Total Years of Experience: 22 Years, 2 Months
January 2011
To Present
Assistant Manager
at Kpmg lower gulf
Location :
United Arab Emirates - Abu Dhabi
I am presently pursuing my career as an Assistant Manager in IT Advisory division of KPMG. Key responsibilities include:
• Prepare and deliver proposals and preparing project plans.
• Contributing on client service delivery teams in the active execution of complex projects in compliance with firm and practice unit service delivery standards.
• Handling multiple engagements simultaneously.
• Maintaining very high quality standards, meeting and exceeding client expectations.
• Assist in preparing project plans and budgets.
• Provide regular status updates.
• Prepare and present quality management reports and present them to top management, audit committee and the board.
• Perform quality reviews of deliverables and assist in quality control procedures.
• Building long-term business relationships with senior client personnel and executives through engagements and networking in professional organizations.
• Prepare and deliver proposals and preparing project plans.
• Contributing on client service delivery teams in the active execution of complex projects in compliance with firm and practice unit service delivery standards.
• Handling multiple engagements simultaneously.
• Maintaining very high quality standards, meeting and exceeding client expectations.
• Assist in preparing project plans and budgets.
• Provide regular status updates.
• Prepare and present quality management reports and present them to top management, audit committee and the board.
• Perform quality reviews of deliverables and assist in quality control procedures.
• Building long-term business relationships with senior client personnel and executives through engagements and networking in professional organizations.
March 2007
To December 2010
Assistant Manager - Risk Advisory Services
at EXL Services Inc.
Location :
United States
• Primarily responsible for leading engagements, ensuring service delivery, participate in the business development in selected accounts and practice management by providing responses to RFPs, creating SOWs, preparing effort estimates, etc.
• Provide overall support and assistance in all aspects of project analysis and delivery; from concept to final delivery.
• Planning, risk, issue & action management, escalation, upward reporting,
• Identification of suitable team members and leading the team in various engagements, which involves evaluation of IT General Controls, application controls, Entity Level Controls; performing security reviews of networks, data center operations, application and remote access technology.
• Understanding and resolving dependencies
• Manage Enterprise Risk Management involving assessment of the adequacy of IT general controls, IT Security Reviews, Internal Audits to global organizations across industry segments to meet regulations and or best practices defined by US (SOX), HIPPA, MAR, COBIT and ISO17799/BS7799.
• Manage client relationships by co-coordinating and building good rapport with the client management team.
• Perform continuous monitoring to ensure that budgeted targets and margins are met.
• Participate actively in non-delivery type of activities such as in-house peer-to-peer training initiatives.
• Provide overall support and assistance in all aspects of project analysis and delivery; from concept to final delivery.
• Planning, risk, issue & action management, escalation, upward reporting,
• Identification of suitable team members and leading the team in various engagements, which involves evaluation of IT General Controls, application controls, Entity Level Controls; performing security reviews of networks, data center operations, application and remote access technology.
• Understanding and resolving dependencies
• Manage Enterprise Risk Management involving assessment of the adequacy of IT general controls, IT Security Reviews, Internal Audits to global organizations across industry segments to meet regulations and or best practices defined by US (SOX), HIPPA, MAR, COBIT and ISO17799/BS7799.
• Manage client relationships by co-coordinating and building good rapport with the client management team.
• Perform continuous monitoring to ensure that budgeted targets and margins are met.
• Participate actively in non-delivery type of activities such as in-house peer-to-peer training initiatives.
August 2005
To March 2007
Internal Auditor – Information Systems Assurance Services
at Wipro Infotech
Location :
India - Bengaluru
Job Profile:
• Leverage ISO 27001/BS7799 Process Implementation
• Operational risk management involving design, implementation and ensuring compliance with Information Security policies and global standards of Wipro LTD. and its subsidiaries.
• Performing periodical technical assessment of ODC networks, of DMZ servers, internal systems, shared systems - as per calendar; and following up with the process owners on the closure of observations or findings.
• Continuous identification and evaluation of business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
• Provide details of exceptions and reports on required steps for closing the exceptions.
• Present quarterly reports to the stakeholders.
Highlights
• Performed Vulnerability Assessment on Oracle 10G, MS-SQL, Windows, Unix, Linux, Solaris, Routers, Switches, Firewalls, IDS, VPN concentrators, bind, apache, FTP, SUS server, IPlanet, blackberry, IAS servers, Aironet, proxies, antivirus gateway, etc.
• Created configuration documents for various security tools like Nessus, ISS database scanner, apps detective, NETIQ, Languard, Nmap etc.
• Created baseline documents on various technologies like System Security, Network Security and Information Security.
• Assisted in the selection and tailoring of approaches, methods and tools to support service offering or industry projects.
• Generate innovative ideas and challenge the status quo.
• Facilitated use of technology-based tools or methodologies to review, design and/or implement products and services.
• Demonstrated a general knowledge of market trends, competitor activities, D&T products and service lines.
• Build and nurtured positive working relationships with clients with the intention to exceed client expectation by understanding clients' business environment and basic risk management approaches.
• Leverage ISO 27001/BS7799 Process Implementation
• Operational risk management involving design, implementation and ensuring compliance with Information Security policies and global standards of Wipro LTD. and its subsidiaries.
• Performing periodical technical assessment of ODC networks, of DMZ servers, internal systems, shared systems - as per calendar; and following up with the process owners on the closure of observations or findings.
• Continuous identification and evaluation of business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
• Provide details of exceptions and reports on required steps for closing the exceptions.
• Present quarterly reports to the stakeholders.
Highlights
• Performed Vulnerability Assessment on Oracle 10G, MS-SQL, Windows, Unix, Linux, Solaris, Routers, Switches, Firewalls, IDS, VPN concentrators, bind, apache, FTP, SUS server, IPlanet, blackberry, IAS servers, Aironet, proxies, antivirus gateway, etc.
• Created configuration documents for various security tools like Nessus, ISS database scanner, apps detective, NETIQ, Languard, Nmap etc.
• Created baseline documents on various technologies like System Security, Network Security and Information Security.
• Assisted in the selection and tailoring of approaches, methods and tools to support service offering or industry projects.
• Generate innovative ideas and challenge the status quo.
• Facilitated use of technology-based tools or methodologies to review, design and/or implement products and services.
• Demonstrated a general knowledge of market trends, competitor activities, D&T products and service lines.
• Build and nurtured positive working relationships with clients with the intention to exceed client expectation by understanding clients' business environment and basic risk management approaches.
July 2003
To August 2005
Senior Engineer – Managed Security Services
at Microland Ltd.
Location :
India - Bengaluru
Job Profile:
• Perform incident response support for security incidents relating to firewall/VPN/IDS/Proxy.
• Perform periodic risk based network audits and assessments on several security gateways and take corrective actions in order to mitigate the risk.
• Provide a complete incident handling process, using the six steps (preparation, identification, containment, eradication, recovery and lessons learned)
• Answer queries based on VPN connectivity issues, Ace server issues, soft id issues, LDAP issues etc
• Implementing change requests on firewall policies (checkpoint, netscreen, Nokia), VPN gateways, LDAP.
• Applying the latest service packs and patches on the Firewalls/VPNs.
•Defining and implementing the backup policies for the firewalls.
•Implementing high availability solutions like VRRP etc.
•Implementing change requests on the cache flow proxy (Bluecoat Systems), netscape and gauntlet proxy
•Installation of IDS sensors, console includes both ISS and intrusion.com box.
•Continuous monitoring of logging systems and the analysis of suspicious activities and taking corrective measures.
•Weekly Backups of all the security devices using manual methods and automating using scripts
•Deep knowledge of security architecture methodologies, Industry best practices and generally accepted information security principles.
•Deep knowledge in various attacks like Session Cloning: Grabbing other Users’ Web Sessions, Cross-Site Scripting, Denial of Service Attacks, Distributed Denial of Service, SYN Floods and Smurf Attacks.
•Excellent knowledge in various analysis tools like Ethereal, Nessus, Sniffer detection tools, etc.
•Part of the Team involved in the migration of 4.1 modules to a new FP3 Management server
•Part of the team involved in migration of nokia boxes to a provider-1 console
•Implemented IDS sensors across client’s network
•Involved in migrating new netscreen boxes to our management.
• Perform incident response support for security incidents relating to firewall/VPN/IDS/Proxy.
• Perform periodic risk based network audits and assessments on several security gateways and take corrective actions in order to mitigate the risk.
• Provide a complete incident handling process, using the six steps (preparation, identification, containment, eradication, recovery and lessons learned)
• Answer queries based on VPN connectivity issues, Ace server issues, soft id issues, LDAP issues etc
• Implementing change requests on firewall policies (checkpoint, netscreen, Nokia), VPN gateways, LDAP.
• Applying the latest service packs and patches on the Firewalls/VPNs.
•Defining and implementing the backup policies for the firewalls.
•Implementing high availability solutions like VRRP etc.
•Implementing change requests on the cache flow proxy (Bluecoat Systems), netscape and gauntlet proxy
•Installation of IDS sensors, console includes both ISS and intrusion.com box.
•Continuous monitoring of logging systems and the analysis of suspicious activities and taking corrective measures.
•Weekly Backups of all the security devices using manual methods and automating using scripts
•Deep knowledge of security architecture methodologies, Industry best practices and generally accepted information security principles.
•Deep knowledge in various attacks like Session Cloning: Grabbing other Users’ Web Sessions, Cross-Site Scripting, Denial of Service Attacks, Distributed Denial of Service, SYN Floods and Smurf Attacks.
•Excellent knowledge in various analysis tools like Ethereal, Nessus, Sniffer detection tools, etc.
•Part of the Team involved in the migration of 4.1 modules to a new FP3 Management server
•Part of the team involved in migration of nokia boxes to a provider-1 console
•Implemented IDS sensors across client’s network
•Involved in migrating new netscreen boxes to our management.
March 2001
To June 2002
Network Engineer
at Rooman Technologies
Location :
India
· Active involvement in configuration, administration and management of Cisco Routers (800, 1600, 2500 and 3600 series) and 1900 series Switches.
· Configured ISDN DDR for Internet connection
· Configured ISDN, Frame Relay and Leased Lines.
· Configured VLANS.
· Worked with Checkpoint NG and practically deployed smaller level security policy.
· Trained several students local and foreign and corporate.
· Configured ISDN DDR for Internet connection
· Configured ISDN, Frame Relay and Leased Lines.
· Configured VLANS.
· Worked with Checkpoint NG and practically deployed smaller level security policy.
· Trained several students local and foreign and corporate.
Share on Facebook
Share on Twitter
Share Via Email