Open to opportunities

shafiq ahmed

@shafiqahmed1

Message

Cybersecurity and GRC professional enhancing governance and compliance programs.

Canada

Message

What I'm looking for

I am seeking a role that fosters growth, values security culture, and offers opportunities to lead innovative cybersecurity initiatives.

I am a cybersecurity and governance, risk, and compliance (GRC) professional with extensive experience in building and enhancing programs across IT and OT systems. My expertise lies in aligning security policies and frameworks with organizational objectives and regulatory standards, ensuring that cybersecurity strategies are not only effective but also integrated into the core of business operations.

Throughout my career, I have developed operational plans and risk-based controls that significantly strengthen enterprise resilience. I have a strong background in penetration testing, secure code reviews, and social engineering assessments, which allows me to proactively monitor cyber threats and manage incidents effectively. As a trusted advisor to senior leadership, I communicate complex security concepts clearly to both technical and executive stakeholders, fostering a culture of security awareness and compliance within organizations.

Experience

Work history, roles, and key accomplishments

Current

Senior Security Analyst

Current

DigitalPoint Technology

Nov 2024 - Present (8 months)

Established and sustained the vulnerability management program by analyzing results from automated scans and coordinating with asset owners for effective remediation. Developed and maintained automated security testing frameworks for static application security testing (SAST) and dynamic application security testing (DAST).

Vulnerability Management SAST DAST Penetration Testing Information Security Mentorship

Information Security Analyst

Loadlink Technologies

Nov 2019 - Nov 2024 (5 years)

Provided expert governance, compliance, and risk standards and guidance to support the secure operation of all IT services. Managed data-related governance, compliance, and risk across multiple external partners, including MSSPs, and provided program updates to executive leadership.

Governance Risk Management Compliance Incident Response SIEM IDS Threat Detection Data Governance

SOX Compliance Analyst

TransCore Link Logistics

Jun 2016 - Oct 2019 (3 years 4 months)

Led the planning and execution of SOX compliance audits, ensuring adherence to regulatory requirements and performing risk assessments to identify potential areas of non-compliance. Collaborated with process owners to remediate control deficiencies and improve the overall control environment.

SOX Compliance Risk Assessment Audit Reporting Control Remediation SOP Development ISMS PCI DSS Problem Solving Communication Skills Salesforce

Education

Degrees, certifications, and relevant coursework

Canadian Business College

Associate of Science, System and Network Administration

2009 - 2010

Completed an Associate of Science degree focusing on System and Network Administration. Gained foundational knowledge and practical skills in managing and maintaining IT systems and networks.

University Of Dhaka

Master of Science, Physics

1990 - 1994

Obtained a Master of Science degree in Physics. Developed strong analytical and problem-solving skills through advanced coursework and research in the field of physics.