Shaju Bhaskaran,

Shaju Bhaskaran

I HERE BY DECLARE THAT ALL THE INFORMATION FURNISHED BY ME ABOVE ARE TRUE AND TO THE BEST OF MY KNOWLEDGE

Lieu
Qatar
Éducation
Baccalauréat, Computer Science
Expérience
22 years, 0 Mois

Partager Mon CV

Empêcher usager


Expériences professionnelles

Total des années d'expérience :22 years, 0 Mois

à I HERE BY DECLARE THAT ALL THE INFORMATION FURNISHED BY ME ABOVE ARE TRUE AND TO THE BEST OF MY KNOWLEDGE
  • Qatar
  • Je travaille ici depuis août 2014
ISO & Head of SOC à Ooredoo
  • Qatar - Doha
  • Je travaille ici depuis mai 2021

Knowledge of DevSecOps


•20 years of contribution in the entire gamut of Cyber Security Operations, Network Security, Risk Management, InfoSec Strategy & Governance, Project/Program Management, Service Delivery, Implementation and Support in eight different global companies
•Extensive experience in Cyber Security Operations and IT Risk Management Practice with Banks in India, Southeast Asia and Middle East. Worked with Central Banks like RBI, IRDA, MAS, QCB etc. to ensure compliance with Technology Risk
•Managed very complex network security projects for Banks, Telcos and other industries
•Spearheaded InfoSec Architecture, Cloud Risk assessment, Security controls for migrating to MS Office 365/Azure cloud
•Technology risk identification, risk assessment, risk mitigation, response and risk reporting. Creating & managing the IT Risk framework for the company, Key Risk Indicators for all the areas of IT risk and Regulatory compliance
•Possess broad competence in strategic management of technical/business matters (especially in the banking and financial sector) with the distinction of launching and driving new Information security initiatives and managing multiple concurrent complex projects, achieving organisational objectives within specified timelines
•Comprehensive expertise in developing and implementing an Enterprise Information Security Program with deftness in Security Strategy, Security Architecture, Technology Risk assessment & mitigation, Data Privacy, Technology Audits, Security Reviews, Incident management, Security Governance and IT Compliance management
•Adept at leading and managing a team for running successful process operations & experience of implementing a robust information security architecture, GRC framework, technology risks, business continuity plans, information security policies and procedures, also worked on GRC tools like Archer & SAS, also did consulting for GRC tools, SOC and other Information Security services
•Spearheaded the implementation, maintenance and renewal of ISO27001:2013 and PCI-DSS projects at major Banks in INDIA, Southeast Asia and Middle East
•Compliance to COBIT, ITIL & NIST frameworks across all the regions of global banks
•Developed Information Security & Business Continuity strategy for large companies including banks
•Designed and implemented Data security program for the bank including data discovery, classification, policy development and applying the policies in the Data Loss Prevention (DLP) solution
•Successful design and implementation of security controls for Online Banking, Mobile Banking apps and 3D secure system
•Designed security architecture and implemented security controls for SWIFT system, ATM & POS environments etc.
•Vulnerability management & Security Testing of IT infrastructure and Banking applications like E Wallet
•Managing Penetration testing and Red & Blue team exercises
•Implementation & Day-to-Day operations of Identity & Privilege Access Management



Career Timeline

BFSI Sector: 13+ years
IT/ITES Sector: 5 Years

CISO à Ahlibank
  • Qatar - Doha
  • août 2014 à février 2021

Reporting - CRO

Meeting the expectations of the Board & Senior Management by developing Information Security Strategy and managing Cyber Security Operations for the bank. Detecting & responding to new threats, IT Risk Management, Project Management, People/Vendor management, annual IS budget planning & spend, ensuring regulatory requirements are met, managing Internal, External & Regulatory Audits.

My team’s day-to-day activities

•Developed enterprise IT Risk strategy that consists of strategically integrated elements of NIST risk management and Cybersecurity frameworks, SANS Critical Controls, ISO 27001/27002, PCI DSS, GDPR & other Regional standards like NIA, FIFA World Cup Cyber Security Framework 2022
•Design and manage the entire Lifecycle IT Risk management by continuous Risk Assessments, Risk Mitigation, Reporting & managing the residual risk
•Revamping the traditional SOC to Managed Detection & Response Center
•Managing day to day Cyber Security Operations
•Continuous Risk Assessments of all the critical IT Applications and Infrastructure
•Ensuring data integrity, confidentiality and availability of information as well as creating controls on how data is processed by the organization
•IT Security Governance structure to reduce risks in business processes, enhance information security, and comply with regulatory requirements
•Ensuring Data Privacy by implementation of National Data Privacy laws, GDPR etc.
•Managing the Information Security Budgeting every year in alignment with the IS Strategy & Bank’s Vision
•Ensuring Bank’s Information Security Compliance across different regions/countries
•Working closely with Regulatory audit bodies like Central Banks & CERT teams
•Collaborate with Regional CISO’s to keep abreast of any changing trends

Chief à ING Life Insurance
  • Inde
  • août 2011 à juillet 2014
Solution Architect à Dimension D
  • Inde
  • décembre 2009 à juillet 2011
Manager à Standard Chartered
  • Inde
  • juillet 2008 à octobre 2009
Assistant Manager à Aricent Technologies
  • Inde
  • décembre 2006 à juillet 2008

(One of the market leaders in the telecom software domain in India and having a client list of almost all the major players in Telecom Equipment manufacturing, vast presence in India, Europe & U.S.)

Designation -

Management Trainee à GENPACT
  • Inde
  • octobre 2004 à décembre 2006

- Information Security Specialist for client - GE Money,
Responsible for all the Information Security operations and projects across GE Money India.

Network Security Engineer à R Systems International Limited
  • Inde
  • octobre 2003 à octobre 2004

providing support for implementing, troubleshooting and supporting high-end Enterprise/Mid-Range/SOHO level Firewall VPN

Technical Support Engineer
  • Inde
  • mai 2002 à septembre 2003

Éducation

Baccalauréat, Computer Science
  • à of Commerce - Pt. Ravi Shankar Shukla University Indi
  • janvier 2008

courses: Certifications •CISSP (Certified Information Systems Security Professional) •CISA (Certified Information Systems Auditor) •CEH (Certified Ethical Hacker) •ISO/IEC 27001:

Master, Computer Science
  • à MDU University
  • janvier 2006

in

Specialties & Skills

IT Risk
Information Security Management
APPROACH
ARCHITECTURE
CONSULTING
CUSTOMER RELATIONS
DELIVERY
FINANCIAL
FIREWALLS
INFORMATION SECURITY