Open to opportunities

Tufail Abbasi

@tufailabbasi

Message

Experienced Information Security Consultant specializing in GRC and risk management.

Pakistan

Message

What I'm looking for

I am seeking a role that allows me to leverage my GRC expertise while fostering a culture of compliance and security within an innovative organization.

I am Tufail Ahmad Abbasi, an experienced Information Security Consultant with over 15 years in Governance, Risk Management, and Compliance (GRC). My expertise lies in vendor management and ensuring organizations align with regulatory standards. I have successfully led numerous GRC projects, implementing frameworks such as ISO 27001 and ISO 22301, which have significantly enhanced operational resilience and compliance.

Throughout my career, I have worked with esteemed organizations like the Securities and Exchange Commission of Pakistan and Canadian Cyber Inc. My role involves developing governance frameworks, conducting internal audits, and engaging with regulatory bodies to address compliance challenges. I am also a proficient trainer, sharing my knowledge on risk management and compliance auditing with industry professionals.

Experience

Work history, roles, and key accomplishments

Current

Deputy Director GRC

Current

Securities and Exchange Commission of Pakistan

Nov 2023 - Present (1 year 8 months)

Developed and implemented governance frameworks aligned with ISO 27001 and NIST, establishing policies for access controls and compliance accountability. Conducted internal audits to evaluate security, risk, and compliance measures, engaging with regulatory bodies and external auditors. Managed business continuity and disaster recovery programs in accordance with ISO 22301 BCMS, ensuring operation

GRC ISO 27001 NIST ISO 22301 BCMS Business Continuity Disaster Recovery Risk Management Vendor Management Policy Development Internal Audit

Current

Senior Cyber Security Consultant

Current

Canadian Cyber Inc

Feb 2021 - Present (4 years 5 months)

Implemented ISO 27001, NIST, PIPEDA, SOC 1, and SOC 2 frameworks to enhance governance, risk, and compliance standards. Developed and monitored IT risk management programs, ensuring data security and regulatory adherence. Conducted internal and external audits for security, risk, and compliance, while overseeing vendor risk assessments and due diligence.

ISO 27001 NIST PIPEDA SOC IT Risk Management Internal Audit Disaster Recovery Business Continuity Vendor Assessment

Information Security Specialist GRC

World Bank (Benazir Income Support Programme)

Aug 2020 - Present (4 years 11 months)

Led department-wide contingency planning and business continuity efforts, developing a framework and methodology for completing plans in accordance with ISO 22301. Coordinated recovery capacity planning for business core services and maintained comprehensive recovery plans and testing programs. Led ISO 27001 implementation in the Technology Wing, managed incident response, and led information secu

Business Continuity ISO 27001 Risk Management Incident Response Policy Development

Information Security Specialist / Senior Lecturer

Riphah Institute of System Engineering

May 2017 - Present (8 years 2 months)

Taught MS and PhD level courses in Information Security Management, Auditing, Risk Management, and IT Governance. Provided professional training on ISO 27001, CISA, CISM, and CRISC to industry professionals. Led consulting projects including Risk Assessments, ISO 27001 Implementation, Vendor Assessment, and IT Security Audits.

Information Security Management Security Auditing Risk Management IT Governance ISO 27001 CISA CISM CRISC Vulnerability Assessment Penetration Testing

Integration Professional

Nokia Pvt Ltd

Sep 2014 - Present (10 years 10 months)

Worked as Team Lead L1 Support for Alcatel-Lucent (CMPAK Project), overseeing configuration and troubleshooting of the GSM network. Utilized the Alcatel-Lucent A1353-RA platform for BSS network configuration and troubleshooting according to system requirements. Resolved QoS issues including call drops, preparation failures, and congestion, while providing 24/7 level-II support to customers.

GSM Network Alcatel Lucent A1353 RA BSS Network Configuration Troubleshooting L 1 Network Operations

Technical Support Engineer

Alcatel Lucent

Dec 2010 - Present (14 years 7 months)

Worked in the TPM department as a BSS/OMC-R Technical Support Engineer for the Mobilink-Pakistan GSM network. Responsible for configuring, managing, and troubleshooting the network elements. Provided essential technical support to maintain smooth and fault-free functioning of commissioned network elements.

OMC R GSM Network Configuration Management Troubleshooting Technical Support Network Operations

Education

Degrees, certifications, and relevant coursework

Unknown

PhD, AI Governance

Currently pursuing a PhD in AI Governance, focusing on the intersection of artificial intelligence and governance frameworks. This advanced study aims to explore regulatory and ethical considerations in AI development and deployment.

Riphah International University, Islamabad

MS, Information Security

Grade: Gold Medal

Awarded a Gold Medal for outstanding academic performance in Information Security. The curriculum covered Information System Auditing, Information Security Governance, and Risk Management.

Unknown

BS, Electronics Engineering

Completed a Bachelor of Science in Electronics Engineering. This program provided a foundational understanding of electronic systems and their applications.