Technical Lead
SDC
Total years of experience :12 years, 3 Months
ISO27001 Controls, ITGC, GRC
PCI DSS Assessments
Information Audits& Controls
Security Document Refresh Projects
Key Management Areas:
•Coordinated and facilitated internal (ISO 27001 Audits) and external audits; followed-up on audit issues responses, action plans & remediation
•Monitored risk assessments, vulnerability assessments and risk-based security reviews / audit were conducted periodically for applications, databases, operating systems and network devices
•Utilized a remediation program that reduced findings from Penetration Testing and Security Assessments (Network, Database, Web Application and Servers)
Key Functional Areas:
•Administered Access Permissions and Asset Management, their analysis planning, & coordination
•Promoted information security culture by creating awareness using different modes (workshops, emails, portal articles) of training & awareness sessions
•Transitioned and transformation of new clients for new business including planning of IT Operations, control of costs, technology implementation
Significant Highlights:
•Designed and implemented security controls, procedures and standards, Information Security (IS) structure, especially regarding logging of security events and the security risk mitigation controls
•Consistent and value-driven performance led to numerous appreciations from US based clients & customers
•Performed security risk assessment/analysis & recommended mitigation through appropriate controls, both in projects and for existing assets
Analyst - IT Risk & Controls
from
. from