Muhammad Asad Imran Ansari
Information & Cyber Security Risk Specialist
Karachi
Summary
6+ years of experience in IT/IS Audit, ISO 27001 ISMS, ISO 22301 BCM implementation, and Project Management. Proven ability to deliver strategic security projects, conduct risk assessments, and ensure compliance with industry/regulatory standards. KPMG-trained in GDPR & ISO 27005, with expertise in leading cross-functional teams and managing successful projects. Strong communicator with a customer-focused approach and hands-on experience in IT/IS audits.
Overview
6
6
years of professional experience
4
4
Certifications
Work History
Head of Information Security
Alfalah Investments
02.2024 - Current
- Established the Information Security department from scratch, developing a governance structure aligned with ISO 27001:2022 and drafting a complete policy, Procedures and Standards pack.
- Led implementation of Risk Management and Vulnerability Management Frameworks, including ISO-based risk assessments and CVSS-based vulnerability handling.
- Managed outsourced SOC and WAF services, and coordinated Threat Intelligence activities, including response to emerging CVEs.
- Collaborate with stakeholders on Business Impact Analysis (BIA) and ensure IT compliance through internal audits and corrective actions.
- Regularly reported InfoSec strategies, budgets, compliance status, and key risks to the Board Risk Management Committee (BRMC).
Manager
KPMG Taseer Hadi & Co
02.2022 - 01.2024
- Led ISO 27001 and NCA ECC audits for clients in Saudi Arabia, UAE, and the UK, assessing ISMS across IT departments and datacenter (Sharjah, Aberdeen) to ensure compliance with ISO 27001:2022 and regional regulatory frameworks.
- Spearheaded ISO 27001 implementation for Colgate Pakistan, integrating Cyber Risk Assessments, developing security policies, and enhancing cybersecurity posture.
- Perform audits at the Pakistan Stock Exchange covering Cybersecurity, IT General Controls, BCP, and DR, ensuring robust IT/IS governance.
- Delivered IT/IS audit assurance for financial asset management clients, focusing on datacenter security, governance, SIEM, and DLP controls
- Conducted GAP assessments for insurance sector clients across Active Directory, server infrastructure, networking, and Oracle databases, remediating high-risk vulnerabilities.
- Performed risk assessments and BCP/datacenter security audits in the banking and manufacturing sectors, strengthening IT/IS governance, enhancing resilience, and addressing key security gaps.
Information Security Analyst
Ideators
01.2019 - 01.2022
- Led GAP assessments of IT/IS governance frameworks, policies, and procedures, focusing on IT General Controls, ensure alignment with industry best practices and cybersecurity standards.
- Performed risk assessments for IT environments, implementing strategic remediation plans to address gaps in governance, security controls, and compliance.
Education
Bachelor of Science - Computer Science
Newports Institute of Communications And Economics
Karachi, Sindh, Pakistan 04.2001 -
Skills
KPMG Clara – Utilized KPMG Clara for audit execution, risk assessment & documentation
Certification
Certified Information Security Manager (CISM) | ISACA | USA
Timeline
Head of Information Security
Alfalah Investments
02.2024 - Current
Manager
KPMG Taseer Hadi & Co
02.2022 - 01.2024
Information Security Analyst
Ideators
01.2019 - 01.2022
Bachelor of Science - Computer Science
Newports Institute of Communications And Economics
04.2001 -
Similar Profiles
Danish AlviDanish Alvi
Manager Transaction Monitoring at Bank AlfalahManager Transaction Monitoring at Bank Alfalah
Ijaz AhmadIjaz Ahmad
Security Guard at Alfalah Bank PakistanSecurity Guard at Alfalah Bank Pakistan
Amna NomanAmna Noman
Intern at Bank AlfalahIntern at Bank Alfalah
Muhammad DanishMuhammad Danish
Technical Customer Support Engineer at ValueFirst Messaging Pvt. Ltd.Technical Customer Support Engineer at ValueFirst Messaging Pvt. Ltd.
Muhammad KhizarMuhammad Khizar
Client Service Intern at Third Bridge GroupClient Service Intern at Third Bridge Group