IBRAHIM Ahmed

• Negotiated contracts with vendors for hardware and software purchases or services rendered.
• Managed the day-to-day operations of the delivery team, including assigning tasks, setting deadlines, and ensuring adherence to best practices.
• Identified areas for improvement in existing processes or procedures related to software delivery.
• Created detailed project plans outlining milestones, deliverables, timelines, resources needed, cost estimates, and quality standards.
• Developed and implemented GRC policies, procedures, and controls to ensure compliance with applicable laws and regulations.
• Identified gaps between the current state of operations and the desired future state, based on industry standards or best practices.
• Assisted in developing risk assessment frameworks for identifying and measuring enterprise risks.
• Led the delivery of enterprise-level GRC programs across banks and service providers.
• Spearheaded PCI DSS QSA engagements for four banks and five service providers.

• Designed and implemented client-specific risk and compliance frameworks.
• Drafted, implemented, monitored, and maintained up-to-date corporate compliance programs.
• Supported local and global compliance initiatives; aligned with evolving regulations.
• Delivered stakeholder training and led cultural transformation for risk ownership.
• Participated in meetings with stakeholders and external organizations concerning regulatory compliance issues.
• Conducted audits, gap analyses, and remediation plans for large enterprises.

Conducted regulatory assessments, and designed internal control systems.

Supported implementation of security standards, including ISO 27001 and PCI DSS.

I built strong client relationships and ensured program alignment with business needs.

• Drafted, implemented, monitored, and maintained up-to-date corporate compliance programs.
• Coordinated with various departments to develop effective risk management strategies.
• Monitored changes in relevant laws and regulations to ensure that the organization complies with current standards.

• Performed regular vulnerability scans across the organization's IT infrastructure.
• Ensured that all employees have received appropriate training in information security practices.
• Responded promptly to reported incidents involving possible breach of sensitive information.
• Reviewed audit logs regularly to identify suspicious activity or patterns.
• Assessed current network infrastructure for potential security risks and vulnerabilities.
• Developed and implemented security standards, policies, and procedures for the organization.
• Implemented measures to detect unauthorized access attempts or malicious activities on networks.

• Installed software patches to fix known security vulnerabilities in operating systems or applications.
• Conducted risk assessments to identify threats and vulnerabilities in computer networks.
• Performed regular vulnerability scans using automated tools such as Nessus or Qualys.
• Evaluated new security products before deployment into theproduction environment.
• Performed periodic reviews of user accounts to make sure they are properly configured according to company policy.
• Developed and maintained security policies, standards, procedures and guidelines to ensure the secure operation of information systems.