This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

User:Faisal.naqvi

From OWASP
Jump to: navigation, search
Photo of Muhammad Faisal Naqvi
Muhammad Faisal Naqvi

Muhammad Faisal Naqvi

Project Leader

OWASP Security Operations Center (SOC) Framework


Background

Faisal with over two decades of experience, have implemented managed and audited Cyber Security, IT Governance, Risk & Compliance (GRC) for a number of organizations including blue chip and fortune 500 companies.

He is Author of Govt. Regulations, Standards, Policies and Procedures of Information Security & IS Audit for Certification Authorities. He has discovered many zero-day vulnerabilities including in Microsoft Windows Server 2012, 2008, Windows 8 & 7, for which Microsoft issued an important patch while acknowledging and thanking him. His article on this subject, has also been published in ISACA Journal.

He has held various positions including Manager - IT Risk & Assurance at Ernst & Young (1 of Big4); Senior Consultant - Information Security at NetSol Technologies Inc.; Research Consultant at E-Certification Accreditation Council, Ministry of IT & Telecom, Government of IRP.

He has delivered numerous large scale SOC and Cyber Security implementation and auditing projects for Enterprise wide information systems including all leading ERPs, Cloud Environments against standards like PCI-DSS, ISO27000, COBIT, NIST, ISO20000 (ITIL), SOX and BS25999 internationally.

Besides Gold medal in MS (IT) E-Commerce, Faisal has many industry's leading certifications such as CISSP, CISA, CRISCq, ISO27001 LA, AMBCI & ITIL. He is a regular speaker on Cyber Security & Audit at prominent conferences, seminars and workshops.

He has also done lots of conference presentations. Here are some of them:

  1. Information Security Strategy from Big Picture to grass root, New York University
  2. IoT – Rise of new Zombies Army, CISO Middle East, 9th Annual Conference
  3. Recent Payment Card Industry (PCI) Hacks Techniques used; & possible Defense PCI - Dubai, AKJ Associates, UK
  4. Integrating Multiple IT & Security Standards (ISO27000, PCI-DSS, SAS70 & ISO20000) for Audi tee & Auditor e-Crime Congress Dubai, AKJ Associates, UK
  5. CISSP’s Domain of Cryptography, National Institute of Mgmt & Information Security (NIMIS)
  6. CISSP’s Domain of App. Security, National Institute of Mgmt & Information Security (NIMIS)
  7. Online Security, Threats & Countermeasures, NetSol Technologies Inc.
  8. Role of Certification Authority, Bahria University
  9. ISO27000 Information Security Management System (ISMS) Introduction, NetSol Technologies Inc.
  10. Info Security Challenges & Opportunities, National Response Center for Cyber Crimes (NR3C), Federal Investigation Agency (FIA)
  11. Information Security for E-Commerce, Bahria University
  12. Response to Criticism on E Crime Law, Ministry of IT & Telecom

For involvement in the project or for any feedback/ query, please contact him here: Muhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master

Retrieved from "https://wiki.owasp.org/index.php?title=User:Faisal.naqvi&oldid=230120"