Rajendra Singh Bariana

Key Engagements

Cyber Security Advisor for ongoing e-services engagement with a sensitive organization of government of Oman. The scope of work include setting up of IS function, defining cyber security framework, defining cyber security policies and procedures, review security architecture, conducting risk assessment and assisting the client achieving compliance with ISO27001 requirements.

Project Director for ongoing project to setup EY Digital Security Operations Center for MENA at Muscat, Oman. SOC would primarily include cyber security monitoring (24x7) with threat intelligence, incident response and investigations, advanced malware analysis, digital forensics and cyber security testing.

Led an engagement for cyber security risk assessment of private cloud services provided by information technology organization of government of Oman. The scope included development of cloud security policy and service level agreement.

Cyber Security Advisor for EY initiative to provide cyber security risk assessment of payments business process and systems for the banks.

Responsible for establishing enterprise security architecture framework and ensure IT and information security strategies are alignment with business goals of the bank.

Key Achievements

Played key role in successful launch of the bank as core IT team member

Developed and implemented Information Security strategy and framework, policies and procedures. Achieved ISO 27001 certification for IT Operations covering Head Office, Primary Data Center and Disaster Recover Data Center sites

Developed and implemented Bank’s IT infrastructure / security architecture ensuring built-in scalability, redundancy and security

Managed multiple projects across the information technology domains as part of bank launch process.

Developed and implemented business continuity and disaster recovery plans

Developed and implemented physical security policies, procedures and controls across bank including head office, branch and ATM network

Conducted information security awareness campaign across the bank

Responsible for managing the technical risk in terms of information & physical security and business continuity functions of the bank. The division includes dedicated sections responsible for business continuity management, security operations, centralized access management of critical systems and applications and cards fraud monitoring.

Information Security Management

Experience of 15+ years in managing information security programs, information security compliance programs, IS security and control strategies based on the industry standards including ISO 27001 and COBIT. Security product and service evaluations, IS Risk Management and security business case analysis.

Key Achievements

Created security-conscious culture through policy, training and education.

Prevented potential losses by performing risk assessments on systems, networks and applications and developing minimum security baselines and internal audit checklists.

Streamlined incident response by developing and testing formalized plan, acting as primary coordination point and driving remedial actions when necessary.

Ensured compliance with local regulators including Central Bank of Oman, Capital Market Authority and other commercial regulations such as PCI-DSS.

Executed key enterprise projects like establishment and implementation of data classification framework, risk assessment, data loss prevention solution, log and vulnerability management solutions.

Physical Security Management

Responsible for management of the physical security setup across the banks premises in all three countries.

Key Achievements

Established the physical security framework including the policy and associated procedures in-line with Central Bank of Oman & Royal Oman Police guidelines.

Implemented key projects including centrally monitored CCTV surveillance system, Access control system, Fire alarm system, Security alarm system across the head office buildings, branch and offsite ATM network.

Business Continuity Management

Masters Business Continuity Professional (MBCP) with 7+ year experience in developing, documenting, implementing, testing and analyzing business continuity and disaster recovery plans based on industry standards.

Key Achievements

Successfully developed and documented business continuity strategies and plans for the recovery of key functions including retail branches, treasury dealing room, mortgage processing center, card processing center and administrative units.

Simulated disaster scenarios and tested strategies, plans and procedures to validate that recovery requirement are met. Coordinated testing between data centers, work sites and third parties, involving management and staff.

Developed and implemented Emergency Management Team and Crisis Management infrastructure to enhance corporate response to disasters affecting core business processes.

Developed and presented high level contingency planning program to the top management and Board Risk Committee.

Managed the bank’s crisis management process during major disaster situations including the tropical cyclone Gonu (2007), tropical cyclone PHET (2010) and country wide social disturbance (2011).

Key routine business continuity management activities including Business Impact Analysis, Risk Assessment, Technology Gap Analysis, etc managed internally.

Cards Frauds Management

Established cards fraud management section in 2007 and associated framework to monitor cards frauds offline and investigate the reported fraud cases. Liaison with Visa, MasterCard, other Issuing / Acquiring Banks on fraud related issues. Implemented real-time cards fraud monitoring solution (RiskNet).

Cross Functional Assignments

Secretary of Board Risk Committee (from 2008 to 2012)
Responsibilities include organization and management of quarterly board risk committee meetings, preparation of the meeting agenda & minutes and follow-up action plans.

Lead a team of Engineers and manage the corporate IT Infrastructure and Security. The job profile includes, vendor solutions assessment and evaluation, planning and forecasting of annual information security requirements and budgeting.

Responsible for 120 users located in 20 sites across the country and managed a team of 5 engineers supporting the WAN infrastructure and operating systems at each location.

Key responsibilities included techno-economic feasibility of small scale industrial projects. Reconstruction of sick small scale industries and extend expert advice to industrial rehabilitation division. Conducting training programs for Administration Offices / Field-Officers and Branch Managers on small scale industries management and Entrepreneur development programs in coordination with Trade and Research Associations.

Installed and Serviced Multitech Data Communication Equipment and PCs. Setup of Local Area Networks based on Novel Netware. Training programs for customers on Data Communication.