Irshad Quraishi

• Risk Assessment and Management : Conduct risk assessments to identify, evaluate, and prioritize potential risks to the organization.
• Collaborate with business units to develop risk mitigation strategies and action plans.
• Monitor and report on the status of identified risks and mitigation efforts.
• Implementation - ISO 27001 : 2013, ISO 27001 : 2022
• Compliance Oversight: Assist in the development and implementation of compliance programs and policies, ensuring alignment with relevant regulations and standards.
• Conduct regular compliance audits and assessments to evaluate adherence to established policies and procedures.
• Keep abreast of industry regulations and best practices and ensure the organization's compliance.
• Governance Support: Contribute to the development and enhancement of corporate governance policies and procedures.
• Support governance-related activities such as board meetings, committee meetings, and reporting requirements.
• Collaborate with internal stakeholders to ensure effective governance practices.
• Maintain accurate and up-to-date records of GRC activities and findings.
• Develop and deliver training programs and materials on GRC topics for employees, promoting a culture of compliance and risk awareness.
• Assist in the communication of GRC-related information throughout the organization.
• Prepare and deliver reports and presentations to senior management and relevant stakeholders.
• Vulnerabilities addressing for - AD, Firewall,SCCM, MDM,O365, Gsuite and other security solutions.
• Managing firewall configuration and setup at the corporate level
• VPN connection management
• Corporate-level policy and access definition
• Administering Microsoft Outlook – complete administration, maintenance, etc
• Upgrading, installing, and configuring new hardware and software to meet company objectives.
• Implementing security protocols and procedures to prevent potential threats.
• Creating user accounts and performing access control.
• Performing diagnostic tests and debugging procedures to optimize computer systems.
• Documenting processes, as well as backing up and archiving data.
• Developing data retrieval and recovery procedures.
• Designing and implementing efficient end-user feedback and error reporting systems.
• Supervising and mentoring IT department employees, as well as providing IT support.
• Keeping up to date with advancements and best practices in IT administration.
• Internal Audit - ISO 27001, SOC2 and other industry compliance.
• Team handling.
• Checkpoint - EDR (Implementation, Administration).
• Process building.
• Coordination with customer for compliance management
• Evaluated employee skills and knowledge regularly, training, and mentoring individuals with lagging skills.
• Managed schedules, accepted time off requests and found coverage for short shifts.
• Designed strategic plan for component development practices to support future projects.
• Established open and professional relationships with team members to achieve quick resolutions for various issues.
• Built strong relationships with customers through positive attitude and attentive response.

• Acted as facilitator between IT and Internal/External Audit Teams.
• Recommended and coordinated implementation of corrective actions to close remediation items.
• Familiarity with compliance policies and standards (e.g. HIPAA, SOC2).
• Maintains a status report of current tools and tracks the ownership and payment status diligently, reports the key metrics to Admin, HR and Finance appropriately.
• Assists employees with common technical issues (software installation and configuration, account management, etc.).
• Asset Management - Keeps track of asset requirements diligently. Purchases and provisions hardware and systems for new employees.
• Trained and educated IT organization on regulatory requirements, and IT general controls.
• Establish and document IT standards, SLAs, work procedures, metrics, and processes.
• Identify and assess risk associated with third party vendor relationships.
• Contribute to the creation and enforcement of technology policies and procedures to ensure security and regulatory compliance.
• Perform onsite security assessments on third party service providers.
• Provide regular written status updates to stakeholders.
• Understanding of SOC2 compliances, IT-related training etc.
• Project Highlight (Migration – Jamf to Kandji)

• Conducted comprehensive internal compliance audits to assess adherence to industry regulations, company policies, and standards.
• Collaborated with cross-functional teams to design audit plans, evaluate compliance, and recommend corrective actions.
• Performed risk assessments to identify potential compliance gaps and areas of vulnerability.
• Developed and maintained audit documentation and reported findings to management.
• Assisted in the creation and maintenance of company-wide compliance policies and procedures.
• Ensured compliance with industry-specific regulations (e.g., GDPR, HIPAA, SOX) and monitored changes in regulations to ensure continued compliance.
• Worked closely with external auditors and regulatory agencies during compliance audits.
• Conducted employee training and awareness programs to enhance the organization's compliance culture.

• Hands-on experience with TCP/IP, security concepts, WAN and LAN concepts, Routing protocols, Firewall Security policies.

• Access point administration

• Office365 Administration

• Asset Management

• OKTA administration

• Led the development and implementation of a compliance monitoring program, ensuring all business units complied with internal and external requirements.
• Conducted periodic compliance audits, identifying areas for improvement and recommending corrective actions.
• Collaborated with IT and legal departments to ensure data protection and privacy compliance.
• Assisted in the development and maintenance of a compliance risk assessment framework.
• Managed and reviewed the compliance documentation and internal control systems.
• Conducted compliance investigations and reported findings to management.
• Participated in cross-functional teams to implement process improvements based on compliance audit findings.

• Windows Servers, Active Directory, DNS, DHCP, Exchange/Office365
• Knowledge of Office 365 SharePoint
• Office 365/Exchange users, group, rules
• Hyper-V configuration and basic troubleshooting
• Remote server management and maintenance
• Firewall (Pf sense or equivalent)

• Maintaining - Windows 2000/2003/2008 Server OS & configure the
• TroubleshootingServers,andclient'smachineissueslikeLANconnection,VPNtoolandwireless connection issues
• Centralized Antivirus Management: Managing Symantec Antivirus parent Servers & clients through the console & maintaining the latest definitions on the client's systems
• Web sense server monitoring, and administration
• Kaspersky server monitoring
• Symantec server monitoring, and administration.