Вы находитесь на странице: 1из 4


Senior Information Security Specialist

Client & Employers Aricent, Barclays Shared Services, Indus Valley Partners, Team Computers

Noida, India
Jul 2013-

Sr, Manager Information Security


Facilitating external audits and facing client or customer audits for the offshore development centre

as per agreed contractual terms. Working in the capacity of Information Security Leader, BCM

Leader, Data Privacy Leader and Asset Governance Leader. Taking initiatives and leading IT

Security Projects and ensuring compliance to organization policies, regularly reporting the security

status (KPIs and KRIs) to the management. Managing internal and external stakeholders globally.
Manager Enterprise Security

Oct 2011

June 2013


Conducting Internal Audits for various business functions e.g. Admin, HR, Legal, procurement and IT
department, etc. based on ISO 27001 requirements. Facilitating external third party audits for ISO
27001, TL 9000 (Quality), Statutory Audits, and facing customer audits as per agreed contractual
terms. Performing risk assessment, onsite / offsite security audits of critical vendors and partners by
visiting them as per contractual terms or as desired by the senior management. Working with global
stakeholders such as functional teams, technical teams and global site leads to plan, execute and
improve the Information security policies and for executing IT security and Application Security

ible for
n of IT
such as

Leakage Prevention (DLP), Vulnerability management, IDS/IPS, IT DR/BCP, etc.

Incident management, investigation of data security breach events and ensuring incidents closure with
corrective and preventive measures (RCA). Leading employee security awareness program and
planning regular campaigns for the enterprise to ensure communication of information security
policies. Periodically reviewing information security policies and providing inputs to improve global IT
policy for the organization. Ensuring that security policies are aligned to global standards, ISO 27001
requirements and customer contractual terms. Participating in strategic initiatives, security roadmaps
for Enterprise Security & Governance group. Measuring information security KPI metrics and preparing
security decks for reporting. Planning Security Awareness Campaigns for the organization. Reviewing
RFPs to submit information security related inputs for customer contracts and business development
or Presales.

Barclays Shared Services

Feb 2009

Oct 2011

Noida, India

Asst. Manager Information Security

Responsible for executing IT security projects in the organization and its third party vendors. Leading
all IT security related assignments e.g. patch management, Antivirus monitoring, Data Leakage
Prevention (DLP), secure system configuration, technical compliance to Barclays global standards and
ISO 27001 requirements. Liaising with global stakeholders and business (functional and technical
teams) for Data Protection Program, Vulnerability Assessment (VA) and Audits, etc. Doing risk
assessment and updating risk registers and racking closure of audit observations as per agreed
timelines and preparing reports for management reviews. Participating in various internal and external
audits for Information Security such as ISO 27001, DPA or as desired by the senior management.
Investigating security incidents and DLP events and preparing reports and dashboards for controls
effectiveness status for senior management. Performing RCA for security incidents to avoid recurrence
and reporting the status to the incident management team for senior management reports. Assisting in
due diligence for contractors, security policy reviews, security assurance, etc. Responsible for
continuous measurement of IT security controls effectiveness, regular audits and timely testing of IT
DR plans.

(Page 1 of 2)

Indus Valley Partners

Jan 2007
July 2008

Delhi, India

Network Security Manager

Implementation and enforcement of IT security policies and best practices within organization to
ensure data safety and protection from cyber threats. Performing regular reviews, internal audits and
ensuring IT compliance. Periodically reviewing the configuration standards of the IT infrastructure to
ensure optimum performance and maximum uptime. Assisting in risk assessment, analyzing, planning
and deploying appropriate network security solutions for the organization within the assigned budget.
Responsible for Servers Security, Firewall configurations, Endpoint Security, Antivirus monitoring,
Patch Management, etc. Responsible for Internet access rights management on WebSense, Physical
and Logical Access Management for organization premises and data center.
Team Computers

Bangalore, India

on Security)

Wipro, India

Dec 2005

Jan 2007


Worked at client's site for IT infrastructure and security issues, problem management, handling user
escalations, internal and external audits etc. Assisting the client in implementing ISO 27001 technical
controls and ensuring internal policy and standards compliance. Actively participating in strategic
planning and deployment of various IT security solutions like Content filters, VPN, Antivirus, UTM, VA
tools, etc. Responsible for Access Rights management on Microsoft VSS Server and other Logical and
Physical Access Management for various teams and departments. Preparing IT security dashboards
and SLA adherence reports for the management review.

AISTEK Networks
Jan 2003

Dec 2005

Delhi, India

Sr. System Engineer


Installation of endpoint security products for its customers and clients. Providing technical support in
authorized Service Center of Zenith and LG. Supporting various clients and customers in Delhi/NCR
for IT needs. Client(s) management for providing appropriate support and IT solutions,
installation and technical troubleshooting, etc.

(MSc. - IT) from Sikkim Manipal University, Delhi in 2009.
Bachelor of Computer Applications (BCA) from IGNOU, Delhi in 2005. Completed High School and Senior Secondary from C.B.S.E

Certifications & Trainings:

Certified Information Systems Security Professional (CISSP) IRCA Certified ISO 27001:2005 Lead Auditor (ISO 27001 LA)
Microsoft Certified System Engineer (M.C.S.E)
Cisco Certified Network Associate (C.C.N.A) Trained for White Belt Program (Lean Six Sigma)

(Page 2 of 2)