Manager, Information Security
HSBC Bank
Total des années d'expérience :20 years, 8 Mois
• Responsible for delivering Information Security Consulting, Information Security Risk analysis & mitigation strategiesand ensuring Data Security, Data leakage prevention and cross-border data flow control.
• Managing Third Party Risk Governance and Data Transfer Controls and controlling implementation & review based on ISO 27001, PCI DSS and internal HSBC standards.
• Involved in Network Security management including Network design & architecture review, Network change control and Firewall & IDS log review.
• Handling Information Security Gap Analysis and transformation programs for IT Controls in acquired / merged Group Companies. Involved in conducting vulnerability assessment and Network penetration testing and managing RA Office Management for external and internal Digital Certificate Infrastructure.
• Responsible for providing security consulting for Businesses departments and Information Security and Risk awareness programs.
• Conducting Business Continuity Planning (BCP) reviews, delivering security consulting for implementing controls in application developments and monitoring security controls in all major IT projects.
• Conducted SOX 404 audits & SAS 70 review, performed Gap Analysis and ensured compliance with assigned corporate policies and standards.
• Involved in Network designing, reviewing architecture and developing multiple Standard Operating Procedures (SOPs) / Plan of Action (POA) documents.
• Streamlined procedures for incident management, change management and problem management.
• Designed and tuned Firewall and IDS Policy for enhancing performance, configured Network equipments and reviewed network audit.
• Managed RSA Server Administration for role-based user-rights assignment / identity and access management for user rights.
• Involved in VPN setup review & maintenance, Network integration & migration, reviewing Wireless Network and recommending controls.
• Designed Security framework & policies for setting up core banking data center at Central Bank of India.
• Involved in DR planning and reviewing for data centers including reviewing security configurations of AAA, TACACS+, HSRP, VRRP and Stateful High Availability backup on firewalls.
• Responsible for system maintenance & desktop management, developed policy for Firewall, ASA, IDS and Antivirus, liaised with vendors & banks and ensured SLAs.
• Deployed and configured Network Security Products (Checkpoint NGX, Nokia Cluster, PIX and IDS / IPS)
• Installed SQL Server / Client, MS-Outlook and Antivirus in compliance with organization security policy.
• Involved in LAN / WAN Management, configuration and troubleshooting of Lease Line / ISDN
• Provided installation and post installation support for Win 98 / 2000 / XP / Win 2000 Advanced Server / Win 2003 Server.
• Delivered technical support on Active Directory and Mail Server - Outlook.
Instrumentation and Control Engineering