Cyber Security Manager
Accenture
Total des années d'expérience :25 years, 5 Mois
I am part of Accenture security with focus on delivering high priority and valued initiatives for securing our clients industrial assets against cyber security risks. My role requires a good level of technical and consultancy experience across Industrial cyber security standards, processes and solutions.
I was part of Security Strategy and Risk Management (SSRM) practice, under consulting arm of HPE.
My role required a good level of technical experience across Information Security and Enterprise Security Architecture with the capacity to provide high level design (HLD) solutions to both public and private sector clients.
My high-level responsibilities were
• Engages in peer-to-peer dialogue with clients about their industry and their situation. Constructs the overall transformation roadmap for the client and builds strong rapport with clients creating respect and trust.
• Propose solutions, addressing client business issues and objectives using a combination of HP standardized and customized services.
• Creates proposal describing the HP solution and the associated value proposition, ensuring knowledge capture sessions are arranged and executed.
Key Engagement:
• Engaged at global financial institute on a large IT transformation programme since July 2015. Provided security assurance on the security high level design and low level designs of the individual domains. Designed privilege access management (least privilege) solution for the operation mode.
KPMG is one of the leading professional services firm in the world, one of the esteemed member of the Big-4 auditors. KPMG is spread over 150 countries worldwide, providing professional services globally for audit, tax and advisory services. KPMG is known to provide quality to their clients with an ample, customised and industry specific services as per its clients' needs.
* IPBR - Information Protection and Business Resilience
Role Overview and Responsibilities:
I was part of ICS Security specialist group at KPMG. My role involved providing advice, assurance and attestation to clients relating to information protection risks and controls, technical infrastructure, applications, processes and projects. My responsibilities were
•Delivery of security related services to clients including but not limited to:
•ISO 27001, ISO 22301, IEC 62443, PCI.
•Security architecture development and assurance work.
•Cyber Maturity Assessments, Identity Access Management and Data Loss Prevention solutions.
•Perform and maintain research in current information security areas and attend information security related seminars and conferences.
Key Engagements:
•Implementation of access governance framework for 175000 users at a large Oil & Gas organisation with 300 business critical applications in scope. I was leading the tooling work stream with responsibility of managing the implementation of IAM tool i.e. “SailPoint IIQ”.
•Worked on diverse engagements including organisation wide cyber maturity assessments, ICS/SCADA cyber security and architecture reviews, cloud security assessments, business continuity and incident response reviews.
•Played an active role in the development of new ICS Cyber Security service line
One Housing Group (OHG) is a comprehensive strategic social housing, care and support provider. The Group manages more than 20, 000 homes in 26 local authorities across South England. OHG is one of the biggest Care and support provider to vulnerable personnel across London and adjacent counties.
Role Overview and Responsibilities:
I was reporting to Director Technical Services ICT and principally responsible for planning, analysing, recommending, installing, and supporting the Group's ICT Infrastructure and information security aspects.
•I was the main point of contact for security management decisions and security incident management.
•Delivered Projects and led implementation of group technical security initiatives/solutions including UTM, Firewalls, IDS, End Points Protection, User ID and Access management, single sign-on, password management and SIEM solution.
•Managed and maintained ICT infrastructure solutions including Network Switching solutions, Virtualisation solutions, Microsoft Windows Server Platform, Exchange Servers, SQL Servers, Storage Area Network, Collaborative Technologies, Servers, Blades, Server Clusters, Load balancers, Server Back Solutions and Network Monitoring Solutions.
•Managed change control procedure by providing risk assessments i.e. reviewing all changes for detrimental impact on existing infrastructure/compliance/accreditation.
•Implemented and maintained corporate ISMS by implementing and auditing relevant business required security controls.
•Implemented organisation wide BCP; lead the annual testing of ICT DR Plans and conducted regular BIA.
Eni S.P.A. group is Italian state oil and gas Exploration and Production (E&P) Company, who has its operations in over 75 countries worldwide.
Role Overview and Responsibilities:
I was based at Bhit Gas Field and acting as centre of expertise for all computing and communication activities, for the Gas fields and Rig operations in the area for Eni. I was also involved in maintaining and supporting ICS equipment at site. Some of my key responsibilities at Bhit Gas Field were
•Ensuring that ICT infrastructure & communication systems were maintained, tuned & secured efficiently and upgraded to meet business requirements in accordance with the business guidelines.
•Managed and maintained site Routers, LAN Switches, ASA Firewalls, IPS, and VLANs.
•Systems administration including Active Directory, Messaging Server, Client Server Applications, Database servers and EPBX system.
•Involved in the implementation of Maximo maintenance and inventory management system development & deployment.
•Responsible for planning and prioritization of budget allocation for IT development work and contracts at Bhit Gas field in accordance with business priorities and resource constraints.
ICS Responsibilities:
•Maintained and supported ICS (Industrial Control Systems) solutions, including DCS, PLCs and SCADA systems of several makers including ABB, GE, Siemens and Schneider.
•COMMS Links between MTU (Master Telemetry Unit) and RTU (Remote Telemetry Unit).
•Maintenance of DCS hardware, servers, workstations and field controllers.
•Responsible for support equipment's running industrial protocols e.g. Modbus, profibus etc.
•Maintenance of HMI, Data collectors and Historians, e.g. OPC data acquisition servers acquiring real time data of Wellheads and DCS parameters.
•Good knowledge of reading P&IDs (Process & Instrument Diagrams
NDS Technologies was one of the leading organizations in the field of Networking, Micro Computers & Line Printers in Pakistan. NDS was the exclusive distributor for Novell & DELL Products. The company also undertook major maintenance contracts of large commercial, industrial, banking, government, semi government and institutional organizations.
Role Overview and Responsibilities:
Initially joined NDS as trainee Engineer on part time basis and over the time promoted to Support Engineer. My main responsibilities at NDS were
• Co-ordination with Customer’s responsible officer for installation plans and maintenance schedules of PC’s & Servers.
• Managed the corrective and preventive maintenance of Workstations/Servers hardware and Network/Internetworking peripherals.
• Conducted the familiarization training to customer’s staff on new hardware and software.
• Provided the familiarization and job training to newly hired Support staff.
• Provided optimum hardware and software solutions to customers after visiting their sites.
• Planning & Deployment of Windows 2000/NT/9x & Novell NetWare based Network.
• Designed and deployed Structured Network Cabling.
- Security Management - Cryptography - Computer Security - Network Security - Cyber Crimes - Standards and Evaluation Criteria - Final Thesis submitted on UK Data Protection Act 1998 compliance.
Computer Science