Shabbeer Syed, CISM

Details

Skills

Accounts Payable & Receivable, Allocations, Annual Budgets, Budget Forecasts, Budget Management, Business Analysis, Business Analytics, Business Process Improvement, Change Management, Corporate Finance, Essbase, Expense Budget Management, Finance Transformation, Financial Accounting, Financial Analysis, Financial Modeling, Financial Planning and Analysis, Fixed Assets, G/L Reconciliations, GAAP, General Ledger, IFRS, Information Security, Insurance, Internal Audit, ISO 27005, KPI Reports, Long range strategic planning, Mergers & Acquisitions, Microsoft Dynamics 365 Business Central, Month end close, Network Security, NIST 800-53, Oracle Finn Apps, Program Management, Regulatory Compliance, Regulatory Reporting, Risk Analysis, ROI Management, SEC Regulations, Security Operations, Smartview, SOC 1, SOC 2, SOX 404, Treasury Services, Variance Analysis

About

Experienced GRC, ERM and ORM Leader in Global IT & Information Security initiatives for Enterprise Applications, GRC, ERM, ORM, TPRM programs and assessments, Designed Cyber Strategy for Boards & Executives, Architect for target Operating Models and M&A Due Diligence with Maturity Assessment & Rating, Cyber Risk Management, Risk Assessment & Treatment, Risk Quantification, Third-Party Risk Management, Insider Risk, Risk Analytics & Reporting, Compliance Management, CMMC, SWIFT CSP, PCI DSS, NIST, Cyber Assurance Frameworks and Data Privacy Assurance, Cyber Operations and Security Architecture, Encryption, Security Configuration Infrastructure & Endpoint Protection, Data Protection, Identify and Access Management, SecDevOps, Cyber Resilience, Threat hunting, Digital Forensics, Incident Response, Vulnerability and Patch Management, Penetration Testing, IT Service Continuity, Business Continuity, Disaster Recovery and Operational Resilience, Infrastructure upgrades, SOC Audit Standards US SSAE 18 and ISAE 3402, Cloud Infrastructure and Solutions, Information Security and Risk Management (ISRM) Cybersecurity solutions in Financial Services, Healthcare & Medical Devices, Highly regulated verticals focusing on Regulation, Audit, Risk and Compliance. Thorough understanding of security/risk frameworks ISO 270001, NIST 800 series, COBIT, CIS, ISMS regulatory audit & compliance (e.g., SOX, SOC 1/2/3, PCI DSS, HIPAA etc.) and data privacy GDPR (EU Data Protection, Binding Corporate Rules, Privacy Shield, etc.) regulations from a global perspective. Implemented and ran HITRUST CSF v9.5.0 programs and services rationalizing relevant regulations and standards into a single overarching security and privacy framework to meet the comprehensive, flexible, and efficient approach to regulatory compliance and risk management. external & internal SOC 2 IT Audits, Cloud SaaS, Information Security and Cybersecurity, Cloud (, Azure, GCP and Private Cloud). Implemented Cybersecurity and Digital Risk Management, IT Security Maturation initiatives involving Multi-Factor Authentication, Network Segmentation, Security Operations (SecOps) and Network Operations, Microsoft Sentinel, SolarWinds, Everbridge SecOps, SIEM enhancement and Assent Management. Expertise in ISO 27001, NIST CSF, HITRUST frameworks, cloud security and DevOps. Certified Information Security Manager (CISM) (ISACA's) with expertise in information security governance, program development and management, incident management and risk management and Certified Information Systems Auditor (CISA) and (ISC)2 CISSP.