- Over 13 years of Experience in IT Infrastructure Management and Delivery, and;
- 5+ years in Information Security, Governance, Risk and Compliance
- Worked across Aerospace, Securities, Healthcare, Mass Transportation, and Insurance verticals
- Program management of ISO 27001, SSAE 16, PCI DSS, ISO 20000 Service Management frameworks
- Adept in using NIST 800 - 53 and CSC Critical Internet Security Controls
- Leading Change Management for Emergency change approvals across Confidential data centers
- Conduct Security Training and Awareness
- Member of the Security Architecture Task force (Cloud Representative)
- Security due diligence, working with RFP team during presales
- Lead the PCI and SOC compliance
- Lead the internal audits for ISO 27001 and ISO 20000
- SPOC for SSAE 16, SOC 1 Audits
- Assist with investigations into Security Incidents or findings of VA and PT
- SOW Contract Reviews for compliance to security requirements
- Adept in Risk assessment framework ISO 31000:2009
- Risk assessment and treatment process
- Business Continuity and disaster recovery
- Remediation from Vulnerability Assessment Penetration Testing program
- Management Vulnerability Scanning and Penetration testing project
- Incident handling
Confidential, Scottsdale, AZ
Information Security Officer, Implementer and Lead Auditor
- Interact with Confidential stakeholders and customers to effectively deliver managed/cloud services through proactive processes, plans, and tasks to enhance the customer experience.
- Provide mentoring to Managers, and customer champions in their on-going interaction during Security audits; serving as a key resource for escalation of all Confidential Cloud Services nonconformance issues.
- Lead on-going strategic development within Cloud Services and provides feedback to Confidential management team on Service Management (ITIL) and Information Security Governance quality initiatives.
- Assist Confidential Management, Sales, Pre-Sales and Consulting Services globally in interactions with prospective customers related to Cloud Services ITIL and Information Security Quality Assurance and operational excellence opportunities.
- Key Resource and SPOC for all external information security audits and Service Management (ITIL) audits
Associate General Manager - Quality
- Managed a diversified team comprising of Network Engineers, System Administrators, Database Administrators and Project Managers
- People Management including hiring, assigning work, training, coaching, and counseling ensuring consistent application of Employee Guidelines, processes, and procedures.
- Established level of service standards and operating policies/procedures for overall system availability and individual system components.
- Periodically review appropriateness of technologies used for system components and recommended modifications and/or upgrades when necessary to keep systems operating according to defined service level agreements and operating level agreements.
- Project Management of IT Infrastructure projects across multiple locations (Bangalore, Bhubaneswar, US, UK, Singapore)