Muhammad Zain
Sydney,Australia
Summary
Business Aligned Cyber Risk Advisor with a proven track record in financial services, public service and professional services. Expert in delivering impactful GRC strategies and effective controls testing. Adept at executive reporting and fostering collaboration across teams, driving significant improvements in cybersecurity posture and risk management.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Cyber Risk Advisor
Ethan Projects
Sydney, Australia
10.2024 - Current
- Developed asset-based threat modelling aligned to NIST 800-53 and ISO 27001
- Delivered FAIR-aligned scenario development
- Led CrowdStrike EDR implementation across 300+ endpoints
- Performed controls effectiveness testing across 30 cyber controls
Cyber Security Specialist
NSW Education Standards Authority
, Australia
03.2023 - 09.2024
- Led phishing simulations and awareness programs for 800+ staff
- Directed ISO 27001 audit readiness and CAPA
- Prepared CPS 234 reporting and attestations
- Led GRC platform evaluation and secured AUD 800k funding
Senior Associate – Cybersecurity
EY
, Australia
02.2022 - 12.2022
- Led NIST assessments for a major bank
- Prepared CPS 234 Tripartite Review evidence
- Delivered cybersecurity due diligence using CIS Top 18
Cybersecurity Engineer (Associate)
PwC
, Australia
07.2021 - 02.2022
- Established third-party assessment frameworks
- Delivered vendor assessments across 60–109 controls
- Trained junior staff
- Designed residual risk models
Service Desk Engineer
Fantastic Furniture
, Australia
02.2019 - 06.2021
- Managed ServiceNow assets
- Implemented CrowdStrike, MFA, Azure SSO
- Supported infrastructure and endpoint security
Technical Engineer
ITLogic
, Australia
08.2018 - 02.2019
- Managed client systems and networks
- Delivered Azure SSO and server operations
Education
FAIR Analysis Fundamentals -
FAIR
Sydney07.2024
Architecting on AWS -
Credly by Pearson
12.2023
Bachelor’s - ICT (Networking)
Western Sydney University
Parramatta, NSW11-2017
Advanced Diploma - Network Security
Pacific College of Technology
Auburn, NSW01.2015
Certificate IV - IT Networking
Strathfield College
01.2014
Skills
- Cyber Risk Quantification (FAIR)
- Regulatory Compliance (CPS 234, ISO 27001, NIST)
- Threat Modelling & Scenario Design
- Third Party Risk Management
- GRC Platform Strategy & Delivery
- Executive & Board Reporting
- Cloud & Infrastructure Risk
- Controls Effectiveness Testing
- Product Ownership (Cyber / GRC)
- Vulnerability assessments
Certification
- FAIR Risk Fundamentals, 01/01/24
- Architecting on AWS, 01/01/23
- ITIL v4 Foundation, 01/01/21
- NSE 1 – Fortinet
- NSE 2 – Fortinet
Timeline
Cyber Risk Advisor
Ethan Projects
10.2024 - Current
Cyber Security Specialist
NSW Education Standards Authority
03.2023 - 09.2024
Senior Associate – Cybersecurity
EY
02.2022 - 12.2022
Cybersecurity Engineer (Associate)
PwC
07.2021 - 02.2022
Service Desk Engineer
Fantastic Furniture
02.2019 - 06.2021
Technical Engineer
ITLogic
08.2018 - 02.2019
FAIR Analysis Fundamentals -
FAIR
Architecting on AWS -
Credly by Pearson
Bachelor’s - ICT (Networking)
Western Sydney University
Advanced Diploma - Network Security
Pacific College of Technology
Certificate IV - IT Networking
Strathfield College