Ajesh جون, Information Security Manager

Ajesh جون

Information Security Manager

Infosys Ltd

البلد
الهند
التعليم
ماجستير, Computer Applications
الخبرات
14 years, 6 أشهر

مشاركة سيرتي الذاتية

حظر المستخدم


الخبرة العملية

مجموع سنوات الخبرة :14 years, 6 أشهر

Information Security Manager في Infosys Ltd
  • الهند
  • أشغل هذه الوظيفة منذ نوفمبر 2013

Implement and maintain Information Security standards such as ISO 27001, PCI DSS, HIPAA, SSAE 16 etc. in organization level and engagement level.
•Information Security Risk Management- Conduct assessment of risks to information assets and risk mitigation activities to safeguard organizational assets
•Participate in external audits and client audits providing information security related assurance
•Client SPOC for information security activities in one of the designated account
•Conduct engagement level information security reviews, audits and risk assessments against information security standards, customer specific information security requirements and Infosys information security policies
•Participate in security architecture reviews and provide inputs related to security requirements.
•Perform Vendor Risk management and third party security assessments.
•Conduct routine enterprise information security audits of accounts and projects against defined standards / policies in order to ensure compliance with the company’s information security policies / customer requirements and suggest areas of improvement.
•Participate ISC (Information Security Council) and discuss about trend analysis including latency and statistical derivations to derive deliverable value from security metrics.
•Handling Information Security related queries, requirements and activities in delivery centers in other countries.
•Creation of new Information Security related policies and procedures, periodic review and update of existing policy and procedural documents.
•Undertake review of all MSA’s, Contracts, Request for Proposal (RFP)/Request for Information (RFI).
•Participate in Pre-Engagement negotiations and discussions with prospects/clients from Information Security perspective.
• Worked as an Information Security Professional

PCI في Infinite Computer Solutions
  • الهند
  • أكتوبر 2012 إلى نوفمبر 2013

Responsibilities: -
•Accountable for IT Security, Compliance & Risk of the whole organization’s IT infrastructure (Includes servers, network devices and other systems) and ensure end to end IT compliance with respect to ISO 27001.
•Implementation of

في IBM India Pvt. Ltd
  • الهند
  • أبريل 2011 إلى سبتمبر 2012

Responsible for client Servers and Network devices are compliant with Security Policy (GSD 331 & ISeC : Information Security policies, Standard Operating Procedures in accordance with ISO 27001:2005)
•Review of security checklist with respective departments like UNIX, WINTEL, ORACLE, CITRIX, Network & Service Management.
•Ensuring PCI compliance based on internal compliance calendar.
•Review all non-compliances (controls) are documented with deviation report.
•Review all risks were raised for non-compliances and perform periodic internal reviews and audits.

Network & System Administrator في IT WIZ
  • الهند
  • ديسمبر 2009 إلى مارس 2011

Installation & Configuration of various Linux, Windows Servers & desktops
•Creating and Maintaining User Accounts
•Installing and configuring new hardware and software
•Monitoring and Tuning Performance & troubleshooting any reported problems
•Configuring a Secure System
•Backing Up and Restoring Files

Information Security Manager في Infosys Ltd
  • الهند
  • أبريل 2016 إلى

الخلفية التعليمية

ماجستير, Computer Applications
  • في Mahatma Gandhi University
  • نوفمبر 2009
ماجستير, Computer Applications
  • في Mahatma Gandhi University
  • يناير 2009

in

Specialties & Skills

PCI DSS
ISO 27001
BANKING
COMPUTER HARDWARE
CONTRACT MANAGEMENT
COUNCIL
CUSTOMER RELATIONS
INFORMATION SECURITY
POLICY ANALYSIS

اللغات

الانجليزية
متمرّس
الهندية
متمرّس

التدريب و الشهادات

ITIL (الشهادة)
ISO 27001 Lead Implementer (الشهادة)
CPISI (الشهادة)
CEH (الشهادة)
ISO 27001 Lead Auditor (الشهادة)
CISSP (الشهادة)
تاريخ الدورة:
February 2017