDENTIFIED VISIT REPORT AUDIT ISSUE.IS-AUDIT COMPLIANCE:1. CREATED AND MAINITAINING MIS DASHBOARD OF IS-AUDIT OUTSTANDING OBSERVATIONS.2. TIMELY FOLLOW-UP WITH THE STAKEHOLDERS AND INTIMATE THE RECTIFICATION STATUS.3. COLLECT THE EVIDENCES / ANNEXURES & RESPONSES AGAINST THE OUTSTANDING OBSERVATIONS & CHECK THEM AND CLOSED THE OUTSTANDING OBSERVATIONS ACCORDINGLY.4. CREATED DASHBOARD / CHARTS OF THE OUTSTANDING OBSERVATIONS ACCORDINGLY , FOR BOARD MEETINGS & FOR STATE BANK AUDIT.5. ANY OTHER TASKS ASSIGNED BY THE UNIT HEAD/HEAD.6. IS-AUDIT BRD EXCEPTIONS OF 2018/2019/2020.BRANCH-AUDIT COMPLIANCE:1. FINALIZE 90 BRANCH AUDIT REPORTS IN YEAR 2021. 2. CREATED AND MAINITAINING MIS DASHBOARD OF BRANCH-AUDIT OUTSTANDING OBSERVATIONS.3. TIMELY FOLLOW-UP WITH THE STAKEHOLDERS AND INTIMATE THE RECTIFICATION STATUS.4. COLLECT THE EVIDENCES / ANNEXURES & RESPONSES AGAINST THE OUTSTANDING OBSERVATIONS & CHECK THEM AND CLOSED THE OUTSTANDING OBSERVATIONS ACCORDINGLY.5. ANY OTHER TASKS ASSIGNED BY THE UNIT HEAD/HEAD.
    View
  • Bank Al Habib Limited
    Team Lead (It Governance & Risk Management)
    Bank Al Habib Limited Jun 2018 - Oct 2018
    Pakistan
    Responsibilities:• Planning implementation of processes and procedures for identification and assessment of risk in BAHL information systems.• Review current and proposed information systems for compliance with BAHL business strategy.• Develop SOPs for IT systems to ensure compliance with corporate governance.• Involved in IT Risk Assessment Framework project of Bank Al-Habib Limited in all three major categories, namely, o IT Benefit & Value Delivery Risk. o IT Program & Project Delivery Risk. o IT Operations & Service Delivery Risk.• Maintaining IT risks repository of all critical functions with risk summary, evaluation and compliance status. • Continual identification of risks related to IT resources, infrastructure and critical functions in order to avoid internal and external threats related to Information Technology.Courses Training: 1. BAHL-CISM Technical Training (ISACA) 2. BAHL-Official Excel Training Certificate Workshops Attended:1. Technology Risk Management & I.T Audit - (Bankers Development Institute)2. SQL Fundamentals & Power Bi – (GreenBerry)3. Future of Cyber Security - (Skill Orbit)4. Cyber Security & Cryptography (ISACA – ICAP)
    View
  • Bank Al Habib Limited
    Cyber Security Analyst (Soc)
    Bank Al Habib Limited Dec 2017 - Jun 2018
    Pakistan
    Responsibilities:• Vulnerability assessment through RETINA system of entire BAHL IT systems and services.• Development of Vulnerability Assessment dashboard of all regions of the bank (domestic and international) and resolution of all detected vulnerability gaps.• Worked on Phish Rod Flow and Operation, running Phish Rod campaign on Daily basis.• Maintaining reports on monthly basis and preparing templates for the phish-awareness program campaign.• Lead resource in deployment of SOC Ticketing System.• Forensic research and investigation on daily basis taking necessary actions against malware and ransomware.• Highest score of reporting malicious attacks, ransomware, phishing attacks, vulnerabilities, unacceptable usage and service disruption attacks.• Making dashboard and reports on daily, weekly, monthly, quarterly and annual basis.• Engaged with Trillium vendor in T-Eye honey pot deployment and integration.• Monitoring suspicious IP, malware, web attack and responding accordingly.• Continual compilation of reports and taking measurable actions on immediate basis to save the production environment.
    View
  • Habib University
    Sr. Systems & Networks Engineer
    Habib University Jul 2016 - May 2017
    Karachi,Pakistan
    Responsibilities:• Design, supervise, manage, monitor and troubleshoot deployed network, networking devices and related services at university campus, thereby, implementing network solutions and improving efficiency of deployed campus network and maximizing network uptime.• Managing and monitoring all installed systems and infrastructure.• Maintaining and updating 400+ AIO and Apple Mac computers on daily basis.• Managing SCCM (System Control Centralized Management) for all centralized work.• Collaborate to put in place policies and procedures regarding network, system, applications, databases, and overall security issues.• Troubleshooting of daily complaints regarding system hardware, software and LAN of 150+ nodes.• Responsible for maintaining Audio/ Visual setup using AVER and POLYCOM at Habib University.• Lead Technical resource in University Events and Seminars, assisting Manager at Control Room for all technical activities such as live broadcasting and managing IT systems.• Independently deployed CZ print server solution managing print quota policy for students to control printing at the campus.
    View
  • Fiberlink Pvt. Ltd.
    Network Operations Engineer (Ip Core)
    Fiberlink Pvt. Ltd. Oct 2015 - Jul 2016
    Pakistan
    Responsibilities:• Ensuring routine preventive and corrective maintenance to improve service node uptime and network target KPIs.• Monitoring and maintaining the FL Network and taking proactive measures.• Monitoring network performance using the SolarWinds/ Cacti.• Configuring Layer2 network devices, VLAN shifting/ DNS SMTP servers monitoring, monitoring of Maipu and Metro Rings Network Architecture.• Monitoring and troubleshooting intercity connectivity with all cities in Pakistan (Karachi, Lahore, Hyderabad, Rawalpindi, Faisalabad, Islamabad).• Perform responsibilities of analyzing network topologies and identifying network performance issues.• Implement a backup strategy along with a disaster recovery plan in event that the server should go down to prevent lost revenue.
    View
  • Multinet Pakistan Pvt Ltd
    Technical Support Engineer
    Multinet Pakistan Pvt Ltd Aug 2015 - Oct 2015
    Pakistan.
    • Troubleshoot and resolve customer problems on Multinet Products and Solution. Deal technical queries of the valued clients related to MPLS, Diagnosis: Analyze issue, using sophisticated tools, own knowledge, and where appropriate escalation.• Point. (Example: Log complaints highlight and escalate to concern).• Data connectivity, Layer 2 and Layer 3 connectivity.• Follow up with Operations team and Third-party vendors over technical quires. Frequent, productive coordination with client over daily services delivery related issues (via email and Phone).• Design presentation and chronology report of Global outage or Core connectivity issue to share with client. Prioritize work while multitasking. Conduct telephonic discussions with clients over their quires and concerns. Utilizing my existing capabilities & learning new things rapidly to keep the pace of growth intact with the growth of industry.• Entertain the Customer Queries and provide direct technical support to customer based on Operation, Troubleshooting, Installation of CPE (Customer Premises Equipment) and other products.• Resolve Customer (Internal and External) inquiries concerning customer complaints (Support/Service) request, improves overall functionality of provided services, and related CPE (vendor equipment).• Take ownership of and solve increasingly complex customer issues in line with support process and policy and ensuring customer satisfaction.• Solution: Communicate Solution to Client and Multinet Team and agree action plan.ACHIEVEMENT: - Highest Number of Technical FCR- Recognized for Best Service Provider throughout for Customer Handling & Coordination.
    View
  • United Bank Limited
    Intern
    United Bank Limited Jun 2014 - Aug 2014
    Central Directorate I.I. Chundrigar Road, Karachi, Pakistan-74200
    *Summer Internship Program, extended to 3 months 2014 at IT-Central Office and IT-Network Architecture at UBL.*Work done related to the Project Management using MS Project. *Complete Documentations of SLAs (Service Level Agreement); Vendors List; all the IT-Related services run at the UBL.*Adjusting the list of all the Contracts that has been expired in order to renew the contracts.*Vendor Coordination with my supervisor sharing the SLAs and select the best quotation in one for approval.
    View
  • Hbl - Habib Bank Limited
    Intern
    Hbl - Habib Bank Limited Jun 2013 - Nov 2013
    I.I Chundrigar Road, Karachi
    *Summer Internship Program 2013, In Network Operations,Network Security, Network Designing and Branch Operations at HBL.*Operations and Network monitoring of entire HBL Network using Solar wind (NMS) and WhatsUp Gold tools.*Identify, diagnose and resolve network connectivity Problems head offices.*Concept of IP scheming / Subnetting..Designing new IP scheming.*Designing Presentations assigned by the Supervisor of all the activity which learned during the Internship Program.*List-up the Records of all Habib sites Underwater; Overseas; International for IT-Risk Management.*Concept of Debit and credit transactions; Maintain all the transactions records sheet at daily basis include all the HBL Pakistani branches.
    View
  • Rising Youths
    It Supervisor Head / Event Manager
    Rising Youths Apr 2012 - Feb 2013
    Karachi.
    Publically arranged and managed the whole event for the Young Youth on behalf of the RISING YOUTH Company to enhance their technological or communication capabilities. Supervise and Assist all the IT/Network Related Technical Queries of the Event. / Delivered IT – Network related Workshops to all the participants.Audio Visio complete setup using VC Tool: AVER. Several Presentations were made to inspire the young youth related to the IT-Technologies.

Sidra Fatima Skills

It Operations Presentations Information Security Network Security Network Administration Risk Management Firewalls It Management Lync Service Desk Management It Governanace Is Audit Network Architecture Network Design Project Management Internet Protocol Suite Corporate Communications Network Management Technical Writing Vendor Management Incident Management Cisco Routers Microsoft Office System Center Configuration Manager Microsoft Project Team Building And Leadership Time Management Gns3 Network Infrastructure Network Troubleshooting Cisco Voip Cisco Networking Security Information And Event Management Fortinet Network Monitoring Tools Network Address Translation Acronis Outlook Office 365 Exchange Ip Subnetting Technology Operations Mac Systems Server Management It Risk Management Good Assessments And Problem Solving Skills Kaspersky Antivirus Fireeye

Sidra Fatima Education Details

Frequently Asked Questions about Sidra Fatima

What company does Sidra Fatima work for?

Sidra Fatima works for Hbl

What is Sidra Fatima's role at the current company?

Sidra Fatima's current role is Information Security Professional | ISO 27001:2022 | Lean SIX Sigma WB | IS Auditing | Cyber Operations & Forensics | Compliance, Risk & Threat Management | Infrastructure & Application Security | Data Analyst.

What is Sidra Fatima's email address?

Sidra Fatima's email address is si****@****bib.com

What schools did Sidra Fatima attend?

Sidra Fatima attended Sir Syed University Of Engineering & Technology (Ssuet), County Girls College, St. Mary's High School.

What skills is Sidra Fatima known for?

Sidra Fatima has skills like It Operations, Presentations, Information Security, Network Security, Network Administration, Risk Management, Firewalls, It Management, Lync, Service Desk Management, It Governanace, Is Audit.

Who are Sidra Fatima's colleagues?

Sidra Fatima's colleagues are Shahjhan Taseer, Asif Afridi, Asim Shaikh, Haroon Qadari, Syed Zeeshan Ul Hassan, Ghulam Rasool, Omer Siraj.

Not the Sidra Fatima you were looking for?

View similar profiles

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.