Seasoned enterprise Information Security professional with 15+ years of experience and focuses on to ensure that cybersecurity delivers value and is aligned to business strategy. Detail-oriented with high level of technical expertise
Overview
16
16
years of professional experience
4
4
years of post-secondary education
13
13
Certificates
Work History
Senior Corporate Security Engineer
Nagra USA LLP, Nagravision India Pvt. Ltd.
02.2018 - Current
This role is at Kudelski Group level and reporting is to group CISO.
Strategic Planning & Collaboration:
Collaborated with management for strategic planning.
Evaluated and recommended adoption of new security technologies.
Built strong relationships with business leaders.
Technology Leadership:
Assisted in building new technology capabilities aligned with management strategy.
Managed Crowdstrike, Tenable.io, and Brinqa at group level as product owner.
Implemented and maintained EDR & VM program
Lead external attack surface management program
Managed Phishing campaigns, phishing/spam submissions & process around it
Managed Incident Management and investigated & responded IT security incidents (IR)
Security monitoring and investigation for Microsoft ATP & O365 incidents
Risk Management & Security Operations:
Led global security operations tasks and teams.
Managed end-to-end CyberArk (PAM) infrastructure.
Ensured security control effectiveness and timely incident response.
Metrics & Compliance:
Tracked security product licenses, renewals, and budget.
Presented global security KPIs to executive security committee.
Stakeholder Engagement & Communication:
Built productive relationships with business leaders and stakeholders.
Effectively communicated security discussions to both technical and non-technical audiences.
People Management & Offshore Team Responsibilities:
Managed roles and responsibilities within the offshore team.
Senior Consultant
IBM India Private Limited
07.2015 - 02.2018
Part of SOC2 Core Team, assisting IBM GBS to get Unqualified SOC2 Report
Global program and included 39 facilities located across 10 Countries
Perform audit and check implemented controls as per AICPA SOC2 Type 2
Manage audit scoping (IT devices, secluded areas, client delivery & Last mile connected facilities) of the project
Perform internal testing for IT/non-IT control to ensure effectiveness
Responsible for maintaining security & privacy controls as per contractual requirements for multiple projects, thereby ensuring the compliance
Responsible for the reviewing & monitoring of SAP GRC controls, as per SOX standards.
Specialist – IT Security and Compliance
SLK Global BPO Services Pvt. Ltd.
01.2014 - 07.2015
Responsible for enterprise level IT security & compliance and reporting to CISO of the company
SPOC for all IT security activities across enterprise
Implemented vulnerability management program
Responsible for IT security control audit to ensure effectiveness of controls across enterprise, thereby ensuring compliance in line with requirement of ISO 27001, SOC 2, PCI DSS and client controls
Responsible for implementation of client specific and ISMS controls as per signed service agreement
Coordinated and maintained Information Security risk register
Prepare and manage audit calendar and acted as point of contact for coordination of various audits
Manage project to upgrade PCI DSS certification to v3.0, for banking client’s restricted zones and network
Act as SPOC for external vendors during security, risk & compliance audits
Review & manage technical change management
Respond to RFPs received from multiple US banking and mortgage industry-based clients
Prepare presentations, reports, and functional decks to present status to ELT’s.
Senior
KPMG Global Services
08.2012 - 09.2013
Manage Information functional & technical evaluation of some fortune 100 clients for ICANN project
Document results and findings with supporting information as outlined by work management guidelines
Perform internal audit for KGS based on ISO 27001 standard
Share reports with executives and follow up for closure of identified non-compliant observations.
Senior System Engineer
Wipro Technologies
09.2011 - 08.2012
Perform vulnerability assessment for servers and network devices for clients
Identify and exploit vulnerabilities with objective to assess level of exposure to external threats
Drafted questionnaire, guidelines and manuals for application security assessment.
Senior System Engineer
Hewlett Packard GlobalSoft Pvt Ltd.
08.2008 - 08.2011
Perform vulnerability assessment for multiple HP clients
Identify and exploit vulnerabilities and provide recommendation to fix identified vulnerabilities
Offshore team member of transition team for DHCP & DNS project for automobile parts manufacturing client
Planning, configuring/implementing DHCP & DNS services as L3 specialist
Managing 1700+ DHCP & DNS servers including activities like, server commissioning and decommissioning, records creation/deletion and troubleshooting connectivity issue
Manage server compliance for multiple HP clients through Symantec ESM tool.
Education
B.E. - Electronics And Communications Engineering
AIT (VTU Affiliated)
Chikkamagaluru, KA, India
09.2003 - 01.2008
Skills
Security Products: Crowdstrike, Tenable, Brinqa
undefined
Certification
Certified Information Systems Security Professional (CISSP)
Timeline
Senior Corporate Security Engineer
Nagra USA LLP, Nagravision India Pvt. Ltd.
02.2018 - Current
Senior Consultant
IBM India Private Limited
07.2015 - 02.2018
Specialist – IT Security and Compliance
SLK Global BPO Services Pvt. Ltd.
01.2014 - 07.2015
Senior
KPMG Global Services
08.2012 - 09.2013
Senior System Engineer
Wipro Technologies
09.2011 - 08.2012
Senior System Engineer
Hewlett Packard GlobalSoft Pvt Ltd.
08.2008 - 08.2011
B.E. - Electronics And Communications Engineering
AIT (VTU Affiliated)
09.2003 - 01.2008
Similar Profiles
Arjun AlvaArjun Alva
Engineering Manager at Nagravision India Pvt LimitedEngineering Manager at Nagravision India Pvt Limited