Mushtaq Ahmed
IT Manager β Data Center | Security & Compliance Auditor (Remote β USA)
ππ - β-ππ www.linkedin.com/in/mushtaq-ahmed-57b02232
ππ Islamabad, Pakistan
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
ββββββββββββββββββββββββββββββββββββββββββββ
Professional Summary
As an experienced IT Infrastructure & Information Security Professional, I bring over 17 years of expertise in managing large-scale IT
operations, Tier 3 data centers, and enterprise-level cybersecurity compliance. Currently serving as IT Manager β Data Center at Riphah
International University and providing remote consulting services to U.S.-based firms as a Security & Compliance Auditor, I bridge the gap
between operational efficiency and security governance.
At Riphah, I lead the design, deployment, and administration of high-availability LAN/WAN networks, enterprise firewalls (Fortinet, Cisco,
Sophos), VPNs, disaster recovery sites, and helpdesk systems. I manage a Tier 3-compliant data center, oversee virtualization (VMware
ESXi, Hyper-V), cloud platforms (Office 365, G Suite), and implement ISO 27001-aligned data protection strategies. I am also responsible
for IT budgeting, procurement, vendor management, and ensuring uninterrupted IT support across 30,000+ users.
In parallel, I work as a Security & Compliance Auditor for U.S. companies, conducting SOC 2 and ISO 27001 audits. I specialize in risk
assessments, control gap analysis, policy and evidence reviews, and audit readiness using platforms like Vanta, Drata, and Secureframe. I
support clients across the U.S. and EU regions by aligning IT environments with global compliance standards such as ISO 27001, SOC 2,
GDPR, HIPPA and ISO 9001.
This unique combination of data center leadership, network security administration, and international compliance auditing positions me to
deliver robust, secure, and scalable IT solutions aligned with both organizational and regulatory goals.
Key Skills:
β’
Data Center & Infrastructure Management: Hands-on experience managing Tier 3-compliant Huawei data centers, including UPS,
HVAC, access control, and fire suppression systems.
β’
Network Administration & Security: Skilled in LAN/WAN, VLANs, routing & switching, VPNs, DMZ setups, and managing NextGen Firewalls (Fortinet, Cisco, Sophos).
β’
Information Security & Compliance (ISO 27001, SOC 2): Successfully implemented ISO 27001 ISMS frameworks, led policy
development, and conducted internal audits; currently auditing SOC 2 compliance for US-based clients using Vanta, Drata, and
Secureframe.
β’
Disaster Recovery & Business Continuity: Established DR site architecture for university campuses and hospitals, ensuring operational
resilience and data protection.
β’
Governance, Risk & Compliance (GRC): Strong command of GRC principles including risk assessments, audit readiness, evidence
review, and regulatory alignment with ISO 27001, SOC 2, GDPR, ISO 9001, and HIPPA.
β’
Virtualization & Server Management: Proficient with VMware ESXi, Hyper-V, Windows Server, Active Directory, Group Policies,
Office 365, and G Suite.
β’
IT Project Management: Led critical IT infrastructure upgrades, helpdesk system deployments, firewall replacements, and SaaS
platform integrations with high availability and security.
β’
Security Awareness & Documentation: Conducted security training, developed policies, audit documentation, and supported
internal/external assessments.
β’
IT Budgeting & Vendor Management: Oversaw procurement planning, vendor negotiations, licensing, and CAPEX/OPEX
management for data center and network operations.
β’
Compliance Platforms & Tools: Hands-on experience with compliance automation platforms (Vanta, Drata), audit documentation
(Confluence, SharePoint), and vulnerability scanning tools (Nessus, Power BI).
β’
Client-Record Audit & Communication: Leading SOC 2/ISO 27001 client engagements remotely for U.S. companies; managing audit
timelines, weekly updates.
β’
Incident Response & Risk Mitigation: Designed and executed incident response strategies, reducing vulnerabilities and aligning
mitigation plans with compliance requirements.
WORK EXPERIENCE
π§Ύπ§Ύ Security Compliance Auditor (Remote)
β’ Security & Compliance Auditor | Prescient Security | April 2025 β Present Currently engaged in performing IT audit assignments
focused on ISO 27001 and SOC 2 frameworks for clients across the US and EU regions.
β’
β’ Audit & Compliance Management
β’ Conduct readiness assessments and evaluate the design and operational effectiveness of IT controls against ISO 27001 and SOC 2
frameworks.
β’ Analyze client-submitted policies and evidence to ensure compliance with control requirements, identifying gaps in documentation or
implementation.
β’ Communicate clear findings and suggest actionable remediation steps to management, proactively reporting potential issues or risks to
team leads.
β’ Manage compliance workflows and evidence tracking using platforms like Vanta, Drata, and Secureframe.
β’ Client & Project Leadership
β’ Lead client meetings and provide weekly status updates, ensuring adherence to audit timelines and maintaining accuracy in
documentation.
β’ Align client environments with international security standards, strengthening overall security posture.
β’ Audit & Policy Analysis
β’ Analyzed provided evidence data to ensure adherence to relevant control points and identified gaps in policies and/or evidence.
β’ Communicated work status regularly to team leads.
β’ Security Protocol Support
β’ Assisted in the development and implementation of security protocols to safeguard company data.
β’ Conducted basic risk assessments and provided recommendations for mitigation.
β’ Supported documentation efforts, including updating security policies and maintaining audit records.
β’ Collaborated with the IT team to enhance network security and resolve vulnerabilities.
π§Ύπ§Ύ IT MANAGER β Data Center
β’ Riphah International University β Dec 2008 β Present | Islamabad, Pakistan
πΉπΉ Data Center Operations & Uptime Management
β’ Manage Tier 3-compliant data center with high availability architecture, ensuring >99.9% uptime for mission-critical systems.
β’ Lead preventive and corrective maintenance of servers, network equipment, power systems, and cooling infrastructure.
β’ Implement real-time infrastructure monitoring using SNMP and DCIM for environment and equipment status.
πΉπΉ Capacity Planning & Infrastructure Scalability
β’ Forecast power, cooling, and rack space requirements based on institutional growth and service demand.
β’ Plan and execute infrastructure upgrades and expansions, including hardware refresh cycles and virtualization consolidation.
πΉπΉ Asset Management & Energy Optimization
β’ Maintain comprehensive inventory of IT, facility, and support equipment.
β’ Implement energy-efficient strategies including airflow optimization and rack-level cooling improvements.
πΉπΉ Security, Compliance & Disaster Recovery
β’ Enforce strict physical and logical access controls for data center areas and systems.
β’ Conduct risk assessments and security audits aligned with ISO 27001 and other relevant standards.
β’ Design and execute disaster recovery (DR) and business continuity plans aligned with RTO/RPO goals.
πΉπΉ Team Management & Staff Development
β’ Lead and mentor a 24-member IT operations and data center team including NOC engineers, system admins, and support staff.
β’ Develop staff through targeted training, technical certifications, and cross-functional upskilling.
πΉπΉ Project & Vendor Management
β’ Manage end-to-end infrastructure projects including SAP ERP, Healthcare & Students ERP hosting, DR site build-out, firewall and
security implementations.
β’ Oversee vendor contracts for UPS, CRAC, PDU, CCTV, structured cabling, and DCIM systems.
β’ Ensure vendors meet SLAs and perform timely preventive maintenance.
πΉπΉ Virtualization, Cloud & Hybrid Environments
β’ Administer virtual environments using VMware ESXi, Hyper-V, and Proxmox.
β’ Manage hybrid cloud services through G Suite, Office 365, and Azure integrations.
β’ Enable workload distribution and secure data access across cloud and on-prem platforms.
πΉπΉ Monitoring, Automation & Incident Management
β’ Utilize DCIM tools, SNMP traps, MRTG/PRTG, SolarWinds, and Power BI dashboards for performance and incident tracking.
β’ Develop automation scripts to optimize routine operational tasks and reduce manual intervention.
β’ Coordinate 24/7 support coverage and ITSM-based ticketing for SLA-driven incident resolution.
πΉπΉ Budgeting & Cost Optimization
β’ Develop and manage IT/data center budgets, ensuring efficient use of financial resources.
β’ Achieve cost savings via vendor renegotiations, energy optimizations, and license consolidations.
πΉπΉ Technology Environment:
β’ Power & Cooling: UPS (APC, Huawei), PDUs, CRAC/CRAH, HVAC, fire suppression, biometric access
β’ Network: Cisco, Fortinet, Sophos, Dell, Huawei, LAN/WAN, VLANs, VPN, Routing, BGP, MPLS
β’ Storage: SAN/NAS, Data Domains, centralized backups, disaster recovery architecture
β’ Security: ISO 27001, SOC2, WAF, IPS/IDS, Next Gen Firewalls, CCTV, Access Control
β’ Virtualization/Cloud: VMware ESXi, Hyper-V, Azure, G Suite, Office 365, Huawei Cloud
β’ Monitoring/Automation: SNMP, DCIM, PRTG/MRTG, SolarWinds, Power BI, custom scripts, ITSM ticketing
PROJECTS
Projects at Riphah International University
β’ Network Deployment: Designed and implemented secure networks across multiple campuses.
β’ Tier 3 Compliant Data Center: Designed and configured the Huawei Tier 3-compliant data center.
β’ ISO 27001 Implementation: Achieved ISMS certification through rigorous policy development and implementation.
β’ Disaster Recovery Site: Set up a DR site at Lahore campuses, ensuring business continuity and data protection.
β’ Next-Generation Firewall Deployment: Enhanced organizational security through NGFW implementation.
β’ Helpdesk System Deployment: Streamlined IT support operations with centralized ticketing and workflow automation.
β’ High Availability Network Upgrade: Upgraded core and distribution layers to ensure high availability and redundancy.
β’ Sangfor Internet Access Management: Deployed Sangfor IAM solution to control internet access and optimize bandwidth.
β’ Unified Communication Tools Implementation: Successfully implemented MS Teams, G Suite, and Office 365 for students and staff.
Business or Sector: Education Department IT Email-Website www.riphah.edu.pk 10/01/2006 β 10/12/2008
Islamabad, Pakistan
IT FIELD ENGINEER BUSINESS COMPUTING INTERNATIONAL
β’ Develop network layouts and new data centers for multiple banks, ensuring seamless and reliable network operations.
β’ Provide network support and maintenance for secure and non-secure Ethernet networks, ensuring optimal network performance.
β’ Led up to 30 members to complete IT infrastructure and network implementation projects within budget and on time.
β’ Manage resources, provide guidance and support, and ensure effective communication among team members.
β’ Manage cable punching and rack management in all new data centers, ensuring efficient use of resources and optimal operations.
β’ Ensure proper structure and organization of all data centers and correctly label and manage all cables, minimizing downtime and
maximizing efficiency.
β’ Demonstrate leadership and management skills in network layout and development, network support services, and
β’ cable punching and rack management.
Projects at Banks:
β’ Network Layout at Dubai Islamic Bank Rawalpindi, Gujrat, and Mandi Baha-ud-Din.
β’ Network Layout at JS Bank Ltd Islamabad.
β’ Network Layout at American Express
β’ Network Layout at HSBC (RWP & ISB)
Business or Sector Professional, scientific and technical activities DepartmentCSD Website
EDUCATION AND TRAINING
20/04/2020 β 21/04/2021 Islamabad, Pakistan
Post Graduate Diploma in Information Technology (PGD-IT) Virtual
University Pakistan
10/04/2016 β 15/11/2018 Islamabad, Pakistan
MBA (Business Administration) MBA Riphah
International University
Website www.riphah.edu.pk
LANGUAGE SKILLS
β’ Mother tongue(s): URDU
β’ Other language(s): ENGLISH (IELTS Certified B2)
DIGITAL SKILLS
β’ Data Center Administration & Operations (Tier 3 compliant β Huawei)
β’ Network Design & Administration (LAN/WAN, VLAN, Routing & Switching, DMZ)
β’ Firewall & Security Management (Fortinet, Cisco, Sophos β including VPNs, IPS, WAF)
β’ ISO 27001 & SOC 2 Compliance Auditing
β’ Disaster Recovery & Business Continuity Planning
β’ Windows Server & Active Directory Administration
β’ G Suite & Office 365 Administration
β’ Application & Internet Access Management (Sangfor, MS Teams, etc.)
β’ Virtualization Platforms (VMware ESXi, Hyper-V)
β’ Monitoring & Reporting Tools (NMS, Power BI, Compliance Dashboards)
β’ Access Control, UPS & Fire Alarm Systems (Data Center Infrastructure)
β’ IT Asset Management & Helpdesk System Deployment
β’ Project Management & Service Optimization
β’ IT Procurement, Budgeting & Vendor Negotiation
β’ Policy Documentation & Risk Assessments (ISO 27001, SOC 2, GDPR)
β’ Compliance Automation Tools (Vanta, Drata, Secureframe)
β’ Audit Facilitation & Control Gap Analysis
β’ Client-Facing Communication & Stakeholder Engagement
β’ People Leadership & Technical Recruitment
β’ Security Awareness & Training Delivery
Trainings & Certifications
β’ ISMS Lead Auditor (ISO 27001)
β’ Advanced ITSM with ServiceNow: Optimizing IT
β’ FortiGate Administrator (Fortinet)
β’ FortiManager Administrator (Fortinet)
β’ Enterprise Firewall Administrator (Fortinet)
β’ FortiAnalhzer Administrator (Fortinet)
https://bci.net.pk/
β’ Network Security Support Engineer (Fortinet)
β’ Fortinet Network Security
β’ CGRC - Governance, Risk and Compliance Certification Mastery
β’ Cybersecurity Compliance Framework, Standards & Regulations (IBM)
β’ Data Center Security Management with Microsoft System Center (EDUCBA)
β’ CISSP: Certified Information Systems Security Professional
β’ CISM: Certified Information Security Manager
β’ Computer Network & Network Security Management (IBM)
β’ CISA: Certified Information Systems Auditor Specialization
β’ Governance and IT Management
β’ Google Cloud: Preparing for Your Professional Cloud Security Engineer Journey
β’ PMP (PMI Lahore)
β’ HCIE (Huawei Certified Internetwork Expert)
β’ HCIP (Data Center Facility Deployment)
β’ Huawei Cloud Computing
β’ Azure Cloud
β’ Characterization of Personality
β’ MCSA (Microsoft Solution Certified Associate
β’ MCP (Microsoft Certified Professional)
β’ MS (Microsoft Specialist)
β’ MCSE (Microsoft Certified System)
β’ CCNA
β’ CCNP
Hobbies
β’ Playing Cricket
β’ Watching Movies
β’ Hiking
β’ River Rafting
F
