Muhammad Faisal Naqvi

Project Leader

OWASP Security Operations Center (SOC) Framework

Muhammad Faisal Naqvi

Background

Faisal, with over two decades of experience, has implemented managed and audited Cyber Security, IT Governance, Risk & Compliance (GRC) for a number of organizations including blue chip and fortune 500 companies.

He is Author of Govt. Regulations, Standards, Policies and Procedures of Information Security & IS Audit for Certification Authorities. He has discovered many zero-day vulnerabilities including in Microsoft Windows Server 2012, 2008, Windows 8 & 7, for which Microsoft issued an important patch while acknowledging and thanking him. (https://technet.microsoft.com/en-us/library/security/MS14-016#ID0ESXAE) His article on this subject, has also been published in ISACA Journal. (http://www.isaca.org/Journal/Blog/Lists/Posts/Post.aspx?ID=230)

He has held various positions including Manager - IT Risk & Assurance at Ernst & Young (1 of Big4); Senior Consultant - Information Security at NetSol Technologies Inc.; Research Consultant at E-Certification Accreditation Council, Ministry of IT & Telecom, Government of IRP.

He has delivered numerous large scale SOC and Cyber Security implementation and auditing projects for Enterprise wide information systems including all leading ERPs, Cloud Environments against standards like PCI-DSS, ISO27000, COBIT, NIST, ISO20000 (ITIL), SOX and BS25999 internationally.

Besides Gold medal in MS (IT) E-Commerce, Faisal has many industry's leading certifications such as CISSP, CISA, CRISCq, ISO27001 LA, AMBCI & ITIL. He is a regular speaker on Cyber Security & Audit at prominent conferences, seminars and workshops.