Open to opportunities

Ahsan Faraz

@ahsanfaraz

Message

Senior information security consultant and architect driving enterprise security and compliance.

Pakistan

Message

What I'm looking for

I seek senior security roles where I can lead security architecture, SOC excellence, compliance programs, and drive measurable risk reduction in collaborative, growth-focused organizations.

I am a seasoned information security architect and senior consultant with 16+ years of experience designing and implementing security controls, DLP, SIEM, EDR/XDR, and compliance programs (ISO27001, SOC2, PCI-DSS, SWIFT CSP) across banking, fintech, healthcare, and aviation sectors. I have led SOC operations, virtual CISO engagements, large-scale gap assessments, VAPT, DFIR, and incident response efforts that measurably reduced breach risks and improved detection and response times.

My career highlights include leading ISO 27001 and SOC2 implementations, driving enterprise DLP and data classification programs, optimizing SOC detection use cases in Splunk and Azure Sentinel, and delivering security awareness to thousands of employees. I focus on pragmatic, business-aligned security outcomes—reducing operational costs, achieving regulatory compliance, and enabling safe digital transformation.

Experience

Work history, roles, and key accomplishments

Current

Senior Security Consultant

Current

Pact

Sep 2024 - Present (1 year)

Conducted ISO 27001 compliance audits and implemented DLP and SOC solutions for 15+ enterprise clients in KSA, achieving alignment with SDAIA requirements and driving ~80% compliance for MSSP deployments across industries.

ISO 27001)SIEM SOC Cloud Security VAPT Data Protection

Senior Cyber Security Consultant

SABIC

Jan 2023 - Sep 2024 (1 year 8 months)

Designed enterprise data security governance and DLP roadmap, conducted gap assessments across 200+ cloud and on-prem assets, patching critical vulnerabilities and reducing breach risk by 60% while delivering security awareness to 8,000+ employees.

Data Governance Azure Vulnerability Management NIST Security Awareness SIEM Incident Response

Head Cybersecurity

JS Bank

Oct 2022 - Dec 2022 (2 months)

Revamped data protection and SOC operations by deploying DLP and classification with Splunk use cases, improving threat detection efficiency by 50% and directing red team exercises to harden core banking systems.

Splunk SOC Red Team Penetration Testing Endpoint Security Incident Response

Senior Consultant InfoSec

System Limited

Oct 2021 - Oct 2022 (1 year)

Oversaw SOC operations for 20+ clients, optimized Splunk use cases and incident response workflows, acted as virtual CISO for multiple clients and led projects aligned with PCI DSS and ISO 27001.

SOC Splunk PCI DSS ISO 27001)Incident Response Threat Management Cross Border Security

Manager Infrastructure Security

Bank Alfalah

May 2018 - Oct 2021 (3 years 5 months)

Secured SWIFT CSP compliance by redesigning firewall policies and integrating threat intelligence, and executed VAPT for 50+ applications, reducing OWASP Top 10 exposure by 70%.

CSP Cisco VAPT Threat Intelligence Application Security Compliance

Assistant Manager IT

Habib Bank Limited

Oct 2009 - Sep 2011 (1 year 11 months)

Planned, designed and implemented Cisco voice solutions and maintained voice gateways and WAN monitoring systems using NMS tools to ensure operational continuity.

Cisco Voice Gateways Solarwinds NMS

Assistant Manager Infrastructure Security

Habib Bank Limited

Sep 2011 - Present (14 years)

Directed global cybersecurity audits and implemented ISO 27001 and SWIFT CSP compliance for international branches, and led SIEM, EDR and DLP deployments reducing data leakage incidents by 30%.

ISO 27001)CSP SIEM EDR Threat Intelligence