Have more than 16 years of progressive experience across industries in the areas of information security implementation, auditing and consulting which includes Developing Business Continuity and Disaster Recovery Plan, Testing of Business Continuity and Disaster Recovery Plan, Risk Assessment, Business process controls assessment, Risk and Issues Profiling, Information Security Architecture Designing and Deployment, penetration testing, network & internet security, website application scan and IT security audits and reviews. Having a wholesome knowledge of different IT processes in the Software Development Firms, Call Centers, BPOs, Manufacturing, Banking & Financial Services, Insurance, Securities & Depository Services, Clearing Corporation, ATM, Cash Management Services, Shipping Corporation and many other domains.
- Worked across the industries includes Software Development Firms, Call Centers, BPOs, Manufacturing, Banking & Financial Services, Insurance, Securities & Depository Services, Clearing Corporation, ATM, Cash Management Services, Shipping Corporation, Market Research and many other domains.
- Good understanding & working knowledge in Industry standard Legal & Regulatory compliance requirements like Data Protection Act, Privacy Acts, and IT Act.
- Experience in enterprise wide Risk Assessment Methodologies & frameworks.
- Experience in ISMS implementation based on BS 7799-2:2002 standard.
- Experience in Third Party Auditing against BS 7799-2:2002 standard.
- Experience in Third Party Auditing against BS 15000 standard.
- Experience in IS Audit against BS7799, BS15000, COBIT criteria.
- Experience in Vulnerability Assessment, Penetration Testing and Risk Assessment.
- Implementation of Information Security Management System
- Worked as BS7799 External Auditor from KPMG Certification Body
- Experience in Disaster Recovery & Business Continuity Planning & Implementation, Risk Management and architecting solutions to customers in industry domains such as Banking & Financial Institutions, Insurance, Securities & Depository, Clearing Corporation, ATM, Cash Management, Shipping companies.
- Disaster Recovery Planning and Business Continuity Management
- Implementation of Business Continuity Management System based on BS25999
- Migration of BCP/DRP to LDRPS an ERP for BCP Automation
- Defining Processes for Service Delivery & Support Processes on ITIL framework
- Worked as ISO 9001:2000 External Auditor from KPMG Certification Body
- Compliance Readiness Solutions
- Internal Audit of Software Projects starting from Pre-Sales to Delivery
- Software Development – Oracle, D2K, VB
- Visiting Faculty with K J Somaiya Institute of Management & Research Center, Mumbai
- Federal Laws & Regulations of USA, UK & Canada for one of the major banks of USA having its business across these locations to find out the sections from these Federal Laws & Regulations having impact on the IT related activities of this bank to map with CoBIT Controls and then do the GAP Analysis.
- Excellent Project Management, Communication and presentation skills
- Ability to Lead large teams and a good team player
- Proactive, flexible and learn new things quickly
- Good understanding of cost estimation & budgeting
Summary of Professional Experience
- Good understanding and working knowledge of Information Technology and Information Security in domains like Software Development, Call Centers, BPOs, Manufacturing, Banking & Financial Services, Insurance, Securities & Depository Services, Clearing Corporation, ATM, Cash Management Services, Shipping Corporation and many other domains.
- Good combination of Business processes, IT Process and communication skills.
- Good understanding and working knowledge of Business Continuity, Disaster Recovery, Legal and compliance requirements.
- Business Analysis w.r.t. Business Continuity and information security risk
- Ability to adapt to and work in mixed-cultural environments
Planning, executing and managing review of:
- Disaster recovery and Business continuity planning
- Internal controls in various Business process cycles
- Information Security Risk Assessment
- Information Security Management Systems
- Operating Systems: Windows 2000/XP, Linux (Basic)
- RDBMS: Oracle 8
- Security Products / Tools: Nmap, GFiLANguard NSS, CIS (Cerberus Internet Scanner), RAT (Router Auditing Tool), ISS (Internet Security Scanner), SNORT, AATools (Advanced Administrative Tool), Super Scan, HOPPA Port Scanner, Fpipe, VoideEYE, SolarWinds, Websence, Firewall (Checkpoint & Cisco PIX), IDS (ISS Real Secure), Antivirus (Symantec, Mcafee) and many leading security tools and products in heterogeneous environment.