Highlights:? Certified Information System Auditor (CISA), Certified Blockchain Professional (CBP), Certified Ethical Hacker (CEH) v10.0 ? Bachelor's Degree in Computer Science & Engineering. ? 10+ years of practical work experience in IT security, IT project management, IT operations and IT audit. ? Extensive experience and knowledge of global IT and cybersecurity risks, inherent technology risks and the ability to articulate/translate technology residual risks into business language/business impact. ? A comprehensive and unique understanding of the very real issues present on the internet faced by banking and non-banking financial organizations, governments, industry and end-users. ? Substantial record of success in this field achieved through proactive involvement in IT risks assessment, application vulnerability assessment, and information security e-learning training application development. ? Previous work experience in the implementation project of Oracle Flexcube Core Banking System, ATM Switching System, Card Management System, Internet Banking System, and Mobile Banking System. ? Active involvement in the implementation & certification project of ISO 27001 ISMS and PCI DSS. ? Expert knowledge of security policies and standards, the creation of manageable, enforceable policies, the way the end-user accesses the resources available over the internet; the development of information security policy; and the development of the business continuity policy (BCP). ? Hands-on experience of Windows & Linux systems, vulnerability assessment, and penetration testing. ? In-depth knowledge of ISO 27001, PCI DSS, ITIL, COBIT5, HIPPA, HITRUST, NIST, etc. ? Strong personal integrity with high ethical standards and treating people with respect. ? Knowledge of the bank & financial organization related to regulatory environments.

Skills:CISA, CEH, CBP, IT Security, IT Audit, Lean Six Sigma Black Belt, ISO 27001 LA

Goal:Things that I am passionate about include: ? Integrating information security into existing operational processes. ? Understanding legal and ethical issues surrounding using technology in our professional and personal lives. Specialties: Reasonable, common-sense information security policies, manageable risk assessments, and trainer.

Membership:ISACA, CIP CANADA, Leader of OWASP Dhaka (Bangladesh) Chapter

Certification:Certified Information System Auditor (CISA), ISO 27001 ISMS LA, Certified Ethical Hacker (CEH), Certified Blockchain Professional (CBP), Lean Six Sigma Black Belt (LSSBB),

First Assistant Vice President 01/2019 - current
Shimanto Bank Limited, Dhaka, Dhaka Bangladesh
Industry: Banking
Manager & Head of IT Security Department
My responsibilities includes: - Developing and implementing IT security policy to the overall organization. - IT risk management, vulnerability assessment, and penetration testing. - Leading the security operation center (SOC) as its manager. - Developing and arranging IT security awareness & training programs for all employees of the bank. - Developing and implementing the business continuity & disaster recovery plan. - Identify and arrange to implement benchmarks & best practices for the management of IT risks. - Manage & ensure IT compliance for both internal and external audits & inspection. - Enhance & evaluate existing end user IT security strategy to address current & future concerns, emerging threats, combating with the cyber threats, effectiveness of business controls, compliance with laws & regulations, conformity with industry and regulatory best practices & standards.--
Senior Executive Officer 04/2015 - 01/2019
NRBC Bank Limited, Dhaka, Dhaka Bangladesh
Industry: Banking
Manager & Head of IT Audit Department
My responsibilities was: - Developing, reviewing & delivering annual IT audit plan memo to Audit Committee of the Board of Directors for approval, with assistance/input from Head of Audit Division. - Preparing IT audit testing procedures, documenting checklist and test the IT security controls with sufficient detail, conducting IT audit efficiently including the analysis of business data and systems, applications, network & communication systems, financial & operational processes of the business. - Identify & evaluate risks and adequacy of controls associated with IT, applications, databases & interfaces and business processes defined for IT control issues within business units. - Present and discuss audit findings & recommendations to IT and specific business unit management during the course of the audit function, and present accurate, well written audit findings & management recommendations to mitigate the key risks identified. - Complete written reports; oral presentations to the head of audit regarding risks, findings & recommendations; and consult with the head of audit regarding remedial action plans. - Follow-up on management’s remediation plans on a timely basis and ensure that follow-up is completed on time, in accordance with the bank’s audit methodology. - Ad hoc liaison and support to IT Division on third party audits and reviews of IT controls, access security, etc., as directed by the Head of Audit.--
Officer 11/2013 - 04/2015
Prime Bank Limited, Dhaka, Dhaka Bangladesh
Industry: Banking
Information Security Officer
My responsibilities was: - IT security policy and related procedures development, gap analysis, recommend mitigation plan to IT management and implementation of IT security policy to the overall organization. - Periodic IT risk & control assessments, vulnerability assessment, and penetration testing. - Identify appropriate methods for protecting mobile devices, computer networks, applications & software and other communication systems; review and investigate security incidents and make recommendations to IT management for corrective action. - Identify, develop & implement the organizational security plans, i.e., disaster recovery & business continuity plan, physical & personnel security, cyber security, identity & access management. - Ad hoc liaison & support to IT & business units on 3rd party audits & reviews (external audit, regulators, payment card, etc.) of IT controls, access security, etc., as directed by the management.--
Assistant Officer 05/2010 - 11/2013
ONE Bank Limited, Dhaka, Dhaka Bangladesh
Industry: Banking
IT Support Officer and IT Project Team Member
My responsibilities was: - ATM switching system administration, maintenance & management; monitoring the interfacing of the switching system with core banking system, VISA, and other payment networks. - HSM administration and management. - Credit Card management system administration, maintenance & management; design & deployment of new credit card product. - ATM operations, technical support, and maintenance & monitoring the ATM operations. - Internet Banking & Mobile Banking System Administration.--
Technical Expert 07/2009 - 05/2010
Bangladesh Election Commission Secretariat, Dhaka, Dhaka Bangladesh
Industry: Government
IT Support
My responsibilities was: - Database Administration (MySQL) - Web & Application Development - Networking & Hardware Support--

Islamic University 04/2003 - 12/2007
Kushtia, , Bangladesh
Degree: Bachelor's Degree
Major:Computer Science and Engineering
4 Year Degree

Login to view resume: Md Jahangir Alam - IT Auditor