Experience

FOG Software Group
• United States
• Software Development
• 1 - 100 Employee
• Governance, Risk and Compliance Consultant

  • Mar 2023 - Present


Daraz

• Bangladesh
• Retail
• 1 - 100 Employee

• GRC Analyst

  • Sep 2022 - Feb 2023

  - Implementing IS0 27001 ISMS organization wide including ventures (PK, BD, LK, MM, NP) - Development and Improvement of Processes and SOPs, and tracking & measurement of their performance. - Developing & Implementing information security awareness program - Cybersecurity posture review of Red & Blue team - Review and development of Policies and procedure with par to ISO 27001 mandatory requirements. - Manual source code testing of Alibaba production code base - Web & API Dynamic application testing - Risk & Compliance monitoring w.r.t. NIST, OWASP & Mitre framework. Show less



K-Electric

• Pakistan
• Appliances, Electrical, and Electronics Manufacturing
• 1 - 100 Employee

• Assistant Manager - IT & Cybersecurity Audit

  • Mar 2020 - Aug 2022

  Cybersecurity Audits: - Managed Cyber Security audit universe - Leading Penetration Testing Projects - Risk Assessment & treatment - Conducted Mobile Penetration Testing Activities - Conducted Web Penetration Testing Activities - Conducted Cloud Penetration Testing Activities - Provided consultation to Generation Audit on OT Security IT Audits: - Performed risk assessments and gap analysis of the company’s information security program against industry best practices, including NIST, ISO27001/27002, OWASP, and others as applicable. - Developed a comprehensive audit plan based on findings from the risk assessment to ensure that all areas are covered during an audit. - Conducted internal audits for various business units within the organization using standard methodologies such as walkthroughs, interviews with management and staff members involved in processes under review, etc., to determine compliance with policies and procedures related to information security standards (e.g., ISO). - Analyzed results of internal audits performed by Information Security Auditors and prepared reports documenting findings and recommendations for corrective action or further investigation where appropriate. - Provided technical support to other auditors regarding specific technologies used within the organization when performing their own audits (e.g., SAP Vendor Invoice Management ). Show less



foodpanda

• Singapore
• Internet Marketplace Platforms
• 700 & Above Employee

• Performance Analyst - LiveOps

  • Jul 2019 - Feb 2020

  Helped my department make sense of large amounts of vendor data—and use that information to make business decisions, order intakes, cash inflows, and marketing budget allocation. Projects: • Vendor Builder: Constructed Vendor boarding for 2 mega campaigns related to traffic and marketing where I formed strategies to target groups of customers based on their spending patterns, app usage, and categorical affinities to increase the order, and uplift the overall platform engagement and sales. • Vendor Retention: Planned and Constructed reports for "A" category vendors highlighting marketing performances along with in-depth analysis of their menu and customer re-order which included RFM Analysis, review’s sentiment analysis, etc. Show less



Subtech Solutions (Private) ltd.

• Pakistan
• IT Services and IT Consulting
• 1 - 100 Employee

• Software Engineer

  • Jul 2018 - Jun 2019

  - Managed Android team daily tasks, delivering progress reports to team leader. - Gathered client requirements and estimated project needs. - Met with system analysts and project teams for functionality analysis. - Converted project requirements into technical specifications. - Tested functionality to identify and repair bugs. - Performed ongoing maintenance of existing Android projects and products. - Collaborated with back-end team to build API for integration. - Tested and deployed programs and systems Show less



WonderTree

• Pakistan
• E-Learning Providers
• 1 - 100 Employee

• Internee

  • Apr 2016 - May 2016

  Development of unit cases using selenium API and Phantom JS. Development of unit cases using selenium API and Phantom JS.