Syed Muhammed Ifrahim

Led full-lifecycle ISO 27001 and SOC 2 Type II implementation programs for SaaS, healthcare, and AI-sector clients, improving compliance maturity and certification readiness. Built enterprise risk management frameworks and AI governance aligned to ISO 42001 and EU AI Act obligations, and integrated controls into cloud-native environments and CI/CD pipelines.

Planned and led IT audit and GRC implementation engagements across UAE banking, real estate, and government sectors using ISO 27001, UAE IA, and NCEMA frameworks. Delivered board-level audit findings and remediation roadmaps, and designed ISO 27001-compliant policies and procedures and ISO 22301-aligned BCM/DR assessments.

Led ISO 27001 programs that enabled clients to achieve certification and unlock enterprise customer contracts. Supported audit readiness and compliance positioning for enterprise sales, and delivered security roadmaps aligned with business growth.

Managed the IT internal audit lifecycle, including annual audit planning, fieldwork execution, and reporting to internal audit leadership and the audit committee. Implemented ISO 27001 ISMS controls and PDPL data protection requirements, and designed automated dashboards adopted by 15+ auditors to improve audit tracking and efficiency.

Conducted IT audits and cybersecurity assessments across critical infrastructure utilities, covering infrastructure, applications, cloud, and business processes. Supported ISO 27001 surveillance audits, performed Azure cloud security assessments, executed OWASP-based penetration testing, and delivered business continuity and disaster recovery (BCDR) gap recommendations.

Completed a Postgraduate Diploma in Cyber Security at NED University of Engineering & Technology from 2020 to 2022.

Completed a Bachelor of Science in Computer Science at FAST-NUCES from 2013 to 2018.