Syed Qamber R.
SydneyAustralia

Cyber Security Consultant, ISO27001, Penetration test & Risk & threat

Following is a summary of my skills: • ISO27001 compliance and gap analysis • IT Security Policies and Frameworks • PCI DSS Assessment level 1 & 2 for merchants and Service provider • Penetration testing • SIEM and Forensics analysis • NIST 800-53 • Risk Assessment and Treatment • Application security vulnerabilities, testing techniques, and the OWASP framework • GDPR • Vulnerability Scanning Experience: • Advise Network and system team to securely build/change Azure and AWS cloud infrastructure for existing and potential clients. • Engage with Client to understand their infrastructure requirements to build and integrate AWS API’s and services. • Maintain and improve ISMS framework that includes SOA, Risk assessment and treatment plan, Risk register and ISM forum to convey the risk to management for their review and support. • Maintain security certifications, including ISO 27001, IRAP and PCI dss. • Conducts Gap assessment as per ISM, PSPF, ISO27001, PCI, NIST and GDPR. • Monitor and assure compliance with information security and privacy regulations, including APRA CPS 234, Privacy Act and GDPR • Manage internal and external audits and remediation • Deliver training programs for security and privacy awareness • Conduct/review security risk assessments of assets and projects • Manage supply chain security • Support Sales and commercials team in responding to security questionnaires • Provides application security services including secure coding techniques and reviews, education & awareness, process and tools, security testing support and guidance for internal software development projects • Reviews information security policies, incident response plans, change management, vulnerability management, patch management policies, etc., as they apply to various facets of the infrastructure in scope. • Performs internal penetration tests, network vulnerability assessments to provide a comprehensive view of the client’s network weaknesses that are exposed to threats. Following are the certifications I have: CISSP CCSP (Cloud security) CEH
Work history

Syed Qamber R. has more jobs. Create an account to review them
Skills

Skills

  • Nessus
  • AT&T Cybersecurity
  • GDPR
  • OWASP