Information Security Consultant
Social Insurance Organization
Total years of experience :19 years, 3 Months
• Develop and implement information security policies, procedures aligned with business objectives for effective information security management.
• Conduct Risk Assessment for the organization’s information and information system infrastructure and develop Risk Treatment Plan based on the identified risks to provide recommendations for treating the risk.
• Work in coordination with different business units in the organization to identify and analyze risks in the business processes and provide recommended controls to mitigate risks.
• Monitor and measure the effectiveness of various information security processes (Incident management, change management, Antivirus management, internal Audit, User Access Management etc.).
• Conduct Internal Audits to check the compliance against ISMS standard and organizational policies and procedures.
CISA, ISO 27001 Lead Auditor, CCNA with more over 7 years of hands on experience in Information systems and Security.
Expertise
- Core experiences in IS auditing, Consultancy, Risk Assessment, and
Compliance
- ISMS development and implementations and maintenance inline with
ISO27001, involving risk management framework development,
process and procedure control development, technical control design and
implementation.
- Technical vulnerability analysis, penetration testing, application security
analysis and server/device security procedures.
- Evaluation emerging security products and technologies and determine
where and how they would fit into an organization’s security strategy.
- Information Security Audits, which includes internal audit and vendor Audit.
Network Engineer: Was part of the Operations team for Rolta India. Responsible for complete implementation and maintenance of various networking products at customer sites. This included managing Cisco and 3Com devices and managing the active directory site and the desktops belonging to it. The activities also included documenting the implementation of these projects and providing technical support for various products at customer sites