1- CISO for UBL PK, UAE, Qatar, Bahrain, building trust for 11+ million customers and 3+ million customers.2- Led the development and implementation of a comprehensive information security strategy & cyber security action plan/program.3- Successfull completion of PCI DSS certification for UBL-Pakistan, UBL-UAE, UBL-Qatar and UBL-Bahrain.4- Successfully leading number of security initiatives, including ISO 27001, Information security Policy revamp and security posture uplift program.5- Maintained a strong compliance posture with industry regulations, such as ETGRM, Swift, NESA, PCI DSS etc.

1- As Cluster BSO (vCISO), provide security leadership to emerging Asia business units of Telenor Group (Telenor Pakistan, Grameenphone and Telenor Mayamar).2- A regional CISO role to provide strategic direction around security execution program, Security operations and security Culture.

CISO role for Telenor Pakistan.1- Delivered many important regional and domestic projects and accomplished career growth four times during my stay at Telenor.2- As a custodian of Security Policy ensured a high standard of cybersecurity, compliance with regulatory and international security standards with the help of head of Security GRC, Head of SOC, head of physical security& head of service fraud.3- Kept management abreast of security risks to business, and continually transform security strategy to manage the cyber security risks.4- Notably improved & maintained a high performing team with good engagement and enablement.5 - This was a security leadership / CISO role to secure complete portfolio of IT, Telco, Digital Security, Governance of physical security and Service Fraud.

(A leadership role as head of GRC (CISO minus one) with a breadth of experience in security Governance, Security Risks, Reviews, Privacy and security transformation projects. In this role, I have worked with Telenor as Telco Operator & Telenor bank. (EasyPaisa);--> Security compliance Manager (Reviews & Audits) 1. Security risk assessment, Audits & reviews of Enterprise and Business partner’s information system during development, acquisition and operations stages.2. To provide security assurance by conducting risk based IT Audits, reviews and VAPT against applicable security standards like NIST, OWASP, ISO 27001, PCI DSS etc. --> GRC Manager 1. Conducting security risk assessments to identify major risks in projects follow through and facilitate mitigations. 2. Conducting IS awareness across Telenor Pakistan 3rd party eco system to fortify the overall security posture. 4. Worked on People, process and products to achieve secure operating model and continually evolve security posture. 5. Vendor security management by conducting regular vendor forums, reviews and track risk against vendors.6. Execute local security strategy inline with group security strategy and conduct technology review against approved strategy. --> Telenor Asia Security Lead1. Working as central security lead for all Asian Business Units of Telenor in core network transformation program, a private cloud using open stack to ensure defendable architecture in a governance role with responsibility of Risk, reviews and audits.--> Security Architecture Management7. Worked as Lead in Defendable Architecture program: Telenor’s Technical Security uplift (TP), this Project a involved Enterprise IT transformation; involving People, Process & Products.8. Technology products involved latest IT & security solutions from top vendors. Processes revamp inline with ISO/ISF, Data Protection controls design, design/Implementation reviews/operational audits and risk assessments at the heart of it.

Independent Consultant and advisor on Cyber security & Data Protection and Privacy (GDPR)Delivered workshops and trainings both Onsite & Online.1- CCSK Training (#CloudSecurity )2- CISSP Workshop3- CISA, CISM4- Data Privacy5- #SecurityArchitecture,#ZeroTrustSecurity, #DefendableArchitecture.

(A people manager role, Started as IS Compliance consultant in Dec 2010 and got promotion after 1 year as head of information security & IT).1. Leading the Info security & Compliance role to ensure secure yet smooth continuity of business operation.o Driven the ISMS ISO 27001 certification project from scratch till certification.o Developed and maintained the information security policy and IT Security policy in light of ISO 27001 and ensured continued compliance.o Building IS awareness in a legacy environment to improve overall security posture. o Conducted security audits and assessments based on Cyber-security and IT risks around infrastructure & processes and helped in risk treatment planning. o Facilitated deployment of DLP solution to proactively deter data leakage attempts.2. Oversee and manage the IT infrastructure to ensure continued availability of IT services.o Supervised IT services operations, capacity planning, IT room management and vendor management.3. Successfully supervise the IT service desk to manage the IT incident response and with customer oriented approach.o Minimized IT downtime with continuous improvement approach to achieve agreed SLA. o Established a knowledge management process to avoid rework for already encountered problems.o Removed personal dependencies by successfully delivering an employee’s training program to cross train my team.

Information Technology & Security.

Managed the enterprise network of organization.