Practice Consultant
Intertec Systems
Total years of experience :15 years, 3 Months
Implementation and Compliance to NESA and DGISR Requirements
Implementation and Maintenance of ISMS and ITSM Practices for Managed Service Customer
IT Security Capability mapping and solution review
Implementation of Governance framework for Information Security
Technical Pre-Sales for IT Security products
♣ Perform IT Security Architecture and Process design (Network Security, Endpoint Security, IDM, Application Security and/or Data Protection) throughout IT Security Life Cycle
♣ Conduct security assessment/review of current IT Security Architecture inclusive of but not limited to internal security architecture, perimeter security, wireless security, data center security, endpoint and mobile security to identify potential weaknesses and provide recommendation to address the identified gaps
♣ Ability to effectively and efficiently transform business objectives into security architecture and process design by leading cross enterprise architecture work, collaborating with technical and business stakeholders to address risks while achieving business objectives, meeting regulatory requirements and addressing emerging technologies
♣ Collaborate with the other units in the bank as appropriate to formulate and promulgate bank wide best practices and standards for security of information systems
♣ Ensure security requirements through bank projects life cycle and ensure security standards are followed across project lifecycle
♣ Identifying key technologies, capabilities, solutions and systems to implement the security architecture
♣ Defining policies, standards and procedures to manage associated risks
♣ Defining and documenting security services, processes, information flows, high-level design and technical standards in line with SABSA and ISO27001 methodology
♣ Simplifying the existing architecture, identifying reusable services and cost saving opportunities
♣ Conduct risk assessment and provide recommendation for risk mitigation
♣ Developed IS risk assessment methodology in-line with ISO31000 and ISO27005
♣ IT and IS Risk Assessment for critical banking application
♣ Developing Information Security policy to meet SAMA, PCI DSS and ISMS requirement
♣ Information Security risk reporting and management acceptance & communication
♣ PCI-DSS v3.1 gap assessment and maintaining certification requirements
Implementation of ISO27001 standard & conducting risk assessment
Implementation of ISO20000 standard & conducting ISO20000 Gap assessment
Secure network architecture design and reviews
Technical vulnerability assessment & network penetration testing
Conducting PCI-DSS gap assessment and implementation of PCI-DSS certification requirements
Designing appropriate enterprise security controls & compliance checks for several technology platforms
Developing secure configuration documents for several technology platforms
Business continuity planning/ITDR implementation
• Monitor and advice on information security issues related to the systems, to ensure the internal security controls for the clients are appropriate and operating as intended.
• Vulnerabilities Assessment using automated tools, Configuration/Compliance Audits using scripts and checklists on servers and network devices.
• Develop and publish Information Security policies, procedures and guidelines based on knowledge of best practices and compliance requirements.
• Conducted internal security audits.
• Create, manage and maintain user security awareness.
• Configuration Management of Cisco Devices, Checkpoint Firewall, UTM (Unified Threat Management).
• Trained candidates (predominantly working professionals) in multiple format namely classroom based training and fast track (one on one) intensive training towards achieving their Cisco CCNA, CCNA-Security, CEH Certifications.
• Responsible for developing Brand Strategy for various clients across India
• Responsible for conducting product survey and presenting feedbacks to clients
• Management and Coordination of events as per client requirement.
Bachelor of Engineering, Information Science, 2009, H.K.B.K College Bangalore, Vishveshwarya Technological University, Karnataka, India