Master of Computer Science

Master of Public Administration

Bachelor of Computer Science

General Manager IT Audit & IS

• Overseeing the IT Strategy improvements by identifying the gaps in implementations of technological projects / solutions, suggesting best practices of IT Governance and cutting-edge technology solution implementations, value driven, cost effective and optimized technology investments aligned with business objectives.
• As a member of Audit & Risk and ISO/IEC 27001:2022 implementation Committees providing vision and valuable insights to strengthen the IT Governance and cybers resilience of all associated group of companies and recommendations for Digital Transformation projects and to improve the control weaknesses of information systems to senior management and Board of Directors (BOD).
• Oversight the design and implementing information security policies i.e., risk management, Information security, access management, clear desk and clear screen, removable storage media, backup, IT asset management, IT acquisitions and lifecycle management, information classification & handling, acceptable use, change management, patch management, mobile & teleworking etc.
• Leading the ISO/IEC 27001 Information Security Management System (ISMS) Certification Project, responsible to design and implement information security, Cybersecurity and privacy protection framework aligned with the context of organization and business needs by engaging all relevant stakeholders.
• Ensuring Cyber resilience of 28 plus companies in group by implementing Threat Intelligence, IDM, PAM, SOC, SIEM, APT, Network Security controls, IT Operational control, robust IT Infrastructure Security for maintaining Confidentiality, Integrity and availability of mission critical IT and OT Networks.
• Monitoring the IT CAPEX/OPEX budget utilizations, SLAs with third parties, establishing and monitoring the performance criteria for measuring the KPIs of the IT Department including optimal utilization of IT Infrastructure.
• Responsible for design & post implementation reviews of all IT Projects including Budget utilization, Architectural design review, IT Assets risk management, ERP Applications utilization and performance reviews, information security hardening controls.
• Responsible to ensure internal compliances and Information Security risk assessments and to maintain the Confidentiality, Integrity, and Availability of Information Systems by conducting regular Internal Information Security and Compliance Audits engagements including (ITGC, Applications & Database security, Vulnerability assessments, Penetration Testing, Threat Intelligence, Data Privacy, Disaster Recovery, Incident Management, Infrastructure hardening, & Patch Management, Cybersecurity maturity assessments and gap assessments).
• Overseeing the establishment of enterprise architecture Project for one of the largest SAP implementations in Pakistan and Digital Transformation project including RISE with SAP migration and modernization to baselining the Data, application, technology, infrastructure, and security architecture.
• Overseeing the process improvements in IT Service Management Projects, uninterruptible and improved processes of SAP S/4HANA, multiplatform system integrations for improved reporting and dashboard to ease informed decisions, gaps identifications and suggesting best practices for successful completion of IT Projects.
• Collaborating in post implementation design reviews of SAP Digital Transformation Project, end to end processes audits (O2C, P2P, H2R, R2R, SAP Solution Manager) by identifying the implementation gaps and suggesting improvement to overcome the underutilization of SAP S/4HANA Modules.

Deputy General Manager IT

• As a Chairman of the Digital Transformation Committee and member of the IT Steering Committee responsible for leading cross-functional Digital Transformation, automation, cybersecurity, IS risk management, and integration projects. As part of the RPA project, implemented several software Bots to eliminate manual tasks of the IT Department resulting in enhanced security, process automation, value creation, and cost savings.
• Reporting to the CEO/Board and providing strategic guidance about Information Security to implement a technology roadmap about data privacy, regulatory compliances, information security risk assessment, digital trends, emerging technologies, IT infrastructure advancement, and recommending best technological solutions to support the organization’s goals & business diversification strategy.
• Led designing and implementation of IT policies to foster secure and resilient IT Services that ensure Data Privacy, Cybersecurity, IT Governance, Risk Management, aligned with best practices of IT standards/frameworks such as ISO/IEC 27001, COBIT, GDPR, ITIL, and NIST. Conducts gap analysis and ensures implementation of the required controls/latest Information Security solutions to improve the IS poster of the company.
• Headed ISO/IEC 27001 Information Security Management System (ISMS) Certification Project and has achieved Certification Milestone for the Company. Designed and implemented a Cybersecurity Framework aligned with the context of organization and business needs by engaging all relevant stakeholders.
• Overseeing a tier three compliant Data Center that ensures high availability of Information Systems equipped with the latest Server Machines, Next Generation Firewall, L3/L2 switches, Addressable fire suppression system, IoT & AI-based in-house developed environment management system, SMS/Email alerts, and 24/7 monitoring, etc.
• overseeing Implementation and post-implementation support of Oracle ERP Modules Life Cycle (Procurement to Payment, Sales cycle, recruitment to retirement, Discrete and Process Manufacturing, Finance, AP, AR, Fix Assets, Product Costing, Engineering & Plant Maintenance, etc.). Integration of different technology platforms to cater business requirements.
• Implemented cutting-edge technologies to minimize the cybersecurity attack surface. Implemented mandatory testing and patch management SOPs for monitoring and evaluations of cybersecurity, Data privacy, and IS risk management issues in quarterly IT Steering Committee meetings i.e. critical security and access management events, segregation of duties within the IT Department, administrative account activities, data leakage prevention, multi-factor authentication, supply chain security for all acquisitions of software/services/hardware, secure coding, web filtering, systems configuration management, security of cloud services and continual improvement of implemented controls.
• Overseeing Cybersecurity, IT Governance, Data Privacy & Compliance matters, Risk Management, and Incident Management. Designed and implemented several Information Security Policies to ensure security and data privacy such as Information Security, Backups, Email, Cryptography & Key Management, IT Asset Management, Mobile Device, Removable Media, Clear Screen & Clear Desk, Software Development, Change Management, Secure System Engineering, Supply Chain Security, IT Acquisitions & Life Cycle Management, Disposal of IT Assets, and SLA with vendors/internal departments Approved by Board.
• Led the ERP/Software Development team for delivery of out-of-the-box software solutions by engaging diversified IT teams to cater project’s Techno-Functional requirements from planning, UI/UX design, coding, QA, implementation, post-implementation, and continual improvement of software applications to cater the growing business requirements. Using Microservices for software code usability, independence, and integrity.
• Responsible for Big Data Analytics to develop digitally matured systems for BI Dashboard, trend analysis, data insights, crystal reports, and alert management for financial and other business decisions.
• Headed all Internal/External third-party IT Audit engagements of Information Systems (ITGC, Application & Database security, Vulnerability assessments, Penetration Testing, etc.).

Senior Manager IT

• Ensuring all internal compliances and Information Security assessments to maintain the Confidentiality, Integrity, and Availability of Information Systems by conducting regular Internal Information Security and Compliance Audits. Prepares yearly Risk Assessment plan & Risk treatment to maintain a comprehensive Information Security Risk Register approved by BAC. Set KPIs of IS teams with detailed RACI chart for IS roles and responsibilities.
• Designed and implemented a comprehensive IT Support Portal to manage New Developments, Modifications, Error Reporting, Program Development, Change Management, Configurations, Patch Management, Incident Management, and Reporting not only limited to meet compliance requirements but to ensuring real-time issues reporting, resolution, level of required support/required action plan by maintaining the complete log of IT issues life cycle.
• Implemented a comprehensive Incident and Disaster Recovery Plan covering details about the incident life cycle, business impact analysis about critical Information Systems and Data Privacy, team management, incident reporting and alert management, emergency levels, and appropriate action plans with complete backlog management.
• As an integral part of Cybersecurity and Data Privacy, leading all training and awareness engagements at all levels. Arrange regular awareness sessions for management/users by creating meaningful infographics and presentations.
• Managing cross-functional teams for Digital Transformation projects including Software Architects, Software Developers, Software QA, Database Administrators, Cybersecurity, Governance, and IT Operation teams
• IT Projects compliance w.r.t Information System Security and controls for IT AUDIT (internal, external & ISO).
• Risk Assessment, Risk treatment, and process mapping as per ISO/IEC 27001, ISACA, PMI, and NIST guidelines.
• Designed and implemented Software Development/Change management policies and Secure System Engineering principles to deliver qualitative and tested software solutions.
• Responsible for Data Center Management, Network Security Operations, Latest Servers in a virtualized environment, High Availability Next Generation Firewall, Data loss prevention (DLP), Enterprise Storage Systems, etc.
• Led Strategic IT Projects portfolio, triple constraints, Projects blueprints with cost-benefit analysis, Planning, Scheduling, Execution, Monitoring & Controlling, Risk Management, and Stakeholders Management.
• Recommended and implemented new solutions for Operations technology infrastructure to ensure that Operation Technology systems are integrated through a coherent and manageable framework to maximize flexibility and efficiency while minimizing maintenance overheads.
• Led IT infrastructure management, Operational planning, Data Center management, IT Budget CAPEX & OPEX.
• ERP Project Scheduling, costing, and implementation as per big bang and phase-wise methodology.
• Software Projects Scope, detailed work plan, determine project required resources & allocations.

Manager IT

• Yearly road map of IT department as per IT Strategy keeping in view IT infrastructure and business objectives.
• IT Governance, management of Software Projects, configuration management, change management, access management, and continuous improvement cycle as per PMI, ITIL & ISACA best practices.
• Dealt with a highly integrated software development environment using Agile Methodology.
• Designed, Tested, and Implemented a Time Management Module integrated with the payroll module.
• Software Projects Costing, Scheduling, qualitative & quantitative analysis, WBS, risk & stakeholder management
• Designed, developed, implemented, and management of Dashboard reporting for executive management.
• Designed and successful implementation of online ticketing Software for all IT projects & MIS complaints.
• Service Level Agreements (SLA) with vendors, preparation & evaluation of technical and financial proposals

Deputy Manager IT

• Software Projects Scope, detailed work plan, determine project required resources & allocations.
• System Analysis & Design of Software Projects.
• Ensures the quality standard of IT Projects and the organization’s strategic interest coupled with IT projects.
• Performed continuous improvement in existing applications and services for growing business needs.
• Compliance Audit and recovery drills of backup restoration & IT Systems disaster recovery.
• Database Management (Creation, Migration, Backup & Recovery, Auditing & Security of Database).

Assistant Manager ERP

• Software requirement analysis, business process reengineering, and Gap Analysis.
• Management of Oracle-based ERP Systems Sales & Distribution, Material Management, SCM, HRMS, and GL.
• Designed and implemented a product pricing system, multi-site time management system.
• Submitted monthly data of performance parameters to the upper management, along with proposals to eliminate bottlenecks in Business Processes.

MIS Executive

• Network administration, Servers management, firewalls, and proxy server management.
• Database Administration
• Software Development
• System Analysis & Design
• Microsoft Exchange Server

Certified PMP

I am Certified Project Manager (PMP)

ITIL Certified

ITIL-A Certified

CMMI Certiified

CMMI-A Certified

AWS Certified Solution Architect

AWS Certified Solution Architect

Certified in Cybersecurity

Certified in CC by ISC2