Associate Consultant - IT Auditor
KPMG
Total years of experience :11 years, 6 Months
Information Security Audit
• Review the Help Desk Procedure established by Data Center Operator for alignment with ITIL Best Practices.
• To monitor and assess the conformance by the DCO.
• To ensure the consistency and comparability of the audit on a regular basis.
• To study contracts between stakeholders.
• Review the Configuration / deployment parameters of the Data Center.
• Preparation of audit plan & Conduction of SLA, usage audit.
• Preparation of various templates required to be filled in by the various stakeholders involved in the audit process.
• Conduction of IT and Non-IT infrastructure audit.
• Conduction of security audit of the Data Centre Infrastructure including vulnerability assessment and penetration testing.
• Preparation of reports and reviewing process documents related to ISO 20000 and ISO 27001.
• Interaction with the various stakeholders occurs as needed.
• To assist State to maintain quality and continuous improvement are fostered in the SDC operations and management processes.
• Planning, Designing & implementation of Data Center network architecture & Data Center Security Policy using HP Core Switches, SAN Switches, Access Switches, HP Routers, Fortigate firewall, McAfee - IPS, IBM-HIPS, IBM Tivoli Monitoring tool.
• Responsible for Monitoring, analyzing and designing solutions to network & security issues, and Providing Technical Support to Customer in 24*7 Environment (NOC).
• Signature updating, blocking of unwanted traffic, maintaining patch updates, analyzing traffic logs in Firewall & IPS.
• Implementation, Installation & Configuration of Network and Security Devices in Data Center Connectivity and Implementation & Configuration of device hardening.
• Configuration of iView Syslog Server & log integration of Network & Security devices.
• Performing security penetration test & prepared internet access policy.
• Troubleshoot performance and availability issues on Network & Security devices such as firewalls, IPS, Router, L2 & L3 switches, SAN Switches.
• Monitor and managing Data Center Process with ITIL best practice.
• Manage infrastructure security, which includes virus protection, patch management, access control and audits.
• Creation and Implement Access Policy in Router and firewall.
• Manage LAN and WAN Connection use Routing Protocol, Spanning Tree Protocol, Trunking protocol, Ether Channel .
• Change, Creating Zone Policy and implement in Security Device like Firewall ForiGate
• Monitor & Analyzing Logs in HIPS and NIPS.
• Configure VPN and Create VPN User and policies.
• Take weekly and monthly backup of Routers, Switches, Firewall and IPS devices.
• Handle request tickets and incident tickets on the activity scope.
• Managing change Service Request and Incidents through Tivoli Tools
• Incident Response process and Change management process using ITIL framework.
• Creating Daily/ Weekly/Monthly Memory, CPU, Bandwidth Utilization and Device availability report and monitored Networks by IBM Tivoli Monitoring Tool (ITNM).
cse