Shanza Liaqat

Governance, Risk, and Compliance

Talent

Lahore, Lahore DistrictMember since 28 December 2025

Hire this person

Send a job offer directly to this candidate

About

Detail-oriented cybersecurity graduate specializing in Governance, Risk, and Compliance (GRC) with a strong foundation in information security frameworks, risk assessment, and SOC operations. Certified by ISC² (Certified in Cybersecurity) with additional training in ISO 27001/27002 risk management and Cisco SOC. Experienced in aligning technical security practices with business risk, policies, and compliance requirements through labs and simulations.

Passionate about helping organizations manage cyber risk, strengthen controls, and maintain regulatory compliance while continuously learning and growing in the GRC domain.

Experience

GRC & SECURITY EXPERIENCE

Governance, Risk & Compliance (GRC) – Entry-Level Focus

Studied ISO 27001/27002, information security risk management, and security controls.
Practiced identifying assets, threats, vulnerabilities, and performing basic risk assessments.
Learned to map risks to controls and recommend mitigation strategies.
Familiar with security policies, procedures, and compliance documentation.
Understanding of audit preparation and evidence collection concepts.

Incident Response & SOC Fundamentals

Exposure to incident triage, log analysis, and basic response workflows.
Familiar with SOC processes, ticket handling, and escalation concepts.
Basic experience with SIEM tools (Splunk, ELK) for monitoring and alert review.

TECHNICAL & GRC TOOL EXPOSURE

Risk & Compliance: ISO 27001/27002, Risk Registers, Control Mapping, Security Policies
SIEM & Monitoring: Splunk, ELK (basics)
Security Tools: Kali Linux, Nmap, Metasploit, Wireshark
Vulnerability & Threat: Scanning, analysis, prioritization concepts
Platforms: Windows, Linux (Kali), VMware, VirtualBox