SUMMARY

• A Masters degree in Information Technology from Indian Institute of Information Technology, Allahabad
• A professional with 6 years of experience, specializing in the area of Information Risk Management and Auditing.
• Involvement in applying broad based information security principles as an Information Security Consultant in Information Security Management System.
• Responsible for the support of existing security policies and procedures, as well as creation and implementation of new security procedures for the clients as per ISO 27001:2005 Standards.
• Responsible in ISMS implementation thereby reducing risk and enhance competitive advantage by protecting organization’s information assets using current technology and business process interlocks and the focus on Human Centric Approach.
• Audited Information Security Management System for various clients (ISO 27001:2005 Standards)
• Involved in Business continuity planning.
• Knowledge of Data loss prevention
• Configured RSA Archer tool as per the client requirement

PROFESSIONAL EXPERIENCE

Confidential

Consultant

Responsibilities:

• Implementing IT GRC using RSA Archer including advanced administrator tasks, application builder tasks, data - driven events, calculations, rules, criteria, action, notifications and advanced reporting/dashboards.
• In depth implementation of GRC processes associated with Risk Management, policy exception management and Audit Management
• Collect requirements and specifications from clients and translate to Archer application enhancements
• Import existing risk details, audit results, findings, policy exception and/or historical assessment data
• Defined and configured groups, users, and access roles
• Creation of workspaces, dashboards and iView to display key information to users
• Developed application to support risk management, audit management and policy exception management in Archer infrastructure
• Trouble shoot Archer related issues as necessary
• Developed solution design documents related to risk, audit and policy exception management module as per the client requirement.

Confidential

Consultant

Responsibilities:

• Identifying and remedying security deficiencies and gaps with business suitable controls to get compliant as per organizational Information Security policies from corporate office to PAN - India across circles and locations
• Work with global team in the creation of organizational information security assessment framework and checklists to ensure smooth compliance assessment
• Conducting Video/Audio con-calls to discuss function specific queries with telecom circle locations on organizational information security policies.
• Serves as liaison between operations and management to maximize the adoption of and support for security plans and procedures within the organization.
• Conducting PAN India compliance checks through Information Security Audits.
• Define and develop function specific dashboards to assess continual assessment across circles and facilities.
• Delivery of comprehensive status updates dashboards on security policy compliance to higher management.

Confidential

Consultant

Responsibilities:

• Work with global team in the creation Third Party risk assessment framework and Third party assessment checklist to mitigate risks originating from association with third parties,
• Manage the TPM Compliance Programs which includes identify, assess, monitor, document, and report on pre-existing requirements checklist, vendor applicability matrix and vendor disengagement checklist.
• Reviews Statements of Work, Master Service Agreements, and other contracts for security obligations and identify areas of exposure
• Conducting PAN India audits for telecom company’s vendors and released reports highlighting various risks associated and tracking the closure of the same.

Confidential

Associate Consultant

Responsibilities:

• Ensure project complies with Telecom’s security policies and procedures.
• Ensure Telecom security policies compliances for Retail Technology registrations.
• Capture the security requirements and assist in gap analysis.
• Threat and vulnerability identification, Risk assessment, Risk evaluation and Risk mitigation for Telecom’s Retail line of business registrations.
• Preparation of security policy document and procedure on the basis of risk assessment report and risk mitigation plan for Telecom’s Retail line business registrations
• Preparation of Telecom’s Security policies Implementation detail document. Conducting internal audit by interacting with design, development, and support teams for proof of implementation of Telecom’s security policies and documenting the same for final Telecom’s security certification audit purpose.
• Preparation of security improvement plan for non compliance issue on the basis of Telecom’s security certification audit reports and follow up the non compliance issue.
• Conducting Vulnerability management by continuously assessing the vulnerability and threats related to the application which is being used by the platform to maintain the compliance level up to date.
• Interact with Platform Managers, Technical Design Architects, and support teams for finding out details about implementation of applicable Organizational security policies..