Cyber Security Governance - Manager
Accenture l Advanced Technology Centers in India (ATCI)
مجموع سنوات الخبرة :19 years, 8 أشهر
Currently leading ‘Cloud Security Governance’ for PCI-DSS compliance in Azure, CSPM (cloud security posture Management), FedRAMP, SOC2, ISO 27001, with agile, Jira, confluence, teams, SharePoint tools.
Provided strategic direction for ‘data privacy’ & ‘Security’ at ‘Cloud First’ 'Data and AI’, worked on DSPM (Data Security Posture Management).
Governed 'Product & Platform' Security for global life-science majors.
Effectively collaborated with Accenture's leadership & 'Global Security' teams.
Envisioned 'Security Governance’ framework, embedded Security at all stages.
Diligently led DevSecOps, SAST, DAST Blackduck OSS, SonarQube, QualysGuard and Prisma cloud vulnerability scans and remediation.
Assured for 'Client Data Protection', HIPAA, and GDPR regulatory compliance.
Supervised 'secure access' to enterprise data & applications and reduced risks
Excelled in Cyber Security consultancy and advisory role for global majors. Established best practices for cyber security risk assessment and enterprise security controls for BFSI, Oil and gas majors. Managed and mentored GRC team. Designed and Implemented Cyber Security Enterprise Architecture framework to safeguard 'data privacy' and security using NIST, ISO 27001, SABSA, TOGAF, COBIT, MITRE, FedRAMP. GDPR, ISO 27701 PIMS, Regulatory Frameworks and Controls.
Steered 'IT Risk, Compliance & Audits' across this newly formed bank, established and elevated banking sector security and compliance to next level. Effectively designed and implemented Cyber Security Framework as per RBI cyber security and compliance requirements. Smoothly interfaced with Govt. controllers and regulators regarding IS and Cyber Security regulations, Audits and Compliance/Non-Compliance. Effectively interfaced with CRO, CTO and CISO and governed 'IT Risk Metrics'.
ASSOCIATE CONSULTANT - GRC Effectively led GRC projects for various industries and performed risk assessments. Established 'ISO 27001' and 'Risk Governance framework' from scratch. Aligned with Penetration Testing team, safeguarded client environment from potential threats and risks. Audited various sectors for 'ISO 27001' preparedness and assured accreditations.
Worked in Capgemini's Global Cyber Security Operations Center (G-SOC). Effectively managed SIEM tool, security incidents, triage and response process. designed, implemented and supervised security policies, procedures, standards and guidelines for global majors. Assessed contractual 'Security and Compliance' requirements and implemented appropriate information security controls. Supervised VA/PT, patch management and prevented security threats remarkably.
Played instrumental key role in establishing, improving and sustaining ISMS (ISO 27001) Information Security Management System for Organization and projects. Remarkably enhanced security posture of Organization and its global clients. Performed Organization-wide comprehensive Information Security (ISO 27001) Risk Assessment, managed and governed security and business risks effectively. Played major role in managing Organization wide CMM and ISO Audits primarily ISO 27001, SOC2 and ISAE3402. Enhanced overall effectiveness of various management systems and standards. Got support from Senior Management to envision and drive Organization-wide 'Information Security Program' and delivered excellence and value.
Performed 'Information Security Risk Assessment' while doing system integrations for domestic clients and enhanced security for products and services. Conducted internal audits, baselined & hardened network Security devices, routers, switches, firewalls, antivirus, servers and elevated security to next level. Performed 'gap assessment' for systems and networks.
Single point of contact for IT Infrastructure, IT Security and IT services. Provided excellent IT support for Software development platforms having Windows, Linux, Webservers, VMware, MS SQL, Oracle, JAVA, JBoss, and Eclipse. Enforced System and network security controls and performed IT Audits. Remarkably reduced budgetary and licensing cost by 60% implementing Linux platforms and opensource authorized software and vendor negotiations.
لقد تم حذف الرابط بسبب انتهاكه لسياسة الموقع. يرجى التواصل مع قسم الدعم لمزيد من المعلومات.