Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Languages
Attributes
Timeline
Generic

IFTEKHARUDDIN SYED

Coppell,TX

Summary

Over 15 years of experience across government, public, and private sectors including DHS, Texas State Agencies, and Fortune 100 companies. Expertise in Cybersecurity, Cloud Security, AI Risk Management, Governance, Compliance, and Audit. Demonstrated expertise in designing, implementing, and managing security frameworks and AI governance strategies to reduce risk and ensure regulatory readiness. Skilled in designing and implementing security architecture. Expertise in risk assessment, mitigation, and the deployment of security controls across cloud and on-premises environments. Deep knowledge of key frameworks including NIST, TxRAMP, PCI DSS, ISO 27001, GDPR, SOX, SOC, and HIPAA. Experienced in securing Generative AI and Large Language Models (LLMs) while supporting responsible AI innovation within ethical and legal boundaries. Industry experience includes financial services, healthcare, retail, and the public sector. Technically proficient in Salesforce Experience Cloud CRM, SAP ERP, AI systems, and a wide range of infrastructure, network, and application environments, enabling secure and compliant enterprise operations. Extensive experience leading complex cybersecurity projects and delivering end-to-end programs across cloud and hybrid enterprise environments. Delivers tailored solutions that align with industry standards, strengthen business continuity, and generate measurable ROI. Recognized for enhancing security posture, enabling resilience, and driving long-term value through modern, scalable security strategies.

Overview

2026
2026
years of professional experience
1
1
Certification

Work History

Sr. Cyber Security Risk Consultant

Client: Financial/Banking (New York Bank)
  • Worked with a major bank to secure financial data flows, and vendor relationships, ensuring compliance with industry regulations and enhancing system resilience against cyber threats.
  • Architected secure systems aligned with PCI-DSS, SOC-2 Type-1 and Type-2 and ISO 27001, mitigating risks in financial data flows.
  • Conducted vendor risk assessments, ensuring third-party security alignment with regulatory standards.
  • Directed SDLC risk evaluations, covering system categorization, security risk assessments, and ATO compliance.
  • Designed layered security frameworks integrating encryption, access controls, and data leakage prevention for banking applications.
  • Conducted Security Controls Risk Assessments (SAR) and Non-Functional Requirements (NFRs) evaluations to assess the effectiveness of encryption protocols and layered security frameworks.
  • Reduced vulnerabilities in financial transaction systems by enhancing encryption protocols and layered security frameworks, with SAR evaluations ensuring compliance.
  • Streamlined vendor risk management processes, cutting assessment times by 20% while maintaining regulatory adherence through SAR and NFR-driven improvements.

IT Security Consultant

eBay Inc.
  • Led the integration of multiple regulatory frameworks, including SOC, HIPAA, ISO 27001, NIST SP 800-53, and PCI DSS, for eBay and PayPal's Transitional Service Agreement (TSA). Managed eGRC readiness, gap assessments, and compliance audits, ensuring adherence to internal and external regulatory requirements. Collaborated with cross-functional teams and external partners to evaluate security controls, design PCI-compliant solutions, and address audit findings.

IT Security Consultant

Signet Group of Jewelers (Zale Jewelers)
  • Led PCI DSS/PA DSS compliance initiatives for Zale Corporation, focusing on securing core banking and mobile applications. Collaborated with key partners, including Bank of America, First Data, Xerox, and Symantec, to manage enterprise application security operations. Directed governance, risk, and compliance efforts, ensuring the protection of sensitive data and safeguarding billions in transactions.

Sr. Cyber Security Risk Consultant

Government Agencies (Government of Texas)
09.2021 - Current
  • Contribute to the Texas state agency Information Security Risk Management team in various risk management efforts, including assessing security controls, conducting security assessments, writing security assessment reports, training owners and custodians, completing complex technical forms, and tracking and reporting progress toward completion of assigned Secure SDLC projects. Write findings and collaborate with system owners and custodians to develop and resolve remediation plans and Plan of Action and Milestones (POAMs).
  • Completed Secure/Security SDLC requirements including security assessments for systems across On-Premises and Cloud environments, including applications, servers, network infrastructure, lien holder systems, toll roads, EV charging stations, and AI systems.
  • Led compliance and Standards initiatives aligned with PCI-DSS, ISO 27001, NIST, TxRAMP, SOC, and OWASP LLM Top 10 standards, with a focus on emerging technologies and integrating AI governance into risk management frameworks.
  • Designed secure system architectures by implementing layered security controls and secure data flows to meet statutory and regulatory requirements.
  • Collaborated with Cloud Engineering and Operations teams to implement and maintain AWS security controls (VPC, GuardDuty, Inspector, CloudTrail, CloudWatch, Security Hub) and CNAPP platforms (Wiz) for multi-cloud risk assessment across AWS, Azure, and GCP.
  • Assessed security alerts, logs, and compliance gaps using CNAPP platforms and AWS-native tools, conducting pre- and post-deployment security risk and compliance assessments as part of Secure-SDLC processes and continuous monitoring.
  • Worked with system owners and custodians to ensure timely remediation of security findings in accordance with NIST SP 800-53, FedRAMP, HIPAA, and PCI-DSS frameworks.
  • Led SDLC security risk coordination, collaborating with agency teams and vendors to ensure implementation of SDLC security requirements, including:
  • System Identification, Registration, and Categorization.
  • Security Deviation Requests and Non-Functional Requirements (NFRs).
  • Authority to Operate (ATO) documentation and Security Privacy Impact Analysis (SPIA).
  • Software Evaluation and Security Deviation Request Assessment.
  • Interconnection Security Agreement (ISA).
  • System Security Plan (SSP).
  • Security Controls Risk Assessment (SAR): Assessed control effectiveness, addressing compliance and security gaps.
  • Non-Functional Requirements (NFRs): Embedded performance, availability, scalability, and security into system design.
  • Firewall Rule Change Analysis Requests.

Sr. Cyber Security Risk Consultant

Retail (Lenovo)
02.2021 - 09.2021
  • Focused on securing AI architecture and intellectual property for Lenovo, aligning their AI lifecycle governance with global standards, and embedding secure-by-design principles into AI workflows.
  • Enhanced AI lifecycle governance by aligning processes with ISO 27001, NIST SP 800-53, SOC 2 Type 2, and OWASP LLM Top 10 standards.
  • Led development of Lenovo's AI Implementation Guidelines, embedding secure-by-design principles into AI workflows.
  • Incorporated Security Controls Risk Assessments (SAR) and Non-Functional Requirements (NFRs) into secure AI architectures to ensure regulatory compliance and optimize system performance.
  • Spearheaded Project Armour, using PRIVVA and OneTrust to assess third-party risks and ensure compliance.
  • Reduced unauthorized access to sensitive data and strengthened intellectual property protection by implementing encryption techniques and conducting thorough security assessments.
  • Achieved ISO 27001, NIST SP 800-53, and SOC 2 Type 2 certifications by addressing security gaps in system architecture and improving audit processes.
  • Enhanced defenses against phishing attacks using CofensePhishMe, boosting overall security resilience and reducing organizational risk.

Sr. Cyber Security Consultant (Security Architecture, Security/Risk Assessment & Compliance, CIAM, Vulnerability/Penetration Testing)

AmerisourceBergen Corp. (Cencora)
01.2019 - 02.2021
  • Collaborated with the enterprise security governance team to manage and assess security architecture, privacy, compliance, audit, and risk efforts across approximately 450 applications and 2,500 servers during migration events. Ensured secure transitions from legacy to modern data centers while aligning with regulatory and security standards. Partnered with architects and team members to oversee 2,500+ ServiceNow requests, addressing cloud migration security, IAM roles, and compliance.
  • Designed security architecture and implemented controls for on-premises and cloud access.
  • Reviewed and Approved ServiceNow requests to ensure compliance with data classification, network zones, and access policies.
  • Conducted security assessments, code reviews, vulnerability scans, and penetration tests aligned with OWASP, SANS, and industry standards.
  • Developed System Security Plans (SSPs) with information owners per NIST SP 800-53, PCI-DSS, and NIST CSF.
  • Managed risk assessments, vulnerability management, and penetration testing across applications and cloud environments.
  • Implemented IAM roles and policies in public cloud for access control and compliance.
  • Collaborated with teams to integrate security requirements into cloud and enterprise policies.
  • Secured migration of 450 applications and 2,500 servers with zero major incidents.
  • Enhanced security posture through proactive risk assessments and penetration testing.
  • Maintained compliance with ISO 27001, PCI-DSS, NIST, and GDPR in cloud environments.

Sr. Cyber Security Risk Consultant

Verizon (Verizon.com & VerizonWireless.com)
11.2016 - 01.2019
  • Served as the Security Focal Point (SFP) for the VP's portfolio across Verizon Wireless and Verizon Wireline Systems, providing leadership and execution of critical cyber security initiatives within Verizon's Digital Platform Portfolio. Managed and guided projects related to Cyber Security Architecture, DevSecOps, and Security Risk Management, ensuring comprehensive security frameworks were designed and maintained in compliance with regulatory standards. The role involved direct oversight of cloud security, PCI DSS, HIPAA, and other compliance regulations, while addressing the ongoing challenges posed by evolving cyber threats.
  • Conducted security assessments for Verizon's cloud migration, ensuring compliance with PCI DSS, NIST SP 800-53, ISO 27001, and audit requirements.
  • Managed the Infrastructure Certification Pipeline (ICP), ensuring 100% audit compliance.
  • Developed and maintained System Security Plans (SSPs) for internal and third-party systems, ensuring regulatory alignment.
  • Performed FISMA-based risk assessments, advising on data access and compliance controls.
  • Integrated DevSecOps and automated security scanning into CI/CD pipelines to strengthen security and minimize defects.
  • Led vulnerability assessments with tools like HP Fortify, BurpSuite, WebInspect, and Black Duck, providing remediation.
  • Ensured PCI DSS compliance through gap analysis, ROC preparation, and secure payment processes.
  • Collaborated with engineering and DevOps to enhance cloud resiliency, availability, and design SIEM pipelines for threat detection.
  • Evaluated SOC tools and emerging security technologies for AWS Cloud environments.
  • Created and documented SOC workflows, SOPs, and incident response procedures for hybrid and cloud-native environments.
  • Optimized detection rules and threat models, integrating threat intelligence to improve SOC response.
  • Established KPIs based on MITRE ATT&CK and CIS Benchmarks to track SOC effectiveness.
  • Conducted knowledge transfer sessions to upskill SOC teams and ensure long-term operational sustainability.
  • Secured cloud migrations by enforcing stringent security controls, preventing any data breaches.

IT Security Consultant

Options Clearing Corporation (OCC)
01.2015 - 11.2016
  • Worked with Options Clearing Corporation (OCC), eBay, and Zale Jewelry on several strategic projects, focusing on IT security architecture, compliance, vulnerability (Penetration Testing), Compliance and Security Risk Assessment.
  • Served as a Senior Information Security Consultant at Options Clearing Corporation (OCC), focusing on the design, analysis, and development of enterprise IT security architecture. Led vulnerability assessments, penetration testing, and security risk management projects to ensure compliance with Basel Regulation, RegSCI/SEC, NIST, HIPAA, PCI DSS, and OWASP best practices. Collaborated with information systems and business units to integrate security standards into projects.

IT Security Manager, Lead Senior InfoSec Risk Specialist

Verizon
09.2009 - 01.2015
  • Managed the implementation and governance of cloud security architecture services for multiple Verizon end-client projects. Managed security technologies, risk assessments, and compliance frameworks for Verizon's internal platforms and external customer-facing services. Focused on delivering robust security protocols, risk management, and adherence to industry standards across critical services, including MSS, UIS, EPCS, SSL certificate management, and incident response.

Education

Master of Science - Information Technology (IT) Security

University of Westminster

Bachelor of Engineering - Computer Science Engineering

Gulbarga University

Skills

  • Security Tools: ServiceNow, GRC Archer, PowerBi, HP/MicroFocus Fortify, Veracode, HP WebInspect, Burp Suite, Nessus, CofensePhishMe, Metasploit, NMAP
  • Security Information and Event Management (SIEM): Splunk
  • Operating Systems: Microsoft Windows, Unix, Sun Solaris 10, Red Hat Linux
  • Cloud Services & SaaS: AWS, Microsoft Azure, GCP, SaaS, PaaS, IaaS, Jenkins (CI/CD), Kubernetes, Salesforce CRM
  • Language, Package/Database: C, C, Java, Python, Java Script, Oracle, MS SQL
  • Identity and Access Management (IAM) Tools: SAP CDC/Gigya CIAM, Oracle Identity Manager, Microsoft Active Directory, Oracle HTTP Server (OHS), Oracle Directory Services (OID, OUD, OVD 10g/11g), ODSEE
  • Single Sign-On (SSO) Tools: Oracle Access Manager, Oracle Identity Federation (OIF), Active Directory Federation Services, Azure AD, CA SiteMinder
  • Identity Federation Protocols: SAML, OAuth, OpenID
  • Multi-Factor Authentication (MFA): Gemalto, RSA

Accomplishments

  • Strategic Security Planning & Analysis: Developed and executed actionable security plans to protect critical IT assets, personal data, and intellectual property.
  • Cybersecurity & Risk Management: Led Secure SDLC, risk assessments, POAMs, and ensured compliance with NIST, PCI DSS, SOX, GDPR, SOC 2, ISO 27001, and other industry standards.
  • Regulatory Compliance & Governance: Created frameworks to ensure adherence to regulations (GDPR, HIPAA, FedRAMP, COBIT) while enabling secure GenAI/LLM adoption.
  • Audit & Risk Mitigation: Addressed audit findings, closed compliance gaps, and strengthened security posture for organizational resilience.
  • Security Architecture & Cloud Security: Designed secure, scalable architectures for cloud (AWS, Azure, GCP) and on-prem environments using tools such as Wiz, ORCA, and GuardDuty.
  • Incident Response & Threat Management: Managed threat detection and response, enhancing enterprise resilience and mitigating security risks.
  • Vulnerability & Application Security Management: Led vulnerability assessments and remediation across on-prem, cloud, and application environments using SAST, DAST, and penetration testing.
  • Network Security Assessment & Management: Secured complex infrastructures and networks through advanced monitoring tools and control strategies to enhance operational resilience.
  • Security Program Delivery & Business Alignment: Delivered secure outcomes for Agile-driven IT projects, aligning security initiatives with business platforms (Salesforce, SAP, AI technologies).
  • Collaboration with Stakeholders: Partnered with leadership and technical teams to align security measures with business objectives and foster cross-functional collaboration.
  • SOC & SIEM Integration: Integrated SOC and SIEM systems to improve threat detection, incident response, and audit readiness.

Certification

  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified Risk and Information Systems Control (CRISC)
  • Certified Ethical Hacking and Countermeasures Expert (EHCE)
  • Certified Information Technology Infrastructure Library (ITIL) V3 Foundation (ITV3F.EN)
  • Certified HIPAA Security and Privacy Awareness
  • Certified PCI DSS Technical Requirements and Technical Scope
  • Certified AWS Solutions Architect - Associate
  • Certified Training – SOX - Information Security Related Tenets
  • Certified on HIPAA Privacy and Security - New Hire Covered Persons Integrity Training
  • ISO 27001-27002:2005 Implementation and Lead Audit, Info Security Management System (ISMS)
  • ISO 9001:9002:2005 Lead Audit (LA), Quality Management System (QMS)
  • BS 25999 Lead Audit (LA), Business Continuity Management (BCM)
  • Certified Cisco Network Associate (CCNA)
  • Certified on LINUX Administration

Languages

English
Advanced (C1)
Hindi
Advanced (C1)
Urdu
Advanced (C1)

Attributes

  • Effective communicator and collaborative team player with a proven ability to engage and align both technical and non-technical teams towards common goals.
  • Demonstrated leadership through critical thinking, problem-solving, and multitasking, ensuring swift issue resolution and timely delivery without compromising quality.
  • Detail-oriented and results-driven, with a strong focus on influencing team dynamics, driving organizational objectives, and maintaining precision and accuracy across all tasks.

Timeline

Sr. Cyber Security Risk Consultant

Government Agencies (Government of Texas)
09.2021 - Current

Sr. Cyber Security Risk Consultant

Retail (Lenovo)
02.2021 - 09.2021

Sr. Cyber Security Consultant (Security Architecture, Security/Risk Assessment & Compliance, CIAM, Vulnerability/Penetration Testing)

AmerisourceBergen Corp. (Cencora)
01.2019 - 02.2021

Sr. Cyber Security Risk Consultant

Verizon (Verizon.com & VerizonWireless.com)
11.2016 - 01.2019

IT Security Consultant

Options Clearing Corporation (OCC)
01.2015 - 11.2016

IT Security Manager, Lead Senior InfoSec Risk Specialist

Verizon
09.2009 - 01.2015

IT Security Consultant

eBay Inc.

IT Security Consultant

Signet Group of Jewelers (Zale Jewelers)

Sr. Cyber Security Risk Consultant

Client: Financial/Banking (New York Bank)

Master of Science - Information Technology (IT) Security

University of Westminster

Bachelor of Engineering - Computer Science Engineering

Gulbarga University

Similar Profiles

  • Harini Sriram

    Harini SriramHarini Sriram

    Test Engineering Team Lead at Accenture-Bank of America -Banking ClientTest Engineering Team Lead at Accenture-Bank of America -Banking Client

  • S M Nurus Safa

    S M Nurus SafaS M Nurus Safa

    Customer Service Officer at in Financial Institution & Offshore Banking Unit, United Commercial Bank Plc.Customer Service Officer at in Financial Institution & Offshore Banking Unit, United Commercial Bank Plc.

  • Amol Kadam

    Amol KadamAmol Kadam

    TEAM LEAD at Virtusa / Client - Bank Of New York MellonTEAM LEAD at Virtusa / Client - Bank Of New York Mellon

  • Meenal Govindan

    Meenal GovindanMeenal Govindan

    Senior Business System Analyst at Flagstar BankSenior Business System Analyst at Flagstar Bank

  • Priya Sharma

    Priya SharmaPriya Sharma

    Business Analyst / Project Coordinator at North America MedTech GroupBusiness Analyst / Project Coordinator at North America MedTech Group

CREATE PROFILE