Fahad Younas

Experience

• 

  Programmers Force

  Oct 2021 - Dec 2024

  GRC Analyst

  1. Perform comprehensive gap assessments for ISO 27001:2022 enabling clients to meet stringent compliance requirements.2. Develop and refine security policies that provide a robust framework for safeguarding sensitive data and promoting security awareness across the organization.3. Lead risk assessment initiatives to identify vulnerabilities, assess potential impacts, and recommend mitigation strategies, ensuring businesses remain resilient against evolving threats.4. Strategically plan and execute penetration testing exercises, simulating cyberattacks to pinpoint weaknesses and enhance defensive strategies.5. Oversee the management of critical servers, implementing security best practices and maintaining uptime while safeguarding against unauthorized access.6. Successfully implement OpenVPN solutions, facilitating secure remote communication for clients while upholding data integrity and confidentiality. Show less

• 

  Shufti

  Oct 2021 - Dec 2024

  GRC Lead

  1. Perform comprehensive gap assessments for ISO 27001, GDPR, CCPA, SOC2, CIS 20 controls, Cyber Essentials Plus, and PCI DSS, enabling clients to meet stringent compliance requirements.2. Develop and refine security policies that provide a robust framework for safeguarding sensitive data and promoting security awareness across the organization.3. Lead risk assessment initiatives to identify vulnerabilities, assess potential impacts, and recommend mitigation strategies, ensuring businesses remain resilient against evolving threats.4. Strategically plan and execute penetration testing exercises, simulating cyberattacks to pinpoint weaknesses and enhance defensive strategies.5. Oversee the management of critical servers, implementing security best practices and maintaining uptime while safeguarding against unauthorized access.6. Successfully implement OpenVPN solutions, facilitating secure remote communication for clients while upholding data integrity and confidentiality. Show less

• 

  Confidential

  Dec 2024 - now

  ISMS Consultant

  1. Providing expert consultancy to multiple clients on the implementation and maintenance of international cybersecurity and compliance standards, including ISO 27001:2022, NIA, QCSF, and PDPPL.2. Leading gap assessments and internal audits to identify non-conformities, evaluate control effectiveness, and prepare clients for successful certification and surveillance audits.3. Developing and tailoring information security policies, risk treatment plans, and control documentation to meet the unique needs of each client environment.4. Performing risk assessments and maintaining risk registers, ensuring all risks are identified, evaluated, and appropriately treated in alignment with business objectives.5. Supporting clients in the readiness and execution of external audits, including evidence collection, auditor coordination, and post-audit action planning.6. Conducting security awareness and compliance training for client stakeholders to drive a culture of security and ensure ongoing adherence to frameworks.7. Collaborating directly with IT, HR, legal, and executive stakeholders across client organizations to ensure comprehensive compliance coverage. Show less