IHAB AZAHMAD
                                                  ihabazahmad2020@gmail.com | 07584069479

Professional Summary
 Dedicated cybersecurity professional with experience across diverse roles, including Cyber Security Officer, Cyber Security Specialist, and IT Administrator. I excel in conducting risk assessments, developing robust IT security policies, and implementing comprehensive Governance, Risk, and Compliance (GRC) frameworks. My expertise spans leading internal audits, managing ISMS gap assessments, and deploying robust security solutions that align with international standards such as ISO 27001, NIST CSF, and PCI-DSS. With a proven track record of enhancing system stability, mitigating vulnerabilities, and ensuring regulatory compliance, I am committed to safeguarding critical information assets and driving continuous improvement in organizational cybersecurity posture.

Professional Experience

Cyber Security Officer IBM Consult, Remote | April 2024 - Present
• Conduct comprehensive information risk assessments for both existing solutions and new projects, identifying critical vulnerabilities.
• Review and develop IT security policies, standards, and procedures to ensure compliance with regulatory and internal requirements.
• Produce detailed reports and statistical analyses for annual ISMS management review meetings, driving strategic decision-making.
• Advise business stakeholders on data protection and information security requirements, enhancing overall compliance.
• Monitor and report on actions from data privacy impact assessments, ensuring timely remediation.
• Perform third-party supplier and supply chain risk assessments, bolstering overall security posture.
• Execute internal audits and regular control testing, gathering evidence to support compliance efforts.
• Design, implement, and maintain robust Governance, Risk, and Compliance (GRC) frameworks.
• Assist with security training and awareness programs, including phishing simulations, to foster a security-conscious culture.

Cyber Security Specialist InfoSec4TC, Remote | Jun 2021 – Jan 2024
• Conducted ISMS gap assessments to identify vulnerabilities and develop actionable remediation plans.
• Developed and maintained comprehensive security policies aligned with industry’s best practices and compliance standards.
• Collaborated with IT teams to implement robust disaster recovery plans, safeguarding critical systems and applications.
• Assisted in creating and enforcing governance frameworks to enhance compliance with NIST CSF and ISO 27001.
• Performed routine vulnerability assessments and coordinated the resolution of identified risks.
• Managed security audits by generating detailed reports and ensuring adherence to legal, regulatory, and internal requirements.
• Conducted security self-assessments and quarterly attestations for critical controls. • Designed and implemented ISO 27001 and PCI-DSS compliance frameworks, ensuring strict adherence to international standards.
• Deployed and maintained enterprise-level security solutions, including Data Loss Prevention (DLP) and antivirus systems.

IT Administrator JumboUK Ltd, London | April 2019 – May 2021
• Successfully implemented and maintained Windows Server 2019 infrastructure, improving system stability and performance.
• Troubleshot and resolved complex network connectivity issues, minimizing system downtime and enhancing user experience.
• Developed and executed data backup strategies to ensure critical data protection and robust disaster recovery capabilities.
• Provided technical support to end users by resolving hardware and software issues. • Conducted regular assessments and security audits, identifying and remediate potential security risks.
• Implemented firewall policies to secure network resources and safeguard sensitive data.
• Developed and enforced IT security policies aligned with industry standards.

Education
 MSc Network and Information Security | Kingston University, London
BSc (Honors) Business Information Systems | London Metropolitan University, London HND in Computing | Teesside University, Middlesbrough

Certifications
• Responsible AI Professional: Tool Overview (OneTrust).
• Risk Management Framework for Systems and Organizations (NIST).
• Third-Party Risk Management Professional (OneTrust).
• Tech Risk & Compliance Professional (OneTrust).
• Certified Cyber (Governance Risk and Compliance) Professional (CC(GRC)P)
• Digital Operational Resilience Act Trained Professional (DORATPro)
• ISO 27001 Certifications:  Foundation  Lead Implementer  Lead Auditor.
• ISO 27005 Information Risk Management
• NIST Cybersecurity Framework (CSF)
• CompTIA Certifications:  Security+  CYSA+

Skills
 Governance, Risk & Compliance (GRC): ISO 27001, NIST CSF, PCI-DSS, GDPR, DORA, HIPAA, SOX Assessments & Audits: ISMS Gap Assessments, Internal Audits, Compliance Audits Risk Management: Third-Party Risk Management, Risk Identification, Mitigation Strategies Policy Development: Creation, Review, and Implementation of Security Policies Control & Monitoring: Control Testing, Continuous Monitoring, Compliance Metrics Reporting Incident Management: Incident Response, Cyber Resilience, Security Awareness Training Technical Skills: Cloud Security, Data Loss Prevention (DLP), Antivirus Systems