Information Security Consultant / IT Account Manager
Accenture Services Pvt. Ltd.
مجموع سنوات الخبرة :24 years, 0 أشهر
Information Security Assessments, Threat & Vulnerability Management.
Responsibilities:
• Leading a team for processing of Security Operation Center (SOC) exceptions relating to threat and vulnerability remediation of IT infrastructure across the globe.
• Conducting risk assessments on IT infrastructure for non-remediation of vulnerabilities and non-compliances.
• Providing inputs to the management for decisions towards the security exceptions.
• Assistance in deploying security products like Trend Deep Security Solution, Tanium, Firemon, etc.
• Assessing risks associated with non-deployment SOC tools at certain sites.
• Conducting ISMS Assessments across locations for compliance against ISO27001 framework and controls.
• Conducting Technology Hosting Site Security Assessments for IT Infrastructure across various locations to check for compliance against company standards and policies.
• Suggesting changes to company standards and policies to meet current industry compliance levels.
• Work towards the upgrading of work plans for the team for conducting thorough assessments across the organization.
• Conducting Supplier Security Assessments of various service providers to the organization.
• Following up for the remediations of all the findings for all the audits conducted and providing a timely update to the management.
Information Security Consultant
Responsibilities:
• Work closely with the location IS teams and the location central functions to mature the ISMS to face the ISO 27001:2013 audit.
• Share best practices and nuances to bring up the location IS team in the learning curve for ISMS related topics such as risk assessment, asset access reviews, etc.
• Support the location IS Lead prepare for and during the BSI audit.
• Successfully getting the location certified without any major non-conformities for first time BSI audit and CAV’s.
• Conducting onsite and offsite assessments for locations to gauge the level of compliance with the ISO 27001:2013 standards.
• Driving regular touch points with IS leads and teams for any ISMS outliers that need attention.
• Preparing quarterly dashboards to be published to the IS leadership.
• Weekly monitoring and follow-ups on Risk actions, Information assets review and ensured 100% timely closure of all actions.
• Providing heads-up on actions from IS lead calls and addressing any issues/queries from the teams
• Worked extensively and provided key inputs to Leadership whenever a new standard/technology was proposed to ensure that risks are highlighted appropriately for taking an informed decision.
• Responsibilities:
• Oversee the entire Technical Infrastructure department of the organization; carry out performance
appraisal of the technical infrastructure team.
• Guide and motivate the team in achieving short and long term goals set for the team.
• Handle the purchase of all new IT equipment/software and ensure highest SLA’s to the Software
Services team.
• Assess and deal with software/hardware vendors for best quality and rates.
• Prepare and generate regular reports for the management.
Accomplishments:
• Implemented the state-of-art Europay Master VISA network as per the world’s payment card personalizing network standards.
• Implemented ISO/IEC 27001:2005 certification for Future Cards EMV network by implementing the controls which were not already in place.
• Implemented state-of-the-art networks with WI-FI connectivity for 5 new companies under the ENPI group from the scratch.
• Implemented the Level 2 and Level 4 BCP setup for EMV network for Future Card in Jordan.
• Cleared 2 Logical Security Audits of VISA and MasterCard for personalizing of payment cards.
• Instrumental in enhancing technical facilities at the ENPI Group which involved installation of several
routers, switches, servers etc.
• Implemented Exchange Server 2003, ManageEngine ServiceDesk Management, GFI Langaurd for Network Security and Patch Management.
Projects undertaken at ENPI
• Played a key role in implementing ISO 27001:2005 certification for Future Card EMV network.
• Migration from Exchange Server 2000 to Exchange 2003 along with OWA which involved proper
planning and implementation, allocation of specific tasks to various teams and keeping track of the tasks.
• Upgraded all the desktops from Windows 98 to Windows XP and then Windows 7 with the latest application upgrades as well and meeting it compatibility of the same for the in-house developed software’s.
• Completely deployed E-Scan Antivirus for Desktops and Exchange to manage endpoint security.
• Implemented in-house helpdesk tool for the IT department.
• Implemented ManageEngine ServiceDesk Management, GFI Langaurd for Network Security and Patch Management.
•National Commodities Derivatives Exchange (NCDEX)
Handling & Maintenance of 72 servers which include IBM 345, 346, 306 & HP DL 380 & 580 Series.
LAN & E-mail ID administration on Microsoft Windows 2003 & Exchange 2003.
Internet administration through Microsoft Internet Security & Acceleration Server 2003.
Installation & Troubleshooting of Windows Server & Linux Operating Systems
Creation and maintenance of rules on Checkpoint Firewall.
Monitoring intrusion attacks and security logs on the Firewall.
Taking backup of the servers with Veritas Netbackup 4.5 and restoring data as per requirement.
Implemented Windows 2000 Active Directory UCP (User Changeable Password) with integration of ACS (Access Control Systems) for the Trading System.
Implemented resetting of password on Active Directory through forms for the NCDEX helpdesk.
Hardening of servers
Preparing daily and weekly reports and submission of logs as per requirement.
Installing FTP, IIS servers.
Implemented E-Policy Orchestra for automatic updating of all the servers as well as workstation.
Providing second level help to desktop administrators.
Testing of new updates and patches before implementing on the servers.
Testing new applications available which could help the organization for efficient and smooth working of the business.
Job Profile:
•3I-Infotech (Vashi).
User & E-Mail Administration (creation, deletion, and managing of user LAN, WAN & E-mail accounts for various sites of ICICI Infotech worldwide).
Providing access to various network resources and server resources.
Troubleshooting various Desktop & Network related problems faced at the client end.
Configuring and troubleshooting mailing clients such as MS Outlook 2000, XP & 2003
Ensuring automatic updating of Patches and Antivirus updates on servers and client end.
•3I-Infotech (Goregaon).
Network Administration of the site along with troubleshooting desktop applications.
•NCDEX (Bandra-Kurla Complex).
Security Analysis, monitoring network activities, adding and removing rules for users on Checkpoint Firewall.
•Deutsche Bank (Lower Parel).
User & E-Mail Administration (creation, deletion, and managing of user LAN, WAN & E-mail accounts for employees at various sites of the bank in Asia-Pacific.
Creating accounts for employees on more than 30 banking applications used by the bank. Providing access to various network resources and server resources.
Assisting in testing of banking applications specially packaged for Deutsche Bank.
Assisting in user migrations all over Asia Pacific region to Windows XP.
Implementation of APARD (Asia Pacific Account Request Database).
•E-mail based technical support for GATEWAY Computers Inc.
•Troubleshooting software, hardware & LAN related problems.
•Providing Second level support to the other Support Representatives.
•Providing training on the new products and documentation in the database.
•Evaluating and providing feedback to the Support Representatives.
•Preparing reports of the Team Members regarding their performance and providing ideas on their improvement
•Maintaining highest level of technical knowledge regarding the products.
•Acting as medium of information exchange between the Agents and the Management
•Implementation, Installation & Troubleshooting of F-Secure range of products, (Anti-virus, File Crypto Etc.)
•Implementation, Installation & Troubleshooting of Mail Servers, & Backup Management Software’s. (Mdaemon Mail Server & Veritas Backup Exec & Veritas IDR)
•Troubleshooting, Solving Problems Related to Networking & Handling Support Calls.
•Creation of tools to implement automated antivirus updates.
•Installation, configuration and maintaining Windows NT, 2000 Servers & Workstations.
•ID Administration.