Open to opportunities

Fazeela Jamal

@fazeelajamal

Message

Information Security Officer with 7+ years delivering ISO 27001 GRC, SOC operations, and audit-ready compliance.

Pakistan

Message

What I'm looking for

I’m looking for a role where I can drive ISO 27001/NIST-based GRC, support SOC and incident response, and maintain audit readiness. I want to reduce manual compliance effort, quantify risk, and improve security controls—while open to relocation to Lithuania with visa sponsorship.

I’m a cybersecurity professional with 7+ years of experience in security operations, risk management, and compliance frameworks, including ISO 27001, NIST CSF, and GDPR. I specialize in aligning security controls across cloud and on-prem environments while maintaining strong audit readiness.

In my recent role as a Cybersecurity Specialist focused on GRC and GDPR Security Operations, I improved compliance processes through evidence collection and audit documentation. I implemented GDPR controls (Articles 5, 25, 30, 32), conducted DPIAs, and maintained ROPA and risk registers to strengthen regulatory compliance.

Previously, I served as an Information Security Officer where I managed SOC operations using SIEM tools (Splunk, Wazuh) and EDR solutions, performed risk assessments aligned with ISO 27001 and NIST CSF, and led penetration testing and vulnerability management activities. I also maintained audit documentation, coordinated remediation of control gaps, and presented findings to senior management.

I bring offensive security and governance together—using risk quantification (FAIR) and ISO 27001 methodologies, supporting vendor/third-party risk reviews, and using tools like Archer and Jira for tracking and evidence management. I’m open to relocation to Lithuania with visa sponsorship.

Experience

Work history, roles, and key accomplishments

Current

Cybersecurity GRC Specialist

Current

ExactSolution Electronics

Feb 2026 - Present (3 months)

Improved GRC and GDPR compliance processes by implementing ISO 27001/NIST-aligned GDPR controls and maintaining DPIAs, ROPA, and risk registers to strengthen audit readiness and reduce manual reporting effort.

ISO 27001 NIST CSF GDPR RoPA Audit Readiness Risk Register & Compliance

Cybersecurity Solution Architect

Dico-Tech Corvit

Feb 2025 - Jan 2026 (11 months)

Performed business impact analysis and FAIR-based cyber risk quantification, designing ISO 27001/GDPR-aligned risk mitigation strategies and supporting audit readiness, client advisory activities, and security awareness deliverables.

ISO 27001 GDPR Business Impact Risk Mitigation Security Awareness RFP PoC Support

Information Security Officer (ISO)

XTOL Pvt. Corp.

Feb 2022 - Jan 2025 (2 years 11 months)

Managed SOC operations using Splunk and Wazuh SIEM alongside EDR solutions, conducted ISO 27001/NIST-aligned risk assessments, and supported penetration testing while maintaining audit documentation and coordinating remediation of control gaps.

SOC Operations SIEM Wazuh EDR Incident Response ISO 27001 NIST CSF Vulnerability Management Penetration Testing

Junior Cyber Security Analyst

CyberRace Institute

Oct 2021 - Jan 2022 (3 months)

Monitored SIEM alerts and investigated phishing and security incidents, supporting web application penetration testing, vulnerability scanning, and VAPT while contributing to ISO 27001, NIST, and PCI-DSS compliance mapping.

SIEM Phishing Penetration Testing ISO 27001 PCI DSS

Offensive Security Intern

CyberRace Institute

Aug 2020 - Sep 2021 (1 year 1 month)

Assisted with penetration testing and reconnaissance, including bug bounty and password security assessments, performing vulnerability discovery using Nmap, Burp Suite, and Metasploit and supporting phishing detection.

Penetration Testing Bug Bounty Nmap Burp suite Metasploit Vulnerability Discovery Phishing