Abdul Kalam Aboobaker

Paramount is the leading regional provider of Technology and Services for securing the Information Assets of Enterprises.

Sep 2014 - Till Now (Information Security Officer, Government Entity)
• Currently deployed as an Information Security Officer (ISO) for a Government Entity.
• Coordinating information security governance, compliance and operations.
• Coordinating the implementation of ADSIC v2.0 and ISO 27001.
• Preparation of security program plan, policies, procedures, and baselines.
• Coordinate Information Security Governance Committee (ISGC) meetings.
• Perform Asset Inventory, Service Categorization, Risk Assessments, and Risk Treatment Plan.
• Perform Technology Risk Assessments for infrastructure upgrades and deployments.
• Development of security metrics, and performance of compliance checks.

Feb 2014 - Aug 2014 (Information Security Officer, Oil Company)
• Responsible for the sustenance of ISO 27001:2005.
• Prepared for and faced ISO 27001:2005 surveillance audits
• Worked on security metrics and coordinated ISGC meetings.
• Worked on the migration of ISMS towards ISO 27001:2013.
• Coordinated identity and access management implementation project.
• Conducted vulnerability management (Nessus, nCircle).
• Conducted technology risk assessments for IT infrastructure deployments.
• Conducted firewall rule risk assessments and firewall rule reviews.

Accenture is a Fortune 500 company providing IT consulting and services to Fortune 100 clients.

Lead a team of 3 conducting the following activities for Accenture locations worldwide.

-Lead and conducted gap assessments for ISMS implementation in Accenture locations.
-Lead and conducted information security risk assessments - IT Infrastructure and Applications.
-Lead and conducted ISO 27001 internal audits for Accenture locations worldwide.
-Lead Supplier Security Assessment (SSA) - It includes a review of information security practices of the supplier/vendor across eleven security domains based on the ISO27001 framework.
-Lead Hosting Site Security Assessment (SAS 70/SSAE 16 requirements) - The assessment includes a review of the site IT infrastructure and vulnerability scan service using Retina, Nessus tools.
-Lead Merger and Acquisition Assessments - Review of information security profile, and security gaps of the acquired organization across eleven security domains based on the ISO 27001 framework.
-Client Data Protection (CDP) - Assessment to provide an independent assessment and verification of the effectiveness of project CDP processes and controls (ISO 27001 control domains).
-Lead vulnerability management program for Accenture locations (3500 servers, 7500 user locations annually).

Graduated MSc in Information Security with distinction.
Did part time jobs in University campus. Was looking for jobs in UK during this time period.

Lead a team of 3 conducting the following activities.

-Lead the implementation of ISO 27001 and quality system (ISO 9001:2000) for the organization.
-Developed, implemented, and maintained security & quality policies, standards, processes and procedures for IT operations.
-Developed security and quality awareness by providing orientation, educational programs and on-going communication programs to organizational audience.
-Lead and conducted IT security operations like perimeter and end point security, security monitoring and log analysis, incident management, access reconciliation, capacity planning, backup and restoration, secure media usage and disposal, security risk assessments, incident handling, vulnerability assessments, and compliance checks.
-Developed and implemented disaster recovery plans to ensure continued availability of IT Infrastructure.
-Conducted regular internal audits (ISO 27001, ISO 9001:2000) and ensured compliance.
-Developed and shared security and quality performance matrices with the management.
-Lead the setup of organizational IT infrastructure, managed IT team and day to day IT/Security operations.

-Successfully coordinated the setup of IT infrastructure, interconnectivity of locations, setup of data center and the securing of network, systems, and information assets for GATE holding group (6 companies spread across multiple locations in GCC region).
-Successfully maintained and operated the IT Infrastructure consisting of Data Center, Windows Server OS, Windows 2003 Active Directory, Exchange Server, Antispam devices, HP Severs, Symantec Antivirus, Firewalls, SSL/IPSec VPN, 802.11 a/b/g, leased lines/frame relay, workstations/laptops etc.
-Lead and conducted IT security operations like perimeter and end point security, security monitoring (firewalls, antivirus, antispam, IDS), analysis, incident management, access reconciliation, capacity planning, backup and restoration, security risk assessments, vulnerability assessments, and compliance checks.

-Administer and maintain IT infrastructure - Windows 2000/2003 servers, workstation, VLANs, telephones, applications, structured cabling, printers and other hardware.
-Handle server and antivirus incidents and other IT service requests.

-Administer Windows NT 4.0 PDC/BDC, and servers (application / database).
-Maintain internet links, network devices, telephones, structured cabling, workstation OS, printers and other hardware.