Navin Manohar
New Hampshire,USA
Summary
A seasoned Information Security Manager with 11+ years of expertise. Established a 24*7 SOC monitoring team, orchestrated cost-saving initiative through a comprehensive review, optimization, and strategic execution of tools, technologies, resources, and vendor contracts. Adept at developing and implementing robust information security strategies, specializing in risk management, compliance, and incident response. Proven track record in steering continuous improvement efforts to strengthen organizational cyberinfrastructure, with a focus on leading cross-functional teams.
Overview
12
12
years of professional experience
1
1
Certification
Work History
Information Security Manager
GAVS Technologies NA Inc
05.2023 - Current
- Lead a team of Engineers and Analysts, ensuring prompt response to security incidents, demonstrating a swift and effective incident response capability and managing SLA
- Spearheaded a meticulous project management process to guarantee minimal production impact during security tools implementation
- Create and uphold cybersecurity policies, standards, and procedures aligning with industry best practices and compliance mandates
- Work collaboratively with subject matter experts to collect information, ensuring accuracy and comprehensiveness
- Conduct thorough assessments to ascertain the root cause, impact, and severity of issues
- Determine the responsible party for remediation steps and outline the necessary actions for resolution
- Work with compliance teams to interpret technical requirements and translate them into actionable policies and procedures
- Perform Vendor Risk Assessments by assessing risks using scorecards that include vendor responses and submitted evidence
Lead engineer- Information Security
GAVS Technologies
10.2018 - 04.2023
- Support the documentation of risk management procedures, encompassing risk assessments, plans for risk treatment, and strategies for risk mitigation
- Responsible for creating and maintaining documentation related to cybersecurity policies, procedures, and compliance frameworks Governance, Risk Management, and Compliance (GRC).
- Developed and implemented security policies and features like(EDR, Firewall, and ADC) within Symantec Endpoint Protection and Bitdefender aligning them with industry best practices and organizational requirements
- SIEM log source integration, event monitoring, and administrative tasks tools like Azure Sentinel, and IBM Qradar
- Vulnerability management using Rapid 7 tool performing Scan Schedules, targeting high score Vulnerabilities on critical assets, report generation, and patch management
- Implementation of Forcepoint DLP and Symantec DLP, enhancing Web access control in it
- Monthly Phishing awareness program in Knowbe4 and PhishMe tools
- Examine and revise cybersecurity documentation to ensure clarity, consistency, and compliance with organizational standards
- Collaborate with internal stakeholders to collect feedback and integrate necessary revisions
- Implementation and configuration of Microsoft Office 365 Security features, including Threat Intelligence and Advanced Threat Protection (ATP)
- Improvement of the Microsoft Security Score and Microsoft Compliance Score
- Managed Microsoft Entra on cloud security activities (conditional access, user activities audits, MFA and transport rule management).
Senior Technical Consultant
Concentrix Technologies
02.2015 - 10.2018
- SEP Administrator responsible for product administration and security in various environments including Domain, Workgroups and DMZ's
- Server-side policy enforcement for Application and Device control, Intrusion prevention.
Junior Engineer
HCL Technologies
07.2012 - 10.2014
- Solving web browser issues network connection issues with LAN connections and Wireless connection issues guidance in multiple devices connections to the MODEM Broadband speed issues
- Regularly check feeds, reports, and dashboards to detect potential issues that could affect logical security controls
- Iteratively enhance documentation processes and templates by incorporating feedback and adapting to evolving requirements.
Education
M.Sc Cyber Forensics and Information Security -
University of Madras
IndiaB.Tech Computer Science Engineering -
PRIST University
IndiaSkills
- Project Planning
- Security Operations
- IT Security Policies
- Information Security Management System
- Technical writing
- Governance, Risk Management, and Compliance
- Security Information and Event Management (SIEM)
- Office 365 Administration
- Vulnerability Management
- Endpoint Security
- Phishing
- Threat Detection & Response
- Cybersecurity
Certification
- Cyberark Trustee Certification - Certification for cybersecurity professionals with expertise in CyberArk solution management and who can administer CyberArk solutions.
- Microsoft Certified Azure Security Engineer Associate - Certifies expertise in securing Microsoft Azure environments.
Timeline
Information Security Manager
GAVS Technologies NA Inc
05.2023 - Current
Lead engineer- Information Security
GAVS Technologies
10.2018 - 04.2023
Senior Technical Consultant
Concentrix Technologies
02.2015 - 10.2018
Junior Engineer
HCL Technologies
07.2012 - 10.2014
M.Sc Cyber Forensics and Information Security -
University of Madras
B.Tech Computer Science Engineering -
PRIST University