I have more than 14 years of experience as an Information Security professional with strong expertise in IT security management, Governance, Risk, and Compliance. I also have expertise in establishing, implementing and maintaining information security programs based on ISO 27001, ISO 22301, ISO 20000-2018, PCI DSS, and SOC Type I and Type II requirements. I also have hands-on experience in the deployment and management of EA tools like iServer, based on TOGAF practices. I have performed vendor due diligence and security assessments and evaluations for IT services outsourcing & managed services and software development projects. Currently, I am working in a Government organization as an Information Security Auditor & Advisor to the Chairman's Office. Under this role I am leading the activities conducting cyber security assessments, audits, and reviews as per IIA guidelines and industry standards NIST SP 800-30, ISO 27001, UAE SMART Data framework, ISO 20000-2018, ISO 9001, ISO 22301, ISO 31000 and Enterprise Architecture TOGAF framework practices.