Sr. Manager
Helix International
Total years of experience :9 years, 7 months
Working alongside, reporting to the Managing Partners of the company, the overall responsibilities comprises of
planning, organizing, and managing all aspects of IT Department including infrastructure, people and Process to
ensure the stable and secure operation of the organization. This includes developing, maintaining, supporting, and
optimizing key functional areas, particularly IT Security, Server infrastructure, Network infrastructure, data
communications, and telecommunications systems. Virtualization etc. Managing the end user customer service or direct
activities along with direction and co-ordination with other departments is another fragment of my role.
Day-to-Day Current Roles & Responsibilities:-
Technical:-
* IT Security - Involved in enforcing policies, tools and best practices to keep the environment secure. This includes
Implementation and administering of tools like Symantec Endpoint Protection, Microsoft Data Loss Prevention.
Symantec Endpoint Encryption, Patch Management, vulnerability scanning (MBS/ Nexpose), Internet Filtering etc
* Server Administration - Managing servers, backup and restore, performance monitoring, reducing downtime and
making sure the availability of Apps and services hosted on the servers.
* Network Administration - Involved in planning and executing the selection, installation, configuration, and testing
of equipment, defining network policies and procedures. Worked on FortinetD /D. Implementation of WIFI
and IPSEC Tunnel across diff network.
* Telecommunication- Implementation of 3CX (Cloud Based PBX) and managing the phone extension deployed to
the user, IVR, call routings / forwarding, voicemails etc
* Virtualization - Implementing and Administering 4 VMware VSphere ESXI Bare Metal SuperMicro Machines with
approx. Virtual servers residing on them. Responsible for building the environment from scratch for ESXI,
VSphere, Vcenter, storage (local storage / vsan), deploying NSX, Virtual Distributed Switches and bringing those
live in production
* CRM / ERP Solution :- Responsible for getting the CRM (Microsoft Dynamics CRM) and ERP (Microsoft Dynamics
GP) implemented in the environment, getting the custom forms for ticketing system (not only internally however
for the external clients as well ) and tracking Sales, clients quotes and orders. Along with its integration with ERP
system. Creating a process and implementing it across the company is another responsibility handled sucessfully
* BYOD / MDM Solution - Implementation of Intune and defining and deploying the policies making sure that the
mobile devices, like cell phones, tablets, laptops are in compliance, protecting the data residing on that and
Restricting unauthorized access.
* Others:- Have been solely responsible for other tasks like Licensing, IT Trainings, Implementation of Ticketing
tools, Provisioning CRM & ERP tools, IT Asset inventory management, Contacting Leads and handling Technical
Sales, Partnership renewals and vendor management
Strategic:-
* Design and implement short and long-term plans to meets existing and future requirements.
* Develop, implement, and review policies, procedures
* Assess, approve, and administer all equipment, hardware, and software upgrades.
* Perform cost-benefit for proposed systems to aid management in making implementation decisions.
* Prepare plans for all hardware and software programs on an annual basis, prepare forecasts for budget, and
implement various cost effective methods.
* Escalation Metrics, negotiating agreements, establishing service level agreements, for the services provided by the
infrastructure team were another responsibilities handled
People Management:-
* Handling a team of 4 members in current role
* Understanding the need of resources on the project basis and making sure that those are available maintaining a
balance of budget and skills needed
Monitoring and Reporting:-
Nov - July)
* Responsible for conducting all Security Calendar Activities like Vulnerability scanning, Port Scanning, User ID
Validation, Security Health checks, Logs review, Anti-Virus management, Patch Management, Continued Business
Need on schedule.
* Working on implementation, configuration and management of Security tools like Information and Event
Management (SIEM), FireEye, Anti-Virus Solutions, Encryption Solutions.
* Coordinating with IT stakeholders and ensuring closure of all related tasks Monitor health of IT Security processes
like Antivirus, Patch management, and take corrective action as required.
* Developing, maintaining and overseeing information security policies, procedures and control techniques
to address all applicable requirements from ISO, Payment Card Industry standards and regulators.
* Authorize all exceptions to the compliance security policies, standards and procedures Co-ordinate with
various teams to ensure timely compliance of all outstanding audit recommendations.
* Working on all the Vulnerability assessment projects at the Organization level.
* Responsible to maintain full compliance to ISO1, PCI-DSS and ISO1 certifications.
* To communicate Information Security policies and frameworks to all functions and ensure adherence of the
policy framework with all stakeholders to ensure on-going implementation and maintenance of information security
program.
* Report to the management on risk exposure related to information security controls and processes by
assessing the implemented technical controls and provide a briefing to senior management on Technology and
Information Security matters program; information derived from automated and continuous monitoring, including
threat assessments.
* Liaison with internal stakeholders from various business units to cater their Infrastructural Change requests and
guide them on proper controls to be implemented based on risk assessment
Sep - Oct)
* Serves as the Security Architecture expert across seven security architecture functional areas (credential
management, access provisioning, authentication and authorization, infrastructure security, data security, security
monitoring, and operation security.) across the organization.
* Information Security Assessments - performing security, vulnerability, and risk assessments of critical systems,
infrastructure, and third parties. Recommending and developing action plans based on these assessments. Guiding
the business by addressing these plans and recommendations.
* Collaborate with multiple projects and initiatives to apply security architecture requirements, develop
architecture solutions, integrate security into solution designs, access risks of security gaps, and develop
architecture remediation.
* Serving as lead or technical expert to define and maintain the architectural frameworks/patterns, processes,
standards and guidelines related to systems, business or data architecture.
* Threat and Vulnerability Management - working closely with IT to identify risks, threats, vulnerabilities and
provide remediation guidance.
* Defining core and support technology, data entities, business functions and/or subject areas that transcend
organizational and functional boundaries.
* Providing technical and architectural subject matter expertise to the various development teams including
communicating architectural decisions and mentoring other technical staff around the various development
technologies and decisions.
* Information Security Governance - developing information security policies, procedures, and standards.
* Conferring with business units and application development staff to understand both the business and
technical requirements and to define architectural constraints
* Creating performance metrics and traceability maps to determine the effectiveness of architecture solutions
and facilitate governance. Keep abreast of relevant architecture best practices.
* Incident Response - having incident response experience, particularly leading incident investigations.
* Security Training and Awareness - working with the Director, Security to develop a cohesive security awareness
program including information security, physical security, and fraud.
courses: Certified Specialist for Vulnerability Management by Qualys Guard Feb. * Completed training for Cloud Computing – Security from Knowledge Labs (Chennai) in Sept. * Security Awareness Seminar by NASSCOM
courses: Completed “
in
from