Md. Borhanul Islam

Vice President (VP) & Chief Information Security Officer (CISO)

Vice President and Chief Information Security Officer with over 27 years of experience driving cybersecurity governance, risk management, and IT operations in banking and technology sectors. Proven leader who delivered PCI DSS, ISO 27001, and ISO 22301 certifications and built 24/7 Security Operations Centers. Seeking to leverage strategic security expertise to align IT and business goals in a senior leadership role.

0
Language
0
Skills
0
Certifications
Work Experience
Data Entry Operator (DEO)
Nova Computers
Jun 1994 — Jun 1999Khulna, Bangladesh
  • Manage Printing, Training from June 1994 to Dec 1997
  • Manage Sales, supply and services from Jan 1998 to Jun 1999
Data Entry Operator (DEO) – Banking & IT Administrator
Karmashangsthan Bank
Aug 1999 — Dec 2000Faridpur, Dhaka, Bangladesh
  • Handle General Banking, Transactions, Loans, Remittance and software development
Assistant Executive Officer – General Banking & IT Administrator
Janata Bank Limited
Dec 2000 — Dec 2003Dhaka, Bangladesh
  • Handle General Banking, SWIFT operations, Loans, Remittance and software development
Assistant Executive Officer – Internal Auditor
Janata Bank Limited
Jan 2003 — Jun 2007Dhaka, Bangladesh
  • Conduct IT and operational audits in corporate branches
  • Supervise regulatory audits and compliance with ICCD guidelines
Executive Officer – Head of MIS & CBS Analyst/Developer
Janata Bank Limited
Jul 2007 — Sep 2009Dhaka, Bangladesh
  • Lead MIS team, develop 19 custom applications, and transform 300 branches into CBS
  • Develop Basel II Reporting System, Loan Classification, Utility Bill System
Executive Officer & Head of QC
Bank Asia PLC
Oct 2009 — Dec 2011Dhaka, Bangladesh
  • Lead 7-member Quality Control Team for CBS, HRM, and Internet Banking systems
  • Direct Basel II reporting, liquidity analysis, and loan classification systems
Senior Executive Officer – Lead, Information Security Team
Bank Asia PLC
Jan 2012 — Dec 2013Dhaka, Bangladesh
  • Initiate Information Security Unit in the ICT department
  • Conduct risk assessments, penetration testing, and system hardening
  • Lead CBS, HRM, Internet Banking system analysis and deployment
First Assistant Vice President (FAVP) & Head of Security
Bank Asia PLC
Jan 2014 — Dec 2017Dhaka, Bangladesh
  • Head Information Security Team, implementing vulnerability management, incident handling, and network access control processes
  • Monitor backup management, antivirus systems, and control Change Management workflows
Assistant Vice President (AVP) & Deputy CISO
Bank Asia PLC
Jan 2018 — Dec 2021Dhaka, Bangladesh
  • Lead PCI DSS compliance, overseeing 200+ servers, middleware design, and application hardening
  • Manage 11-member Infosec team and supervise security controls across 500+ critical assets
  • Project Manage ISO 27001 Certification (2019)
  • Develop and enforce enterprise security policies and supervise incident management and risk acceptance processes
First Vice President (FVP) & Chief Information Security Officer (CISO)
Bank Asia PLC
Jan 2022 — Jun 2025Dhaka, Bangladesh
  • Lead Information Security Department with 21 direct team members; plan and implement long-term and short-term IT security strategies
  • Achieve PCI DSS, ISO 27001, ISO 22301 certifications by designing and executing robust security frameworks
  • Design and implement 24/7 Security Operations Center (SOC) for monitoring, threat hunting, and incident response
  • Conduct enterprise-wide risk assessments for 85 services, 47 applications, and 200+ networks across 135 branches
  • Direct business continuity planning, ensuring 24/7 secure operations for 4000+ employees and 6M+ customers
Vice President (VP) & Chief Information Security Officer (CISO)
Bank Asia PLC
Jul 2025 — PresentCurrentDhaka, Bangladesh
  • Lead Information Security Department with 21 direct team members; plan and implement long-term and short-term IT security strategies
  • Achieve PCI DSS, ISO 27001, ISO 22301 certifications by designing and executing robust security frameworks
  • Design and implement 24/7 Security Operations Center (SOC) for monitoring, threat hunting, and incident response
  • Conduct enterprise-wide risk assessments for 85 services, 47 applications, and 200+ networks across 135 branches
  • Direct business continuity planning, ensuring 24/7 secure operations for 4000+ employees and 6M+ customers
Skills
Information Security GovernanceCybersecurity Frameworks (ISO 27001, PCI DSS)Security Operations Center (SOC)Risk Management & ComplianceProject & Program ManagementIT Operations ManagementSolution ArchitectureSoftware DevelopmentBanking OperationsRegulatory Audit Leadership
Education
Master of Science, Computer Science & Engineering
United International University
Master of Business Administration, Finance & Banking
Southeast University
Bachelor of Science
National University
Certifications
CCISO
ECSA/LPT
CEH
EC-Council
ISO 27001 Lead Auditor
BSI Group
ISO 22301 CLIP
BSI Group
PCI DSS Implementation
Control Case
Certified Information Systems Auditor (CISA)
CISA
PMP – Agile, Water Fall, Kabana
Languages
English
Advanced
Memberships
Member – Bangladesh Computer Society
Member – ISACA
Member – PMI
Associate – Institute of Bankers Bangladesh (JAIBB)
Key Projects & Achievements
Information Security

ISO 27001 Certification, PCI DSS Certification, ISO 22301 BCMS Certification, SOC Implementation

Core Banking

CBS implementation, Agent Banking, Treasury Operation, Basel II & III reporting

Digital Banking

Internet Banking, Mobile Apps, Loan Origination (OCAS), Document Management System

HRM Systems

E-learning, recruitment, HRM platforms

Software Development

Accounting, POS, Inventory, Utility Bill, Order Management systems, CBS, Internet Banking, Mobile Apps

Risk Assessment & API Security

Third-party integrations with insurance, utility, and supply chain organizations

References available upon request.