Javeria Hassan

JAVERIA HASSAN Information Security Specialist E - - q /javeria-hassan14  Karachi, Pakistan EXPERIENCE SUMMARY Information Security Specialist Experienced Information Security Specialist with over 5 years of comprehensive expertise in governance, risk management, compliance, and audit. I specialize in designing and implementing robust IT policies and controls to strengthen security and ensure compliance. With a proven track record in leading audits and risk assessments, I am dedicated to driving continuous improvement in organizational security frameworks. My goal is to leverage my expertise to contribute to the growth and success of a dynamic organization. Growth Arbor (GA) 01/2025 - Present Karachi, Pakistan A private limited company focused on IT services and cybersecurity solutions. • Lead, manage and conduct ISO 27001 and NIST-based CyberSecurity Gap Assessments and prepare Statements of Applicability (SOA) concerning Information Security Management (ISMS). • Develop and refine IT and IS policies, procedures and plans in alignment with ISO standards. • Lead, manage and conduct audits, ensuring adherence to international standards such as ISO 27001. • Lead, manage and perform maturity assessments to evaluate and report on the current state of IS and IT governance practices. • Develop and maintain Risk Registers and Corrective Action Plans based on audit findings and risk assessments. • Act as the primary point of contact for clients, driving the successful integration of cybersecurity solutions. • Conduct walkthroughs with clients to validate existing controls and identify areas for improvement. • Develop customized project plans for audits and assessments, ensuring timely execution and alignment with client expectations. • Track and report the progress of remediation efforts, ensuring timely closure of audit observations. • Facilitate awareness sessions or briefings on IT, IS and ISO standards for client teams. IT Governance Assistant Manager CERTIFICATIONS Certified Information Systems Auditor (CISA) Certification offered by ISACA demonstrating expertise in auditing, control and security. Pentest Cyber Specialist Program Specialized training program offered by NITSEP focusing on penetration testing within cybersecurity. Post Graduate Diploma in Cybersecurity Currently pursuing a Postgraduate Diploma in Cybersecurity from NED University of Engineering and Technology. Meezan Bank Limited (MBL) 08/2023 - 01/2025 Karachi, Pakistan A prominent Islamic bank in Pakistan providing banking services tailored to Shariah compliance. • Formulated and implemented IT policies, SOPs and frameworks in collaboration with IT verticals to optimize risk management. • Developed, enforced, validated and enhanced IT controls and processes in compliance with regulations. • Oversaw SBP, external and internal audits, coordinating with various IT units, internal and external auditors, to ensure compliance with all audit requirements. • Prepared presentations for IT Steering Committee Meetings, highlighting strategic initiatives, project updates etc.Collaborated with IT, Compliance, Shariah, Risk and Business Units to manage IT audits, ensuring compliance. • Conducted regular assessments and reviews to ensure IT policies, SOPs, frameworks & practices comply with legal and regulatory requirements. • Maintained and updated IT governance documentation and repositories for audit and compliance purposes. • Conducted gap assessments based on the ETGRMF framework for IT units, resulting in 83% compliance with identified controls. • Led Change Control Board (CCB) meetings to facilitate collaboration and decision-making among various IT units, ensuring alignment with business objectives. • Prepared and shared weekly change management analytics using IBM Cognos, providing senior management with insights on open, closed, and long-pending changes to support effective tracking and timely decisionmaking. KEY ACHIEVEMENTS s GRC Automation Revamped the BenchMatrix tool “Risk Nucleus” for GRC automation, aligning it with MBL’s practices and requirements. h Change Management Led the automation of change management workflows on TSRM for various IT units.  InfoSec Threats & Vulnerabilities Management Portal Collaborated with the Workflow Automation Team and InfoSec to develop this portal that aimed at enhancing the management of information security risks across MBL. The portal provides a centralized platform for identifying, tracking and resolving vulnerabilities. G Cybersecurity Enhancement Enhanced client’s cybersecurity posture by aligning with industry best practices, ISO 27001, and NIST CSF.  Audit Compliance Maintained 100% audit compliance, ensuring adherence to regulatory standards. * Policy Implementation Formulated, revamped, and implemented multiple IT & IS policies and procedures. EXPERIENCE SKILLS Credit Administration Assistant Manager Dashboards COBIT CyberSecurity Meezan Bank Limited (MBL) 09/2022 - 08/2023 Karachi, Pakistan A prominent Islamic bank in Pakistan providing banking services tailored to Shariah compliance. • Managed credit limits and collateral recording in T24, ensuring compliance with credit policies. • Drafted and reviewed credit facility documents to expedite approvals. • Monitored collateral status through stock reports, valuations, and insurance policies. • Supervised loan disbursements and managed related documentation. • Analyzed exception reports for discrepancy resolution. • Handled loan restructurings, including modifications, extensions, and settlements. ISMS ISO 27001 Change Management Audits SOA Leadership Risk Management Presentations Compliance Incident Management TOGAF Reporting ITIL IT Controls Communication Credit Administration Assistant Manager Habib Bank Limited (HBL) 09/2018 - 09/2022 Karachi, Pakistan One of the largest commercial bank in Pakistan, offering a range of financial services. • Ensured lending documentation compliance with HBL policies and regulatory standards. • Secured Credit Committee approvals for Credit Applications and collateral documentation. • Drafted and issued facility acceptance letters, sanction advice, and security documents. • Reviewed credit documents to ensure adherence to internal controls and regulations. • Identified and mitigated risks in credit documentation. Credit Officer United Bank Limited (UBL) 06/2018 - 09/2018 Karachi, Pakistan Credit Risk Control Officer MCB Bank Limited (MCB) 04/2017 - 06/2018 Karachi, Pakistan IT Intern Continental Automotive Engineering Pvt. Ltd 06/2015 - 07/2015 Karachi, Pakistan IT Intern Pakistan International Airline (PIA) 01/2015 - 03/2015 Karachi, Pakistan EDUCATION Executive Master of Business Administration (EMBA) in Finance & Investment Karachi University of Business School (KUBS) 12/2020 - 04/2025 Karachi, Pakistan Bachelors in Computer Science Sir Syed University of Engineering & Technology (SSUET) 01/2013 - 12/2016 Karachi, Pakistan TRAINING / COURSES Cybersecurity Certification Cloud Outsourcing Regulatory Compliance Introduction to IT Governance & Risk Management