Khurram Ahmed
$150/hr
Cybersecurity Governance and Risk (Healthcare, Finance and Insurance)
Khurram Ahmed - -Summary Senior Cyber Security/Technology Risk Thought Leader
Cybersecurity Governance and Technology Risk authority for global healthcare, communications, finance, and insurance space. Phenomenal researcher, communicator and analyst of complex global digital architectures. Riveting C-Suite data analyst, presenter, trainer and Microsoft Power Point guru. Seasoned leader and team builder for high-performing projects and initiatives that drive innovation with a culture of excellence. Managed key technology and cyber security projects totaling $75 million for complex global IT deployments at several Fortune 500 organizations such as JP Morgan Chase, Bank of Tokyo (Mitsubishi UJF), Bank of America, Wells Fargo, ADP, Meridian Health, Capital Health, Blueprint Healthcare IT, Selective Insurance Company of America, AVON and Verizon.
Core Proficiencies
Enterprise Cyber Security Risk and Governance / C-Level Engagement/ Report Automation / Risk Acceptance & Mitigation / Policy Governance & Regulatory Compliance / Budget Management & Resource Planning / Process Engineering/ Performance Improvement / Team Building & Training / Enterprise Disaster Recovery and Business Continuity / Project Management / Enterprise Security Solutions Procurement / Leadership Development /
Internal & Vendor Cloud Security / Organizational Training & Education Programs
Experience
Senior Cyber Security Risk Analyst
HSS Orthopedics/Sports Medicine Hospital - NYC
Nov-2019 – (present)
Lead of IT Governance Risk and Compliance Management program for the entire hospital system (budgeting)
Manage and direct Risk Analyst consultants and vendor contacts during Risk Assessments
Senior Liaison within CSRM (Cyber Security and Risk Management Group) organization for all technologies
Corporate Anti Phishing and Training Program for enterprise of 5000 users (including Executive metrics)
Complex Technology Architecture Risk Assessments and Reviews for Global Enterprise (including Biomedical)
Organizational Process Flow optimization utilizing Microsoft Visio & UML (Universal Modeling Language) Diagraming (saved $500K in manual effort via automation)
Executive Reporting Mechanisms/Dashboards for CISO/CIO with Risk Remediation and Acceptance statistics
Director of Technology Risk Management
Selective Insurance Company of America - Branchville NJ
Apr 2019 – Nov 2019
Technology Vendor Risk Program for ITS Enterprise Group (Saved 100K in manual user account effort annually)
Federate all Vendor Applications with Single Sign-On- SAML 2.0 (SLA reduced from 1 week to 24 hours)
Executive Reporting Mechanisms initiated for senior security leadership (CIO and CISO)
Information Security Consultant
Verizon Wireless - Basking Ridge, NJ
Oct 2018 – Apr 2019
Training program for Mobile Application developers for Verizon’s main App deployment (Android and iOS)
Security practices and options for Container Strategy (Micro-services, Kubernetes, and Docker etc.)
Code Reverse Engineering prevention and data obfuscation program for Mobile/Web Apps (reduced risk 100%)
Holistic Risk Assessments promoting a “security by design” approach and culture (transformed organization)
IT Risk Management Consultant
Avon Inc. - Rye, NY
Jul 2018 – Oct 2018
Global Vendor Security/Risk Methodology and Schema (Risk Rating Mechanisms-made assessment efficient)
Security Control Gap Mitigation Redesign (Archer GRC Platform) Managed 10 developers for 1 year
PCI-DSS security strategy and documentation for High Value Vendors
Information Risk Manager Consultant
ADP L.L.C. - Roseland, NJ
Mar 2018 - Apr 2018
NYSDFS Risk Assessment response for ADPIA Insurance Agency Inc. Affiliate (1 billion annual revenue)
Technology Security Controls Gap Analysis Report on complex global Infrastructure and Applications
Technical Risk/Controls Consultant
JP Morgan Chase & Co. - Jersey City, NJ
Jan 2018 - Mar 2018
100,000 Server refresh/end of life Project management (project saved $600K in server management)
Policies, Standards and Control Procedures for Entire Technology Organization (updated all policies)
Formulate Operational Risk Activities for Policy and Standards Steering Committee Globally
Operational Risk Consultant
Wells Fargo Bank Inc. - NYC
Sep 2017 - Dec 2017
Assessed 200 applications in 3 months (groundbreaking speed)
Improve/Optimize Processes and System work flows in the Security Risk Assessment
Resolve Regulatory Audit Deficiencies with Comprehensive Remediation Action Plans
Senior Business Security Lead
ADP L.L.C. - Roseland, NJ
Apr 2017 - Jul 2017
Financial Systems Redesign for ADP (Payroll of 2 trillion US dollars per year) for VP of Finance
Big Data utilization/anonymization strategy with Principal Data Scientist for 35 million Records
CIO Security Metrics Presentations (Documented EOL Remediation strategy of Critical Servers)
Lead Webinars for Audit and Risk Departments (Trained staff on procedures and concepts)
Technical Security Strategy for RPA (Robotic Process Automation for entire Organization-Blue Prism)
AVP - Senior Information Risk Analyst
Bank of Tokyo/Mitsubishi UJF Global Financial Group - Jersey City, NJ
May 2016 - Apr 2017
Information Security & Risk Assessments for Large critical IT Projects (on time & on budget/$50 million total)
Optimize process flows, for Enterprise Info Security with UML diagramming/Microsoft VISIO ($300K saved)
Information Security Risk Analyst/Consultant
Mitsubishi UJF Financial Group - Jersey City, NJ
Nov 2014 - May 2016
Automated Metrics, Analytics and Dashboards for Executive Management (CISO)
Liaise with Compliance and Legal Departments on Special Security Risk Management issues (Completed the
Salesforce.com project with focus on encryption scope)
Archer Governance Risk and Compliance tool deployment for entire Risk Management Process
Information Security Analyst/Consultant
Blueprint Healthcare IT- Cranbury, NJ
Sep 2013- Nov 2014
HI-Trust Common Security Framework risk assessments for multiple recognized hospitals in New Jersey and New York
Implement Project Tracking Mechanisms, scheduling and forecasting technology throughout the organization to
maximize resource utilization (company saved $200,000 annually)
Education/Degrees
Master of Information Systems Management-Cyber Security & Data Assurance
Keller Graduate School of Management, Naperville, IL GPA 3.95
Bachelor of Science-Biology/Psychology
Rutgers University, New Brunswick, NJ GPA 3.0
Associate Applied Sciences- Communications
DeVry University, North Brunswick, NJ BPA 3.4
Governance Risk and Compliance Platform proficiency
Navex Global Lock path GRC, Archer GRC, RSAM/Galvanize GRC, Cherwell Technology Risk Management
Security and Regulatory Frameworks
HITRUST, CSF (Common Security Framework) ISO 27001, COBIT, NIST, OWASP, HIPAA, GDPR, SOX, GLBA, PCI-DSS, NYSDFS, FFIEC, FRB, BASEL, VOLKER etc.
Professional Memberships / Academic Awards / Honors
Best Presentation Award-Breaking the ICE (The Toastmasters) New Jersey Chapter
Keller Graduate School of Management (Degree conferred Highest Distinction) Phi Beta Kappa
Rutgers University Alumni Association (Member)
DeVry Telecommunications Association (Member)
Member-Institute for Robotic Process Automation and Artificial Intelligence
Volunteer/Philanthropic Activities
Executive Officer, Treasurer of Cultural Society 501 C-7 Organization (Mohibban e Urdu of North America)
President, Charitable Foundation 501 C-3 Organization (The Ma-Dad Foundation)
Certifications/Training
R9B Threat Intelligence & Advanced Persistent Threat Defense Training (2021)
COBIT 5 – ISACA Framework
Amazon Web Services Training (2020)
Mandiant Cyber Forensics Training (2020)
Languages
English (Expert-Speaking, Writing & Presentation)
Spanish (Writing & Speaking)
Urdu/Hindi (Speaking)
www.linkedin.com/pub/khurram-ahmed-m-i-s-m-b-s-a-a-s/11/194/876/
