Chaudhry Abrar Mukhtar
Director of Security Compliance
.svg){kind=small}
Fractional Roles:
IT Security Specialist, IT Security Analyst, Lead GRC, Manager IT security and Compliance.
Top Industries:
Financial Services, Insurance, Healthcare, Energy, Telecommunications, Textile, and SaaS.
Professional Background
Years of Experience: 9
Years with AskDegree: 4
In-Demand Areas of Expertise:
I specialize in Governance, Risk, and Compliance (GRC) with hands-on experience in implementing and auditing ISO 27001, SOC 2, PCI-DSS, HIPAA, and NIST 800-53 frameworks. My core expertise includes conducting risk assessments, gap analyses, internal audits, and third-party risk evaluations, as well as developing and operationalizing Information Security Management Systems (ISMS). I have successfully guided organizations through SOC 2 readiness, PCI-DSS validation, and ISO certification journeys, aligning security programs with best practices such as CIS Top 18 and NIST CSF. I’m also well-versed in Business Continuity Planning (BCP) and Disaster Recovery (DR) strategy design, helping organizations strengthen resilience and ensure operational continuity. In addition, I bring experience in policy and procedure development and cloud security governance. My work is supported by proficiency in tools such as Drata, Secureframe, Vanta, TrustCloud, 6clicks, JIRA, Confluence, Coda, Notion, Datadog, SentinelOne, ManageEngine, UpGuard, SecurityScorecard, AWS, Dashlane, Microsoft 365, and Google Workspace security administration.
Compliance Automation Technologies:
Drata, Secureframe, Vanta, TrustCloud, 6clicks, UpGuard, and SecurityScorecard.
Country of Origin: Pakistan
Professional Background
With over 9 years of experience in Cybersecurity, Governance, Risk, and Compliance (GRC), I currently serve as the Director of IT Security and Compliance, leading enterprise-wide initiatives to safeguard information assets and ensure regulatory compliance. Throughout my career, I’ve held key leadership roles including Lead GRC Specialist, Manager of IT Security and Compliance, and Information Security Analyst, with a strong focus on implementing frameworks like ISO 27001, SOC 2, PCI-DSS, HIPAA, and NIST 800-53. My professional certifications include ISO 27001 Lead Auditor, AWS Certified Security – Specialty, CRISC, and CISM, equipping me to lead robust, business-aligned security programs.
Education & Certifications
Degrees & Universities:
Bachelor of Science in Computer Science (BSCS)
University
ISO 27001 Lead Auditor
AWS Certified Security
– Specialty CRISC, CISM
AWS Certified Security
– Specialty CRISC, CISM
Associations and Memberships:
ISACA Member
GISPP Member
GISPP Member
Key Past Roles & Employers
Manager – IT Security and Compliance (AskDegree LLC)
Lead GRC Specialist (Constellation Software Industry)
Information Security Specialist (Ibex Global)
Information Security Analyst (Sarena Textile Industries)
Lead GRC Specialist (Constellation Software Industry)
Information Security Specialist (Ibex Global)
Information Security Analyst (Sarena Textile Industries)
Notable Contributions & Achievements
Successfully led multiple organizations through ISO 27001 and SOC 2 certifications by establishing robust ISMS and control environments.
Spearheaded SOC 2 readiness projects, including risk assessments, control gap analysis, and audit coordination.
Implemented compliance automation platforms (Drata, Vanta, Secureframe, TrustCloud, 6clicks) to streamline evidence collection and ongoing monitoring.
Mentored and guided security teams and compliance staff on industry best practices, contributing to long-term security culture development.
Spearheaded SOC 2 readiness projects, including risk assessments, control gap analysis, and audit coordination.
Implemented compliance automation platforms (Drata, Vanta, Secureframe, TrustCloud, 6clicks) to streamline evidence collection and ongoing monitoring.
Mentored and guided security teams and compliance staff on industry best practices, contributing to long-term security culture development.
