Mohammad Hanif
Head of IT Security and BCP
(Citizenship: Canada)
*** ****** ********, *******, ** L3S 3W8, Canada
Tel: 416-***-****
Email: adp0jt@r.postjobfree.com
Strategic Global IT Leader
Snapshot: Strategic business executive, offering several years’ track record in spearheading IT Security, Business Continuity, IT operations across diverse organizations. Proficient in automating systems operations and business continuity primarily in the banking domain and a significant contributor in acquiring ISO 27001 certification for the current organization in role of Information Security Management Representative. Distinguished author of technical articles published in magazines and websites, and an ardent speaker at IT in Banking & Finance Forums.
History of Excellence in…
IT Strategy & Business Planning ~ IT Enablement / Digital Transformation ~ IT / Business Strategy Alignment ~ IT Security Management ~ BCP & DR ~ Project/Program Management ~ Technology Consulting/Audits ~ Change / Risk Management
Leadership Strengths & Highlights
Business Continuity & Disaster Recovery
CBCI certified, Certified IT DR Specialist, Certified Risk Management Specialist, Certified Crisis Management Specialist, expert in business continuity and disaster recovery methodologies and industry best practices. In-depth experience facilitating the designing business continuity and disaster recovery plans. Advanced knowledge in IT Operating Systems, Hardware/Software and IT Architecture. Skilled at providing leadership, guidance to perform tasks during a disaster.
IT Security Management
Proven ability in rendering subject-matter expertise to manage vendor information security risk including periodic audits of internal and external auditors, information security and business continuity controls.
IT Service Delivery
Solutions-oriented, expert in driving multiple high value technology/transformation projects, managing delivery for large & complex deals, collaborating with project teams, and deploying technology to build successful solutions and services for clients, ensuring delivery within assigned time, budget & quality parameters as well as exceeding client/business expectations.
Business Acumen
Expert in aligning business goals with technology solutions to drive process improvements, competitive advantage and bottom-line gains; Ability to envision and lead technology-based, revenue and growth initiatives grounded solidly on business and economic value; Successfully designed & implemented technical solutions, delivering a strong ROI.
Liaison & Coordination
Known for effectively coordinating and collaborating with ‘C’ level executives, senior management, customers, business partners, stakeholders and project teams; Successfully bridge the communication gap among business and technology groups.
Team Building & Leadership
Visionary & decisive leader, noted for sound, practical management style and excellent organization, communication, presentation & interpersonal skills; Proven ability to lead and motivate large cross-functional and multi-cultural teams to maximize productivity, ensuring technical solutions meet business requirements.
Professional Experience
Gulf Investment Corporation, Kuwait ~ Jul 1998 onwards
Head of IT Security and Business Continuity
Key Highlights:
Designed Business Continuity Plan and established and tested three Disaster Recovery sites in and outside country
Significantly enhanced operational efficiency by using Cloud technology and outsourcing many services
Eliminated Friday and Saturday operator shifts through automation of operator tasks
Successfully implemented VoIP solution first time in the Gulf region to replace traditional PBAX
Key Responsibilities:
Business Continuity / Disaster Recovery
Develop, implement, monitor and evaluate the enterprise Business Continuity Plan (BCP) and IT Disaster Recovery Plan (DRP) based on industry standards (ISO 22301) to meet critical goals and objectives to ensure all IT services are restored and business resumes normally in the event of a disaster. Contribute in the formation of Business Impact Analysis (BIA)
Ensures the BCP and DRP program aligns with established standards of practice, organizational policies and objectives, and applicable legislations and regulations. Lead the coordination and management of recovery activity in the event of a disaster. Establish Recovery Point Objective and Recovery Time Objective (RPO/RTO)
Provide leadership and guidance in the development, implementation and evaluation of IT strategies and initiatives related to DRP. Lead the teams for disaster recovery tests or in case of a real disaster to recover the systems back to normal performance. Provide guidance to the IT teams to the methodologies related to invocation of the DRP
Define and implement criteria for systems’ and applications’ recoverability and availability capabilities
Maintain the current state recovery measures for all IT infrastructure and applications with a view to mitigating disruption to the delivery of IT services in the event of a disaster
Make ongoing assessments of the BCP and DRP and prepare analysis for further improvement and/or other better alternatives for existing solutions defining costs and implementation schedules
Coordinate with other teams in the preparation of user guides and training materials. Perform training for the staff and presentations to the end users and the management on BCP goals and objectives and how the process works in a real disaster
Information Security Management
Define policies, practices and procedures as well as generate awareness for protection of key electronic business assets
Evaluate trends in information technology and security with potential impact on security of processes, infrastructure, customers or suppliers
Maintain strategic/tactical roadmaps related to information security program rollout and enhancements
Collaborate with senior management on critical security issues and recommending security risk-reduction solutions
Evaluate IT security requirements and ongoing compliance for outsourced or contract relationships
Manage in development, implementation and assessment of strategic, comprehensive enterprise information security program aligned to integrity, confidentiality and availability of information by the organization
Render subject-matter expertise to manage vendor information security risk including periodic audits of third-party service providers’ information security and business continuity controls
Organize information security and risk management awareness training programs for all employees, contractors and approved system users
Develop framework for roles and responsibilities and enhanced information security management and control framework based on appropriate information security industry standards
Team Leadership
Groom & mentor team members in enhancing client satisfaction by ensuring compliance to project delivery schedules and other SLA parameters
Evaluate team performance and render productivity enhancement feedback. Organize training sessions for team members based on identified training needs
Spearhead team efforts in acquiring ISO 27001 Certification for the organization, implementing New Core Banking System as well as setting up & testing of three disaster recovery sites: Local, Bahrain, Luxembourg
Previous Assignments
Organization
Designation
Duration
Aetna Life Insurance Company, Canada
Systems Engineer
Oct 1996 – Mar 1998
Gulf Investment Corporation, Kuwait
Data Centre/Security Manager
Aug 1986 – Oct 1996
Al-Rajhi Banking & Investment Group, Saudi Arabia
Operations Supervisor
Jul 1983 – Jul 1986
United Bank Ltd, Pakistan
Computer Operations Officer
Aug 1979 – Jul 1983
Credentials
Academics: Bachelor of Science (Mathematics, Statistics, Physics), University of Karachi (1975)
Master of Science (Computer Science), Kennedy-Western University, Idaho, USA (1993)
Accreditation: CBCI, Certified IT DR Specialist, Certified Risk Management Specialist, Certified Crisis Management Specialist, Project Management, ITIL Foundation, ISO 27001 Certification, Publishing technical articles, Speaker at various Forums, Multiple Technical Courses/Seminars and IT Exhibitions
Awards: The World CIO 200 Award of Legend, Who is Who of Financial Technology