Jamil Ahmed

๐Ÿ’ผ Work

Professional experience, newest first.

Sr. IT/OT Cybersecurity Consultant โ€“ GRC, Risk & Assurance

๐Ÿข Cyber Value Addition ยท ๐Ÿ“ Pakistan
CURRENT ๐Ÿ“… Jan 2021 โ€” Present
  • โ–น Leading OT/ICS cybersecurity governance, risk, and compliance initiatives across critical infrastructure environments, ensuring alignment with ISA/IEC 62443, NIST SP 800-82, NIST CSF 2.0, ISO 27001:2022, and regional regulatory frameworks.
  • โ–น Conducting risk-based OT cybersecurity assessments and audits across industrial networks, control systems, and supporting IT environments, covering OT security controls, policies, segmentation, access control, monitoring, and incident readiness.
  • โ–น Performing integrated OT/IT risk assessments aligned with IEC 62443 security levels, zone & conduit models, and enterprise risk management practices, identifying systemic gaps and defining practical remediation roadmaps.
  • โ–น Advising clients on OT cybersecurity compliance strategies, CSMS development, risk treatment plans, and policy frameworks, bridging engineering, operations, IT, and governance teams.
  • โ–น Evaluating OT/IT governance, infrastructure, applications, and IAM controls, including RBAC for OT environments, privileged access, and identity boundaries between IT and industrial networks.
  • โ–น Developing OT-specific SOPs, cybersecurity management procedures, and assurance artifacts; testing ITGCs and application controls where IT systems support OT operations.
  • โ–น Preparing executive-ready OT cybersecurity audit and assurance reports, translating technical findings into risk-based insights for leadership, regulators, and external auditors.
  • โ–น Leveraging prior cloud security and DevSecOps experience to support secure-by-design principles for industrial digitalization, OT-adjacent platforms, and enterprise integration layers.
ISA/IEC 62443 NIST SP 800-82 NIST CSF 2.0 ISO/IEC 27001 Lead Auditor ISO/IEC 27001 Lead Implementor OT/ICS Cybersecurity GRC CSMS Development IT Audit ISMS Implementation IT Governance Frameworks Risk Assessment & Management NCA Compliance Aramco Cybersecurity Standards Zone & Conduit Model (IEC 62443) Security Level (SL) Assessment Purdue Model / ISA-95 OT Network Segmentation Process Control Domain (PCD) Security HMI / SCADA Hardening OT Asset Inventory & Lifecycle Management ICS Patch Management SCADA / PLC / DCS Protocols Gap Analysis Regulatory Readiness Executive / Board-Level Reporting ISO/IEC 42001 (AI Governance) Incident Response IAM & RBAC Privileged Access Audit Documentation Compliance Reporting Audit Planning ITGC Testing

DevSecOps Engineer

๐Ÿข Prepared Development ยท ๐Ÿ“ Pakistan
๐Ÿ“… Dec 2018 โ€” Jan 2021
  • โ–น Linux server installation, administration, hardening, performance tuning, and patching.
  • โ–น Managed AWS resources and worked on IaC tools including Terraform, Ansible, and CloudFormation.
  • โ–น Designed, implemented, and maintained AWS cloud solutions to meet client requirements.
  • โ–น Built and maintained CI/CD pipelines to automate the deployment process and improve release management via Jenkins.
  • โ–น Optimised Kubernetes infrastructure for application deployment; scaled and managed containerised applications on Kubernetes clusters.
  • โ–น Maintained infrastructure as code scripts for provisioning and configuration management.
  • โ–น Applied security best practices to safeguard applications and data across cloud infrastructure.
Amazon Web Services (AWS) Google Cloud Platform (GCP) AWS Cloud Solutions Architect Terraform Ansible CloudFormation Kubernetes Docker Jenkins GitHub Actions Linux Administration DevSecOps CI/CD Pipelines Infrastructure as Code (IaC) Cloud Security Process Automation Release Management

Cloud Security Engineer | Secure Application Development

๐Ÿข Fairytalez.com ยท ๐Ÿ“ Copenhagen, Denmark
๐Ÿ“… Jul 2017 โ€” Dec 2018
  • โ–น Architected and deployed security-hardened AWS infrastructure (EC2, VPC, S3, CloudFront, Lambda) with CIS benchmarks alignment.
  • โ–น Led end-to-end development and cloud deployment of the world's largest online fairy tale library, managing codebase, performance, and scalability for global traffic.
  • โ–น Built and automated CI/CD pipelines using Jenkins & GitHub Actions enabling zero-downtime deployments and rapid release cycles.
  • โ–น Implemented IAM policies, security groups, and network segmentation for multi-tier cloud applications.
  • โ–น Established CI/CD security gates via Jenkins/GitHub Actions, ensuring automated vulnerability scanning pre-deployment.
  • โ–น Designed monitoring and audit logging (CloudTrail, CloudWatch) to support security incident response and compliance evidence.
  • โ–น Secured cloud-native platform serving a global user base with 99.9% uptime, automated threat detection, and zero critical security incidents.
Amazon Web Services (AWS) EC2 VPC S3 CloudFront Lambda IAM & RBAC CIS Benchmarks Jenkins GitHub Actions CloudTrail CloudWatch Cloud Security Application Security CI/CD Pipelines Vulnerability Remediation WordPress PHP

Application Security & Platform Engineer | Secure Web Architecture

๐Ÿข Weider Media ยท ๐Ÿ“ Copenhagen, Denmark
๐Ÿ“… Dec 2014 โ€” Jul 2017
  • โ–น Engineered secure custom web applications and CMS platforms, implementing input validation, authentication controls, and secure API integrations.
  • โ–น Conducted security-focused code reviews and vulnerability remediation in PHP/JavaScript environments.
  • โ–น Managed secure site migrations and infrastructure hardening, reducing attack surface and improving resilience.
  • โ–น Implemented SEO and performance optimisation with security considerations (HTTPS, secure headers, access controls).
  • โ–น Integrated security checkpoints into development lifecycle, ensuring consistent hardening standards across all deliverables.
PHP JavaScript Application Security Secure Web Architecture Code Review Vulnerability Remediation WordPress CMS Infrastructure Hardening HTTPS Secure Headers Front-End Development SEO

Senior Project Manager

๐Ÿข Prepared Development ยท ๐Ÿ“ Lahore, Pakistan
๐Ÿ“… Mar 2013 โ€” Dec 2014
  • โ–น Led secure delivery of 20+ web platforms for US, European, and Australian clients across diverse industry verticals.
  • โ–น Functioned as client-facing technical advisor on security-conscious platform decisions and web architecture.
  • โ–น Managed distributed development teams executing projects with embedded security and quality standards.
  • โ–น Built long-term client partnerships through transparent communication, risk mitigation, and consistent delivery excellence.
  • โ–น Established foundational delivery methodologies and security practices adopted in subsequent organisational growth.
Project Management Web Architecture Client Relations Team Leadership Risk Mitigation Stakeholder Management WordPress GCP

Research Associate

๐Ÿข Sheikh Zayed Medical College and Hospital ยท ๐Ÿ“ Rahim Yar Khan, Pakistan
๐Ÿ“… May 2012 โ€” Mar 2013

Managed editorial and research operations for a peer-reviewed medical journal, ensuring rigorous documentation standards and compliance with publication ethics. Led data analysis and technical reporting for research initiatives, while coordinating proposal development and stakeholder submissions.

Research Data Analysis Technical Reporting Report Writing Documentation Publication Ethics

Program Coordinator

๐Ÿข Value Resources Pvt Ltd ยท ๐Ÿ“ Islamabad, Pakistan
๐Ÿ“… Feb 2011 โ€” Dec 2011

Coordinated multi-phase development programs, managing documentation, stakeholder reporting, and proposal development (RFPs). Built early capabilities in project governance, data management, and cross-functional communication.

Project Planning RFP Stakeholder Management Documentation Program Coordination

Customer Service Officer

๐Ÿข Ufone 5G ยท ๐Ÿ“ Rahim Yar Khan, Pakistan
๐Ÿ“… Sep 2005 โ€” Dec 2008

Managed customer-facing operations for telecom services, handling account provisioning and technical support via web-based systems. Developed foundational skills in process adherence, data handling, and service delivery in a regulated technology environment.

Customer Service Telecom Technical Support Account Provisioning