YAWAR ABBAS
Karachi,LA
Summary
Dynamic IT leader with a proven track record at KPMG, specializing in information security management and risk mitigation strategies. Achieved ISO 27001 certification and implemented robust disaster recovery plans. Adept at fostering team collaboration while enhancing cybersecurity posture through effective training and security controls.
Overview
28
28
years of professional experience
1
1
Certification
Work History
CISO/NITSO & Director IT Strategic
KPMG
Karachi, Pakistan
06.2022 - Current
- Enhanced Security Risk Rating, Vulnerability Dashboard rating, and Annual Information Protection Control Audit through continuous improvement initiatives.
- Achieved ISO 27001 certification in July 2023, fulfilling initial key task within assigned timeframe.
- Oversaw IT procurements and planned new projects as IT Strategic Director.
- Managed Information Security Oversight, Security Strategy, and End User Awareness Training for improved cybersecurity posture.
- Directed Disaster Recovery and Business Continuity planning in response to cyber incidents.
- Conducted Policy Updates and managed client queries related to information security issues.
- Implemented Incident Management processes, including identification, triage, and escalation of security incidents.
- Executed comprehensive risk assessments, including Third Party Risk Assessments and Cyber Insurance evaluations.
Director ITS & CIO Delegates
KPMG
Karachi, Pakistan
06.2020 - 06.2022
- Elevated to Director ITS / CIO Delegate, overseeing IT systems implementation, planning, budgeting, and procurement.
- Led Pakistan IT team, managing staff and infrastructure in alignment with KPMG global ITS standards.
- Revamped IT infrastructure across three cities, maintaining 70+ Windows and Linux servers in virtualized environment.
- Introduced Azure Cloud for eAudit servers, enhancing reliability and reducing operational costs.
- Developed and implemented inter-site Disaster Recovery Plan, ensuring effective business continuity.
- Implemented security controls including Data Leakage Prevention and Data Encryption to safeguard information assets.
- Restructured IT procurement processes, achieving annual savings of $200K.
- Provided regular end-user policy awareness sessions to promote IT security compliance.
Senior Manager ITS Operation, Delegate CISO
KPMG
Karachi, Pakistan
04.2013 - 06.2020
- Managed IT infrastructure across four locations, including Kabul head office, adhering to global ITS standards.
- Oversaw alignment of communication between Technical Support and corporation, maintaining budget and schedule.
- Cultivated supportive and professional IT culture to enhance team performance.
- Introduced team development program, including individual mentoring and team counseling.
Manager, IT/Application Global Support
KPMG LLP
Woodcliff Lake, USA
01.2013 - 03.2013
- Managed remote work for KPMG Global Secondment on L-1 visa inter-firm transfer throughout 2013-2018, positioned on site from January to March
- Managed deployment tracking for KPMG proprietary eAudit software across multiple member firms.
- Presented Proof of Concept for virtualizing testing environment, improving efficiency and reducing physical inventory.
- Established virtualized training environment for eAudit WG+ Server and eData mining, utilized in future regional workshops.
- Achieved 'Exceptional' performance rating from management for outstanding contributions.
Manager IT Operation, CISO Delegates
KPMG
Karachi, Pakistan
08.2007 - 12.2012
- Managed internal IT infrastructure with a focus on information security for nonprofit clients.
- Led deployment of ITS-G projects in MESA, including OCS and KPMG Central.
- Executed comprehensive projects across four locations, achieving 100% virtualization.
- Upgraded network and datacenter infrastructure, enhancing efficiency and resiliency.
- Rolled out eAudit systems and technologies to streamline auditing processes.
- Facilitated KPMG.com migration, ensuring seamless transition and operation.
- Developed intra-city disaster site, bolstering business continuity measures.
Independent Consultant
IT Technical Solutions
Waterloo, Canada
08.2004 - 06.2007
- Delivered managed services to local and US clients, focusing on network design and implementation for small and medium-sized businesses.
- Administered pre- and post-deployment of Microsoft Small Business Server, including client configuration and SharePoint services.
- Monitored data centers remotely, managing clusters, high availability servers, routers, and firewalls.
- Implemented PABX VOIP solutions alongside IT Cloud Services using AWS and Azure platforms.
- Provided email services, disaster recovery planning consulting, and database solutions for optimal operations.
- Developed website and SharePoint solutions to enhance digital presence for clients.
- Executed backup solutions and ERP implementations to ensure data integrity and accessibility.
QUALITY ASSURANCE AUDITOR
NCR
Waterloo, Canada
03.2004 - 06.2007
- Certified Auditor, Tester, and Builder specializing in NCR ATM models 5870 and 6676.
- Achieved Employee of the Year for exemplary performance during 2006-2007.
- Held certifications for auditing, testing, and building NCR ATM systems.
Career Note
Various
Karachi / South Bound Brook
01.1998 - 03.2003
- Executed MS Small Business Server 2003 installations for diverse client environments.
Managed remote administration of Windows 2000 Servers to ensure optimal performance.
Configured routers to enhance network connectivity and security.
Supported e-commerce websites, ensuring seamless user experiences.
Designed computer networks tailored to organizational needs and specifications.
Conducted quarterly assurance audits to maintain compliance and operational integrity.
Administered systems and networks for Astell Infotech Inc. From 2001 to 2002, on an H-1 visa work permit.
Oversaw network administration for KPMG Taseer Hadi Khalid & Co. from 1998 to 2001.
Education
MBA - MIS
Virtual University of Pakistan
Pakistan01-2010
Skills
- Business requirements analysis
- Information security management
- Risk mitigation strategies
- Security controls implementation
- Business continuity planning
- Disaster recovery planning
- ISO 27001 compliance
- Risk management strategies
- IT governance frameworks
- Vendor relationship management
- Data privacy practices
- IT leadership skills
- Vulnerability assessment techniques
- Security policy development
- Virtualization technologies
- Security awareness training
- Procurement and budgeting strategies
- Incident response planning
Certification
- ISO 27001:2022 Lead Auditor, 10/01/23 - 01/01/24
- IBB Council C|BP, 05/01/18
- EC-Council C|CISO, 11/01/16
- IT-BMC, Dubai, 2014
- Microsoft Small Business Specialist, 05/01/05
- Microsoft Certified Systems Engineer
Timeline
CISO/NITSO & Director IT Strategic
KPMG
06.2022 - Current
Director ITS & CIO Delegates
KPMG
06.2020 - 06.2022
Senior Manager ITS Operation, Delegate CISO
KPMG
04.2013 - 06.2020
Manager, IT/Application Global Support
KPMG LLP
01.2013 - 03.2013
Manager IT Operation, CISO Delegates
KPMG
08.2007 - 12.2012
Independent Consultant
IT Technical Solutions
08.2004 - 06.2007
QUALITY ASSURANCE AUDITOR
NCR
03.2004 - 06.2007
Career Note
Various
01.1998 - 03.2003
MBA - MIS
Virtual University of Pakistan