Syed Tajwer Ali
GRC Associate Consultant
Karachi, Sindh,SD
Summary
Experienced GRC Consultant at GlobalCB, improving cybersecurity and compliance in various IT environments. Skilled in ISO standards and the regulation like SAMA Cyber Security Framework, with strong analytical and relationship-building skills. Reduced risks significantly through audits and training, boosting organizational security. Results-focused Cyber Security Consultant with over a year of experience, offering security solutions and services to different clients, and ensuring the protection of important information.
Overview
3
3
years of professional experience
5
5
Certifications
Work History
GRC Consultant
GlobalCB
Karachi, Sindh
11.2022 - Current
- Conducted interviews with staff, stakeholders, and department heads to identify key information security concerns and issues.
- Provided expert supervision and guidance to the internal security team.
- Implemented strategies to protect information assets such as networks, software, and databases from potential intrusions and cyber-attacks.
- Developed, enforced, and maintained a corporate information security policy for the client's organization.
- Monitored and upgraded the client’s information security management systems.
- Reviewed and updated information security policies and procedures.
- Conducted internal audits to assess compliance and performance.
- Performed information security risk assessments and acted as an internal control auditor.
- Ensured the implementation of security measures across client organizations.
- Reviewed client requirements in alignment with ISO standards (27001, 90001, 20000-1:2018) and SAMAA regulations.
- Participated in ISMS audits for ongoing compliance.
- Reviewed logs and reported anomalies.
- Collected evidence for audits and assessments.
- Coordinated with teams to address vulnerabilities.
- Led security awareness training sessions for employees.
- Monitored security incidents and provided prompt response to mitigate risks.
Information Technology Support Officer
Xclusive Enterprises Services (Private) Limited
06.2022 - 10.2022
- Monitoring and troubleshooting of office LAN, Wi-Fi Network, Employees Desktops and laptops, Printers, Scanner.
- Installation of operating systems (Linux, Windows 10, Windows 7, Windows Server 2019) on systems, VMware, and configuring them.
- Creating user IDs for new employees in Outlook and configuring in the Internet Message Access Protocol (IMAP).
- Installation of Oracle database software on systems and in VMware (Virtual Machine).
- Checking the users on internet services using Advanced IP Scanner.
- Work with third-party vendors to resolve client complaints.
- Manage Fixed Assets System and settle invoices.
- Make schedules for servicing with different vendors and in-house staff.
- Installation of different software as per user requirements.
- Coordinate and satisfy customers regarding pre-sale and post-sale products.
- Responsible for coordinating with hardware vendors.
- CCTV monitoring based on IP address.
- Create IT inventory to issue equipment to employees.
Associate 1
A. F. Ferguson & Co. (a Member Firm of the PwC Net
Karachi, Sindh
11.2021 - 05.2022
- Analyzed ITGC (general information technology controls) of organizations, communicating with customers to collect requirements via a List of Requirements (LOR).
- Reviewed disaster recovery plans.
- Reviewed organizational data centers to assess pros and cons.
- Prepared plans for scheduled and unscheduled audits.
- Worked on the statutory audit report, making it presentable for senior management to review.
- Retrieved and secured information from clients to complete audit projects.
- Continuously trained to maintain knowledge of audit technologies and procedures.
- Contributed to the development of the audit department's objectives and implemented improvement plans.
- Supported the creation of automated audit strategies.
- Possess an understanding of International Standard Organization (ISO:27001:2013).
- Performed reviews to evaluate compliance with regulatory requirements and standards related to information security such as ISO 27001 and SBP ETGRM Framework for Financial Institutions.
- Worked on quality assurance in various SAP modules, including SD, QM, and PP.
IT Intern
Pak Elektron Limited (PEL)
06.2021 - 07.2021
- Explore the management system which is executing in this organization which is in vb6 and .net framework
Education
Matriculation - Computer Science
LadyBird Gramamr School
Karachi, Pakistan 04.2001 -
Intermediate - Pre Engineering
Pakistan Shipowers Government College
Karachi, Pakistan 04.2001 -
Bachelor of Science - Software Engineering
Ilma University Formerly IBT
Karachi, Pakistan 04.2001 -
Skills
Enterprise risk management
Incident Management
Internal Auditing
ISO Standards
Information Security
Cybersecurity best practices
Training and Awareness
Problem-Solving
Time Management
Excellent Communication
Decision-Making
Self Motivation
Team Collaboration
Organizational Skills
Customer Communication
Analytical Thinking
Relationship Building
SAMA- Cyber Security Framework
Insurance Authority - Cyber security Framework
Languages
Urdu
Native language
English
Intermediate
B1
Certification
ISO 27001:2013-Compliant Cybersecurity: Annex A Controls
Hobbies
Video Games
Cricket
Reading Books
Jogging
Timeline
Introduction to information security
01-2024
ISO 27001:2013-Compliant Cybersecurity: Annex A Controls
08-2023
ISO/IEC 27002:2022. Information security controls
07-2023
(ISC)² Candidate
02-2023
Information Security Management Fundamentals for Non-Techies
12-2022
GRC Consultant
GlobalCB
11.2022 - Current
Information Technology Support Officer
Xclusive Enterprises Services (Private) Limited
06.2022 - 10.2022
Associate 1
A. F. Ferguson & Co. (a Member Firm of the PwC Net
11.2021 - 05.2022
IT Intern
Pak Elektron Limited (PEL)
06.2021 - 07.2021
Matriculation - Computer Science
LadyBird Gramamr School
04.2001 -
Intermediate - Pre Engineering
Pakistan Shipowers Government College
04.2001 -
Bachelor of Science - Software Engineering
Ilma University Formerly IBT
04.2001 -