About Sohaib Siddique
-
Academic Level Master’s Degree
-
Age 28 - 32 Years
-
Salary 220622
-
Gender Male
-
Industry Information Technology
-
Viewed 160
About me
I am a Certified Information Security Manager (CISM) with 5 years of experience and I can help you with:
• Information security framework implementation and consultation including, PCI- DSS, PCI-SSF and
PCI-PIN.
• Performing threat modelling.
• SAST, DAST and Software Composition Analysis (SCA)
• Information Security Risk and Vulnerability Management.
• Risk Assessments, policies and procedures review and maintenance, GAP analysis and compliance
audits.
• Implementing security controls to protect information assets, cardholder and sensitive data.
• PCI-PIN security requirements, transaction processing operations, secure cryptographic
implementation, HSMs and key management.
• I can also assist you in creating an institutionalized secure SDLC process and maintaining a
proactive approach to secure your applications.
Education
-
2019 - 2022
NED University of Engineering and Technology
Master of Science in Information Security
-
2013 - 2017
Institute of Business Administration, Karachi
BS Computer Science
Experience
-
2019 - 2021
Risk Associates
Consultant - Cyber Security
Worked with Microfocus security portfolio, Netsparker, Blackberry Cylance, NNT Change Tracker,
and Cimcor security solutions.
• Actively involved in performing Vulnerability Assessments, ASV Scans and Penetration Testing in
PCI/PA-DSS scope.
• Performing Secure Code Review and consulting client’s on Remediation processes.
• Pre-Sales and after Sales implementation and support to local and international clients. -
2021 - Present
Risk Associates
Assistant Manager - Information Security
Information security framework implementation and consultation including: PCI-DSS, PCI-SSF and PCI-PIN.
• Information Security Risk and Vulnerability Management.
• Risk Assessments, policies and procedures review and maintenance, GAP analysis and compliance audits.
• Implementing security controls to protect information assets, cardholder and sensitive data.
• PCI-PIN security requirements, transaction processing operations, secure cryptographic implementation, HSMs and key management.
• Assisting clients in creating an institutionalized secure SDLC process and maintaining a pro-active approach to secure their payment applications. -
2018 - 2019
FFBL Power Company Limited - FPCL
Management Associate - IT
Developing, maintaining and implementing Risk Assessment and Business Continuity Plan
throughout the organization and its subsidiaries.
• Documenting ITIL/ISMS policies and procedures.
• Working in collaboration with Business Application, Networks, Systems, Security and
Infrastructure development team, implementing IT Security policies and procedures.
• Ensuring smooth delivery of IT as a service by implementing Business Continuity and Incident
Response tools and techniques.Based on my performance, I was rotated in Information Systems and Security unit to work closely on the system hardening and revamping Network infrastructure. This progression enabled me to take more hands-on expertise on securing IT Infrastructure. During this engagement, I had the opportunity to work with IBM, Cisco, Siemens, and SAP.
Honors & awards
-
2022
Outstanding Leadership Award
Awarded Outstanding Leadership Award by Risk Associates for the year 2022