Sunday, March 22, 2026 | Latest: Welcome to Clappakistan.com Platform

Where Corporate Achievements Shine Globally
Tabish Ali

Tabish Ali

Group Head IT Risk and Governance

Information Technology
Organization Gatronova
Location Karachi, Pakistan

Professional Summary

Tabish Ali is an accomplished Cybersecurity and AI Security leader with over 17 years of global experience across Saudi Arabia, Pakistan, and Malaysia. He specializes in offensive security, IT risk and governance, AI-driven defense strategies, and red team operations. With deep expertise in penetration testing, adversary emulation, threat hunting, and advanced persistent threat (APT) detection, Tabish has strengthened the security postures of enterprises worldwide. He is recognized internationally for identifying zero-day vulnerabilities and has received acknowledgment from global tech leaders including Kaspersky, Oracle, AT&T, Adobe, Sony, HP, SAP, Amazon, Apple, and Checkpoint.

Professional Experience

Oct 2021 – Sep 2023

Senior Manager – Technology Consulting (Cybersecurity)

EY Ford Rhodes

  • Headed cybersecurity services | managing teams and driving cybersecurity strategy | next-gen security operations | and data protection.
  • Directed red team and purple team threat emulation | penetration testing | cloud and product security assessments | and SOC automation.
  • Delivered technical architecture and cyber maturity assessments | OT and IoT security strategies | and data protection solutions including CASB | encryption | and tokenization.
May 2017 – Nov 2021

Manager – Technology Risk Advisory & Cybersecurity

EY

  • Led cyber threat management practices and system penetration testing.
  • Conducted third-party reviews | client IT risk assessments | and guided security best practices.
  • Helped partners generate business opportunities while improving cybersecurity solutions for clients.
Aug 2015 – Apr 2017

Lead Trainer – Cybersecurity

Moon International Pak

  • Established the first EC-Council Penetration Testing Academy in Karachi.
  • Delivered corporate and private training sessions on CEH | CHFI | and other cybersecurity domains.
Apr 2014 – Jul 2015

Sr. Information Security Consultant

ABM Info Tech (Pvt.) Ltd.

  • Implemented Symantec DLP | SEP | and DCS solutions. Performed network and application security reviews | penetration testing | and database security.
  • Designed IT controls | incident management processes | and security monitoring through IDS | SIEM | and endpoint solutions.
Apr 2012 – Dec 2013

Technology Consultant and Trainer

Moon International Pak Pvt Ltd / Moon Rise SDN. BHD

  • Designed and implemented secure network infrastructure.
  • Conducted cybersecurity training programs and technical reviews.
  • Performed application and security requirement assessments for clients.

Education & Certifications

Academic History

Cyber Emergency Response Team, U.S. Department of Homeland Security

210W – Cybersecurity for Industrial Control Systems (2014)

100W – Operational Security (OPSEC) for Control Systems (2014)

Professional Certs

Core Competencies

Offensive Security and Red Teaming IT Risk and Governance Threat Hunting and APT Detection Cybersecurity Strategy and Policy Development Network and Application Exploitation ISO 27001 and NIST Compliance SOC Maturity Assessment and Cyber Audits AI-driven Cybersecurity and Adversarial AI Data Protection and Privacy