Syeda Pakizah Ali Shah
Pearland,TX
Summary
Results-driven Information Security and Risk Management professional with experience in conducting security gap assessments, delivering consultancy, and supporting compliance with industry standards. Skilled in developing IT and Information Security policies and procedures, performing risk assessments, and leading awareness and training sessions to strengthen organizational security posture. Proven ability to support governance, compliance, and continuous improvement initiatives across diverse environments.
Overview
2
2
years of professional experience
Work History
Associate Consultant
A.F Ferguson PwC
Karachi , Sindh
11.2023 - 10.2024
- Developed and improved Security Services policies, procedures, and reporting standards.
- Supported remediation of regulatory and audit findings; performed root-cause and trend analysis.
- Acted as POC for Compliance for clients, Internal Audit, Risk, and PMO.
- Led management self-testing and Cybersecurity Working Group efforts.
- Managed compliance matters and third-party security assessments.
- worked on NIST, CIS, COBIT, ISO 27001 and other security frameworks.
- Risk assessment
- developed security policies for cloud
Associate consultant
Risk associates
Karachi, Sindh
06.2022 - 10.2023
- Performed ISO/IEC 27001 and 27005 risk assessments for organizations including Abhi Pvt Ltd, SNGPL SCADA, Folio3, Jazz Telecom, EFU Life, and Tapal Tea.
- Led full 27001 consultancy projects independently for EFU General and Tapal Tea Pvt Ltd.
- Supported implementation and documentation of ISO 27001, 27701, 22301, 20000-1, 27011 for clients such as Folio3, SNGPL, Softoo, Nestosh, EFU Life, and SAMA-related projects.
- Developed toolkits and supporting documentation for SAMA, NCA, and extended regulations to ensure structured, controlled project execution.
- Assisted in major projects including Altheqa, Jairasy Group, Ministry of Commerce, and CEBS (Saudi Arabia).
- Participated in external audits and report preparation for TTG, Altheqa, TPS Managed Services & Data Center, Astera, Netbet Enterprise, GMS Entertainment, and Stakelogic Malta.
- Contributed to internal audits, audit pack development, and nonconformity (NC) closure activities
Education
Master of Science - Information Security
NEDUET
Karachi04-2020
Bachelor of Engineering - Electronics
Hamdard University
Karachi07-2017
Skills
- Security policy development
- Risk assessment
- Compliance management
- Cybersecurity framework implementation
- Audit preparation
- Regulatory compliance
Timeline
Associate Consultant
A.F Ferguson PwC
11.2023 - 10.2024
Associate consultant
Risk associates
06.2022 - 10.2023
Master of Science - Information Security
NEDUET
Bachelor of Engineering - Electronics
Hamdard University