fbpx

About Sohaib Siddique

  • Academic Level Master’s Degree
  • Age 28 - 32 Years
  • Salary 220622
  • Gender Male
  • Industry Information Technology
  • Viewed 302

About me

I am a Certified Information Security Manager (CISM) with 5 years of experience and I can help you with:

• Information security framework implementation and consultation including, PCI- DSS, PCI-SSF and
PCI-PIN.
• Performing threat modelling.
• SAST, DAST and Software Composition Analysis (SCA)
• Information Security Risk and Vulnerability Management.
• Risk Assessments, policies and procedures review and maintenance, GAP analysis and compliance
audits.
• Implementing security controls to protect information assets, cardholder and sensitive data.
• PCI-PIN security requirements, transaction processing operations, secure cryptographic
implementation, HSMs and key management.
• I can also assist you in creating an institutionalized secure SDLC process and maintaining a
proactive approach to secure your applications.

Education

Experience

  • 2019 - 2021
    Risk Associates

    Consultant - Cyber Security

    Worked with Microfocus security portfolio, Netsparker, Blackberry Cylance, NNT Change Tracker,
    and Cimcor security solutions.
    • Actively involved in performing Vulnerability Assessments, ASV Scans and Penetration Testing in
    PCI/PA-DSS scope.
    • Performing Secure Code Review and consulting client’s on Remediation processes.
    • Pre-Sales and after Sales implementation and support to local and international clients.

  • 2021 - Present
    Risk Associates

    Assistant Manager - Information Security

    Information security framework implementation and consultation including: PCI-DSS, PCI-SSF and PCI-PIN.
    • Information Security Risk and Vulnerability Management.
    • Risk Assessments, policies and procedures review and maintenance, GAP analysis and compliance audits.
    • Implementing security controls to protect information assets, cardholder and sensitive data.
    • PCI-PIN security requirements, transaction processing operations, secure cryptographic implementation, HSMs and key management.
    • Assisting clients in creating an institutionalized secure SDLC process and maintaining a pro-active approach to secure their payment applications.

  • 2018 - 2019
    FFBL Power Company Limited - FPCL

    Management Associate - IT

    Developing, maintaining and implementing Risk Assessment and Business Continuity Plan
    throughout the organization and its subsidiaries.
    • Documenting ITIL/ISMS policies and procedures.
    • Working in collaboration with Business Application, Networks, Systems, Security and
    Infrastructure development team, implementing IT Security policies and procedures.
    • Ensuring smooth delivery of IT as a service by implementing Business Continuity and Incident
    Response tools and techniques.

    Based on my performance, I was rotated in Information Systems and Security unit to work closely on the system hardening and revamping Network infrastructure. This progression enabled me to take more hands-on expertise on securing IT Infrastructure. During this engagement, I had the opportunity to work with IBM, Cisco, Siemens, and SAP.

Expertise

Information Security Consuting
PCI Securre Software Assessment and Implementation
PCI Secure SLC Assessments and Implementation
PCI DSS assesments
Application Vulnerability Assesments
Gap assessments in PCI DSS, PCI SSF and ISO 27001 scope
IT Risk Assessments
Risk Assessments based on ISO 27005

Languages

English
Proficient
Urdu
Proficient

Honors & awards

Skills

Leave Your Review

  • Overall Rating 0