đź‘‹

Hi I am

Sadia Hussain

18+ years of experience in GRC, IT Audit, Risk Management & Security Architecture.

Cyber Security Consultant
GRC
IT Audit
Risk & Compliance
Security Assurance

About Me

Cybersecurity and GRC Advisor & Leader with 18+ years of experience leading enterprise security strategy, IT audit, governance, risk management, compliance, security architecture, and assurance programs across government, defense, healthcare, and international organizations, including the United Nations. Proven ability to strengthen cyber resilience, reduce enterprise risk, and align security initiatives with business and regulatory priorities. Experienced in securing complex infrastructures, leading security operations and monitoring programs, and translating technical risks into clear executive-level insights for strategic decision-making. Former military professional, currently actively engaged with emerging technologies, AI-driven threat intelligence, and modern cybersecurity governance practices

0 +

Years of experience

0

Awards won

0 +

Projects completed

0

Certifications

Technical Skills

Frameworks & Standards

ISO 27001, NIST CSF/RMF, CIS Controls, PCI DSS, GDPR, HIPAA

Frameworks & Standards

ISO 27001, NIST CSF/RMF, CIS Controls, PCI DSS, GDPR, HIPAA

Security Tools:

Nessus, Qualys, Nmap, Burp Suite, Metasploit

Security Operations:

Threat Hunting, SOC Operations, SIEM Monitoring

Core Competencies

GRC

IT Audit

SIEM

Cloud Security

Incident Response

Risk Management

Experience

KIDAN, Switzerland (Remote)

Oct 2024 – Oct 2025

Cyber Security Consultant

Delivered cybersecurity governance and compliance solutions Conducted ISO & NIST-based assessments
Implemented SIEM solutions and risk frameworks
Improved client GRC posture by 40%
Govt. of Pakistan

May 2022 – Dec 2024

Lead Information Security Officer

Led cybersecurity operations and IT audits
Managed SOC, incident response, and threat monitoring
Trained 10,000+ personnel
Combined Military Hospitals

Jan 2020 – May 2022

IT Head & Cybersecurity Lead

Implemented hospital cybersecurity frameworks
Ensured compliance with ISO 27001 & HIPAA
Secured IT systems across multiple hospitals
United Nations – MINUSCA Mission

Dec 2018 – Dec 2019

Data Analysis & Collection Engineer

Secured UAV and satellite communications
Managed cybersecurity in conflict zones
Govt. of Pakistan

Feb 2014 – Dec 2018

Cybersecurity & IT Audit Advisor

Conducted 50+ IT audits
Achieved ISO 27001 certification
Improved compliance efficiency by 40%

Awards & Achievements

  • United Nations Service Medal
  • Chief of Army Staff Commendation Card
  • International Presenter – PACES 2021
  • Author of cybersecurity research publications

International Exposure

  • United Nations Mission – Central African Republic
  • Switzerland (KIDAN Consulting)
  • China (Professional Training)
  • UAE, UK, Qatar (Education & Exposure)

Research Public cations

01
Enhanced Trust & Ri sk Based Access Control, i n Aut ono mous Vehi cl es, by Usi ng Et hereu m vs Hyperl edger Pl atf or ms Consensus Algorithms”, Sadi a Hussai n, Shahzai b Tahi r, Asif Mas ood, I hsan El ahi, I EEE I CAI T 2024
02
Bl ockchai n-enabl ed Secure Communi cati on Fra mework f or Enhanci ng Trust and Access Control i n the I nternet of Vehi cl es (I oV), Sadi a Hussai n, Shahzai b Tahi r (Seni or Me mber, I EEE), Asif Masood And Hasan Tahi r, I EEE Access, 2024
03
Journal Paper “I n- Dept h Anal ysi s and Systemati c Literat ure Revi ew on Ri sk Based Access Control i n Cl oud”, I nternati onal Jour nal of Comput er Sci ence Engi neeri ng and I nf or mati on Technol ogy 12( 5): 1-22, IJCSEI T 2022, Oct ober 2022, Sadi a Hussai n, M. Hasan Isl am, Hai der Abbas.
04
Co mparati ve Anal ysi s of MC- CDMA and OFDMA for XG i nternet systems” - AC M Pr oceedi ngs 2007”; I mran Hussai n, Shoab A Khan, Raj a I qbal, Mof assir Ul Haque, I mti az Khokhar, Sadi a Hussai n, AC M Pr oceedi ngs on Euro Ameri can Conf erence on Tel emati cs and I nf or mati on System Eati s 2007, Lisbon Port ugal, 14- 17 May 2007.
05
OFDMA as the Technol ogy f or the Next Generati on Mobil e Wi rel ess I nternet” –I EEE Pr oceedi ngs 2007”; I mran Hussai n, Sadi a Hussai n, I mti az Khokhar, Raj a I qbal, I EEE Proceedi ngs on Thi rd I nternati onal Conf erence ’ 07 on Wi rel ess Net works. Guadel oupe, French Cari bbean Isl ands, France, March 2007.
06
Security Vul nerabiliti es and Consi derati ons i n 802. 16e/ Mobil e Wi MAX MAC Layer” – I CLAN 2006”; Sadi a Hussai n, I mran Hussai n, Naveed Sarfraz, I nternati onal Conf erence on Late Advance i n Net works (I CLAN 2006), Pari s, France, 6-8 Dec 2006.
07
Extenuati ng Deni al-of-Servi ce Attacks i n Mobil e Br oadband Wi rel ess Access ( MB WA) Net works – Mobil e Wi MAX”- TSSA 2006"; Sadi a Hussai n, Dr Shoab Ah med Khan, Mof assir Ul Haque; 3rd Conf on Tel emati cs Systems, Servi ces and Appli cati ons 2006 (TSSA 2006) & The 1st Conf on Wi rel ess System, Servi ces, and Appli cati on 2006 ( WSSA- 2006), 8-9 Dec 2006, Bandung, I ndonesi a.
08
Mobility manage ment chall enges and issues i n 4G het er ogeneous net works” - I nterSense ' 06; Sadi a Hussai n, Zara Ha mi d, Naveed S. Khattak; I nterSense '06: Proceedi ngs of the first i nternati onal conf erence on I ntegrated int ernet ad hoc and sensor net works; Publisher: AC M, May 2006.

KEY PROJECTS & PROFESSIONAL EXPERIENCE HIGHLIGHTS

1. I T Security Governance, Risk & Compliance ( GRC) Programs

Led and execut ed ent er prise- wi de cybersecurity gover nance, risk, and compli ance i niti ati vesacr oss l arge, di stri but ed envi ronments. Conduct ed compr ehensi ve I T audi ts, eval uat ed security control s, and assessed organi zati onal risk post ure ali gned wi th I SO/I EC 27001, ISO 27002, ISO 27005, NI ST CSF/R MF, and CI S Contr ol s. Deli vered struct ured audit reports and strategi c recommendati ons to i mprove compli ance, control effecti veness, and overall security maturity

2. Security Audit, Testing & Assurance Programs

Directed and performed multi-domain security assurance activities across infrastructure, applications, and hardware systems:

  • Conduct ed data centre security audits aligned with I SO 27001, NI ST, CIS Controls, and Essential Eight mat unity model
  • Performed application security assess ments covering data protection, access control, and vulnerability identification aligned with GDPR, HIPAA, and PCIDSS principles
  • Executed hardware security testing & validation f or commercial and internally
    developed systems
  • Supported vulnerability management, risk assessment, and remediation planning

3. National Cybersecurity Programs & Policy Development

Contributed to national cybersecurity policy, regulatory frameworks, and critical infrastructure protection:

  • Provided technical input to PECA 2016 (Cybercrime Law), supporting cyber legislation and enforcement frameworks
  • Conducted critical infrastructure security assessments aligned with IEC 62443 and NIST frameworks, and national security standards
  • Developed and contributed to Information Security & Network SOPs, including:
    • ISO/IEC 27001 ISMS implementation (ISO 27003–27008 guidance)
    • Technical network security policies for Pakistan Defence Services
    • Operations & maintenance security procedures for Pakistan Defence Services

4. Secure Infrastructure, Data Centers & Network Engineering

Designed, implemented, and consulted on enterprise-grade infrastructure and data center environments:

  • Led secure data center expansion projects, including:
    • Network architecture design
    • System hardening
    • Access control systems
    • Monitoring & logging frameworks
      aligned with ISO 27001, CIS Controls, and NIST guidelines

  • Delivered complete consultancy for extension of existing data center/equipment rooms, including end-to-end infrastructure design:

    • Network & structured cabling design
    • Biometric access control systems
    • Electrical power distribution & load planning
    • UPS systems & backup power integration
    • CCTV surveillance systems
    • Server racks & structured installation planning
    • HVAC (cooling and environmental control systems)

    Ensuring secure, scalable, and resilient infrastructure deployment

  • Led deployment across 11+ data centers, ensuring segmentation, high availability, and secure communications
  • Contributed to enterprise Office Automation Systems (OAS), enabling secure digital workflows and centralized operations
  • Applied data protection principles aligned with ISO 27701, GDPR, FADP, and PDPL

5. Network Architecture & Large-Scale Systems Implementation

Provided technical leadership in designing and deploying large-scale network environments:

  • Served as Team Lead for network architecture design and deployment across multi-site infrastructures
  • Designed secure infrastructure for large-scale simulation and operational environments supporting high user loads and real-time coordination
  • Ensured scalability, resilience, and secure connectivity aligned with Zero Trust principles, NIST frameworks, and modern network security architecture practices

6. Training, Capacity Building & Cybersecurity Awareness

Delivered structured training and professional development programs:

  • Conducted cybersecurity awareness sessions covering cyber hygiene, social media risks, and threat prevention
  • Delivered training aligned with ISO 27001, NIST CSF, GDPR, HIPAA, PCI DSS, and global compliance frameworks
  • Instructed four master’s-level sessions for officers on “Advanced Digital Systems & Architecture,” covering enterprise systems, network architecture, databases, and integrated digital infrastructures
  • Delivered advanced technical training on networks, databases, and secure system design
  • Trained Information Security Officers and audit teams on governance, auditing methodologies, and compliance readiness

qualification

1. Education
MS Software Engineering – NUST, PakistanBachelor of Software Engineering – Fatima Jinnah Women University
2. Certifications
CISSP – Certified Information Systems Security ProfessionalISO/IEC 27001 Lead Implementer & AuditorManageEngine SIEM (Log360) ConsultantJuniper Networks Certifications
3. Languages
English (Fluent)Urdu (Native)Arabic, French, Persian (Intermediate)Chinese, Portuguese (Basic)

Contact Me

Let's talk about your project

Let’s work together to strengthen your organization’s cybersecurity posture.

number

+351920849524

Prefer Email Communication

fadahusxa@proton.me