Career Profile

Experienced and result oriented information technology advisory and assurance management professional with over a decade of experience in the Information Security Management, Technology Risk Management and Governance, Information Systems Audit, Application Systems development and Networking domains. Management Consulting and Assurance Service experience spanning numerous clients across different industry verticals in the Financial Services, Government, Oil and Gas, Industrial, Retail and Technology sectors within the Middle East and India.

Excellent track record in the professional services industry having helped maintain exceptional customer satisfaction and bringing about improvement to overall operations of the practice. Proficient in managing systems, field operations, people, project development and completing projects on schedule and within budget. Strong interpersonal, communication and organizational skills and an intuitive analytical ability to achieve defined objectives.

Professional Experience

confidential

Manager IT Advisory/Information Risk Management Services

Currently leading KPMG's IT Advisory and Information Risk Management practice in Kuwait. Responsibilities include practice management, client stakeholder relations and managing the various elements of client project delivery. Extensive experience working with clients and managing engagement teams for projects in different industries. Also, KPMG's National Information Technology Security Officer NITSO for the Kuwait firms.

Key Highlights include:

• Currently working on a project to provide CIO Advisory services for one of the largest Middle East based banks with over USD 43 Billion in assets to assist them in their effort to setup an IT Service Transition framework, IT Organization Restructuring, PMO Governance streams as part of a larger IT Transformation initiative.
• Worked with the financial regulator to help them with the full life-cycle implementation of their ISO 27001 compliant Information Security Management System ISMS and review their internal security controls.
• Worked with a multinational team from KPMG LLP's UK Financial Services Center of Excellence in assisting one of the largest banks in the Middle East setup a BS 25999 compliant Business Continuity Management Program covering Business Impact Analysis for over 40 business units and framework for operations in 16 countries to bolster their Business Resilience strategy.
• Assisted one of the biggest regional Payment Gateway providers in setting up a management system to align their processes to the ITIL framework / ISO 20000 standards and bring about process improvement.
• Performed numerous evaluations of IT Governance, Risk and Controls and benchmarking exercises for several Financial Institutions against international standards and frameworks such as COBIT, ISO 27001/ 20000.
• Successfully led teams to assist one of Kuwait's largest technology services providers to implement and obtain dual accreditation for both ISO 27001 and 20000 management systems. This client was the first company in the Middle East to be ISO/IEC 20000:2005 certified.
• Provided advisory services for one of the largest Insurance service providers in the Middle East in their ISMS upgrade effort from BS7799 to ISO/IEC 27001 .
• Successfully managed and executed numerous IT external FSA/regulator mandated AORICS and internal audit / assurance engagements IRM including General IT control reviews, Application/Automated control testing, Substantive Testing using CAATS, Revenue Assurance engagements, Audit Risk Assessments and Planning, security evaluations and vulnerability assessments, Post Implementation reviews etc.
• Key IT Audit/Assurance engagements clients where services have been delivered include one of the largest sovereign wealth funds with close to USD 300 Billion in managed assets , one of the largest brokerage and investment companies in the Middle East, US Securities Exchange Commission SEC listed affiliates/subsidiaries within the Petrochemicals, Financial Services sector, Large State owned Oil and Gas companies, Large nationalized banks, etc. Over 80 clients in different industries.
• As KPMG's National IT Security Officer NITSO in Kuwait, responsibilities include management, direction and oversight all aspects of information risk and security within KPMG member firms offices in the country. Coordinate with other aspects of the business including, Legal, Risk Management RMP , Human Resources HR , Chief Information Officer CIO , Information Technology Services ITS and the Privacy Liaison PL Initiate and execute local information security efforts Primary point of contact for all client information security queries and requirements, and coordinate with KPMG Global Security Office or other member firms, as appropriate, on responses to information protection initiatives, threat response, risk evaluations, balanced score cards, budgeting, etc. Ensure that appropriate security policies and controls are enforced upon KPMG firms, associated third parties and/or subcontractors, awareness training, etc.

confidential

Web / Application Developer

Transferred into the software development wing of the company and was primarily involved in the application design and development. Core responsibilities included UI Design, Requirement Analysis/System study, Access control device integration with custom applications using API's, Code/Database Troubleshooting, Product Testing, End-User Support, Solution Vendor Management.

Key Highlights include:

• Worked on key project to develop the reporting application Bad Loans integrated to the Retail Banking Credit Information database for collection agencies affiliated to one of the largest private sector Banks in India.
• Worked on development of one the first retail software based Interactive Voice Response Systems products in South India using Microsoft TAPI.
• Worked on the development project for e-Governance management system for District Municipalities in Northern Kerala.

confidential

Network Engineer

Worked as a network engineer responsible for design and deployment of secure Windows based networks, Access Control systems Smart Card and RFID reader systems for new startup clients, Support and monitoring of Windows Systems, Troubleshooting of Windows Servers/PC/LAN, Installation and configuration of IIS Web server, Secure configuration of CISCO Switches / Routers, Access Control Lists, VLANs, Developed and maintenance of intranet website.