I am a highly accomplished ICT professional with expertise in information security and auditing. I have a Master's degree in Computing Security and am currently pursuing a PhD in Cyber Security. My work experience highlights my proficiency in strategic ICT planning, security operations management, and project management. As the Head of ICT Policy & Strategy Division at Universiti Teknologi MARA, my responsibilities encompassed a wide range of areas, including: Strategic Planning and Alignment: Developing ICT strategies aligned with organizational goals, formulating long-term plans for technology investments, and driving digital transformation initiatives. Governance and Compliance: Establishing governance frameworks, ensuring compliance with relevant laws and standards like PDPA Act 2010 and ISO 27001, and mitigating ICT-related risks. Team Leadership and Development: Leading and mentoring the ICT team, fostering collaboration, and supporting professional development to achieve departmental objectives. Security Training and Awareness: Designing and conducting security awareness programs for employees to promote best practices and ensure the secure handling of sensitive information. Beyond my core responsibilities, I am also served as an Associate Consultant, providing security assessment, strategy development, and incident response expertise. A commitment to professional development is evident in my numerous certifications, including: PECB Certified Trainer and Lead Auditor ISO/IEC 27001 Cyber Security Malaysia Certified Information Security Awareness Manager My auditing experience is extensive. have already served as a lead auditor for MS ISO/IEC 27001:2013 at various governmental institutions and private companies. My experience includes: Malaysian Ministry of Finance Ministry of Women, Family and Community Development Majlis Amanah Rakyat (MARA) Furthermore, I have been involved in several projects related to information security, demonstrating the hands-on experience in implementing security frameworks and managing projects related to web application firewalls, intrusion prevention systems, and antivirus solutions.

Here is a detailed description of the courses that the trainer is specialized in and their related experience.