Visiting lecturer of Digital Forensic (DF), Ethical hacking (EH), Cyber Criminology (CC), Information Security Management (ISM)

• Primarily responsible for directing security event monitoring, management and response and cyber threat intelligence 24x7x365;• Responsible for Integrating OT/ICT/Cloud based infrastructure(AWS, Azure, SharePoint, Office365) environment with SOC;• Raise and resolve any architectural issues/risks that could have implications against the cyber security strategy of Engro entities;• Responsible for conducting Digital investigations, Malware reverse engineering, File system forensics, Memory forensics, Network forensics in case of any incident;• Responsible for SOC strategy;• Ensuring threat management, threat modeling, identify threat vectors and develop use cases for security monitoring;• Leading and managing the Security Operations and team of security operational staff members;• Provide leadership, guidance, and technical expertise to deliver a professional service;• Identify the need for, and implement, new security operating procedures and practices to meet operational requirements;• Implemented and managed EDR deployment across all subsidiaries;• Ensure policy, process, and procedure compliance, as well as process improvisation to achieve operational objective;• Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center;• Responsible for conducting active threat hunting across the networks to detect and isolate advanced threats/lateral movements that evades by existing security solutions.

• Leading the team of 40 Information Security personnel's including advisors, subject matter experts, Consultants in respect to (Information Risk Management, Security Transformation & Integration, Fraud Risk, Digital Forensic, Information & Cyber Defense and Incident Response);• Provided assistance in Cyber readiness, maturity assessment & post incident response;• Advise clients and propose best possible technical solutions which both fit within the customer environment and that might be integrated with other Cyber Risk Advisory services;• Participate in industry education and networking events, maintain relationships with external technology risk community and encourages continuous benchmarking of KPMG best practices against leading technologies and practices;• Track and manage remediation efforts of identified risks and vulnerabilities on client side;• Critically looking forwards towards Compromise assessment, red teaming, data leakage prevention projects;• Serve as a facilitator and liaison between the business lines and the technology teams that support them for the successful mitigation of information security risks;• Deliver a robust and fit for purpose security operations function and manage any relevant suppliers who support this function;• Manage and support a range of independent security reviews on technology projects, suppliers and end user computing;• Building security into the software development life cycle, and Agile sprints, and DevOps projects;• Manual and automated security code reviews. Static and Dynamic application security test using tooling such as Checkmarx, Fority, Webinspect, Veracode, and other API security testing etc.;• Providing security within Continuous integration, development and releases processes;• Providing secure coding training to customers;• Vulnerability management within secure software development lifecycle (SSDLC);• Directing team members in terms of content and professional skills;

• Prepared, Implemented and executed Work from Home strategy group level during the situation of COVID-19;• Performed successful Migration of Martindow Critical Servers over cloud Architecture (SAAS, IAAS);• Performed Cyber Maturity assessment for all entities including (Martin Dow Marker, Martin Dow Limited, Seattle Pvt Ltd, Martin Dow Health Care Limited, and Martin Dow Pharmaceutical Limited);• Prepared and implement 321 Backup Strategy Group level for Martin Dow;• Create, conduct & execute "Social Engineering" Scenarios for user awareness;• Manage security incidents for all the entities of Martin Dow Group and conduct POST incident review using Power BI;• Responsible for information security planning and implementation of best practices;• Identify, observe and analyze potential information security risks and develop strategies for preventing threats and addressing breaches;• Responsible for conducting BCP/DR drills on different SITES and record the lesson learned;Maintains a risk register, tracking and resolving the identified risks;• Ensure there is consistent implementation of information security across all parts of the organisation;• Co-ordinates inter-office responses to responses on information protection topics;• Provide assistance in Cyber readiness, maturity assessment & post incident response;• Determine that there is adequate physical security of data centers or restricted IT areas;• Responsible for conducting Information Security Awareness sessions for Higher Management including Group Directors, MD, and Chairman at group level.

• Lead the Cyber Security & Digital Forensic function of KPMG Pakistan;• Provided assistance in Cyber readiness, maturity assessment & post incident response;Lead the team of 30 members including (Information Risk Management, Fraud Risk, Digital Forensic, Information & Cyber Security and Incident Response).• Served as the single point of contact for all client information security queries and requirements• Served as the single point of contact for all provider information security queries and security incidents.• Mobile Application Vulnerability Assessment & Penetration testing includes (Android, iOS, BB, Windows Phone) on the basis of (OWASP Mobile Top 10 , OASAM)• Implemented new requirements and programs as directed by ITS Global and Regional Security teams.• Reviewed information available on global systems (e.g. Risk and Security Manifests and other requirements).• Conducted more than 100+ penetration testing projects of National/International Level in KPMG for (Medium, Large) enterprises.• Performed Source Code review for various national and international clients.• Conducted User Access Rights and Review - (Privilege User ID’s, User Logs, User Administration).• Manually assessed the security of Web Application Firewall(s) including (Palo Alto, Juniper, Cisco, IBM, Incapsula, Imperva, F5, Barracuda, Qualys, Cloud flare).• Performed Review of Database Configurations/ Network Configurations.• Created, conducted & executed "Social Engineering" Scenarios for user awareness sessions.• Implementation of ISO 27001:2013 for different sectors including (Power Generation and Banks)• Conduct Internal Vulnerability assessment & Penetration testing from the Scratch (Black Box) which includes (Network Discovery, Host Discovery, Scanning, Identification, Validation, Vulnerability Assessment, Penetration Testing, and Report Writing).• Performed Cyber Maturity assessment for Financial Institutions.

Served as the single point of contact for all client information security queries and requirements.Coordinates inter-firm responses to client queries and questionnaires on information protection topics.Ensure there is consistent implementation of information security across all parts of the organization.Maintained and update a risk register, tracking and resolving the identified risks.Determined the adequacy of physical security of data centers or restricted IT areas.Managed users and privilege access rights.Review technical controls of DLP for hard drives and other important storage media including encryption and security internal & external gateways.

Help clients to identify organization wide current security posture;Managing the Cyber security related incidents and responses;Perform and conducted possible scenario that would happen the data leakage in an organization;Conduct real time cyber drills specifically against the critical systems;Stress testing for Web & Mobile application(s);Conduct vulnerability assessment of validation of penetration in the systems according to SANS, OWASPAssess and Review the network architecture in terms of Security;

- Provide immediate assistance and identifying the root cause analysis during cyber security incident(s) & response for over 10+ national and international clients. - Mobile Application Vulnerability Assessment & Penetration testing includes (Android, iOS, BB, Windows Phone) using (OWASP Mobile Top 10 , OASAM)- Involved in assuring an organization that meets the requirements of (international Standard on Assurance Engagements ) ISAE - 3402 - Performed more than 80+ penetration testing projects of (Medium, Large) enterprises.- Conduct Vulnerability Assessment & Penetration Testing for Clients- User Access Rights and Review - (Privilege User ID's,User Logs, User Administration).- Manually Assess the security of Web Application Firewall(s) including (PaloAlto, Juniper, Cisco, IBM, Incapsula, Imperva, F5, Barracuda, Qualys, Cloudflare).- Database Configuration/ Network Configuration review.- Conduct & create "Social Engineering" Scenarios for user awareness.- Implementation of ISO 27001:2013- Conducting Internal Vulnerability assessment & Penetration testing from the Scratch (Black Box) which includes (Network Discovery, Host Discovery, Scanning, Identification, Validation, Vulnerability Assessment, Penetration Testing, Report Writing).- External Network & Host Vulnerability Assessment and Exploitation.- Perform Mobile Penetration Testing & Reverse Engineering.- External Penetration testing using different Methodologies (OWASP, CWE).- Conduct Technical Audit (Social Engineering Test, Network Architecture Review, Data Center Review).- Perform Manual exploitation of Internal/External network for Multiple Client(s).- Conduct Information Security Training and Awareness sessions.

• Lead the team of 8 members including (Information Risk Management and Information Security).• Review Security Matrix including (Patches, Updates, Services, Scripts) of SUSE Linux 12.0 & Windows 7-8.• Maintained the security of Habib Metro Financial Services (Corporate Member of Karachi Stock Exchange)• Web Site XSS testing, Exploits finding and vulnerability Assessment.(https://www.habibmetro.com)• ATM down time monitoring and reporting.• Managed Rapid security Incidence responses.• Evaluation of software, hardware and vendor, Project documentation (User Guide, Operational Guide, Technical Guide).• Performed BCP Drills of Different Divisions including (Treasury, CASD) in order to continue Business operations.• Introduction and Training, Manage training of Super users, Process Re-engineering, Gaps analysis.• Core Banking Application review and log management• Working on different SIEM (Security Information and Event Management) (Cyber roam, Alien Vault, QRADAR)• Review and Analyze Voice over IP logs, System Logs, Application logs, Compliance log.• Securing organization from unwanted internal and external threats.• Network Stress Testing, Penetration testing, Anti-Hacking, Network Privilege Escalation, and Database Security.

Topics Description:- Control Hijacking Attacks- Advanced Hijacking Control, Secure Architecture Principles- Return-oriented programming- Py Intro, Sockets- Python introduction- Sockets- Access control (cont.), information flow control- Information flow control (cont.), process confinement- Smartphone security- Distributed Denial of Service- Virtual machine confinement,- Trusted computing architecture- Side-channel attacks- Authentication- Usable Cybersecurity and Privacy- Time/Memory tradeoffs- Basic Internet Security- Program Analysis- HTTPS / SSL- Cyber Attacks & Threat Analysis

• Lead the team of 5 members including (Information Security and Digital Forensic).• Reviewed Change Management.• Conducted Security review of SAP R/3 (SAPGUI) Application.• Securing organization's Web Applications from unwanted internal and external threats.• Made organizational decisions and handles a variety of security related issues that arises daily.• Implemented IDS/IPS and Network based firewalls strategy to reduce the risk of losing the data.• Conducted Network Stress Testing, Penetration testing, Anti-Hacking, Network Privilege Escalation, and Database Security review.