Вы находитесь на странице: 1из 9

ANAND BHATT

Email:anandbhatt@hotmail.com
Phone:+91 9619238790(L) +91 22 28074939
E/220, Raj Arcade, Mahavir Nagar, Kandivali West, Mumbai 400067, India

HEAD NETWORK AND SECURITY OPERATIONS CENTER


Meticulous and highly accomplished professional( CISSP, CEH ) with more than 15 years of global experience in
INFORMATION SECURITY AND IT INFRASTRUCTURE MANAGEMENT, possess multifaceted experience in Strategic
Planning, Virtual-CISO service, Network penetration testing, Vulnerability management, Network access control,
Application security, Data loss prevention, Firewall management, Forensic, privileged identity management, Cyber
deception, LAN/WAN design, Wireless design, Data center designing, Virtualization technologies and Technical
Support Services. Expertise in managing operations with key focus on profitability by ensuring optimal utilization of
resources at lower costs; demonstrated ability to manage multiple priorities in a rapidly changing environment; Ethical,
loyal and maintain a high degree of confidentiality.

Dynamic, hands-on leader with proven track record of developing strong service delivery capability across the
globe. Cross-functional knowledge of technology, delivery, operations, finance, marketing, and sales provides
unique ability to determine key business drivers, make informed decisions and drive results.

Highly self-driven person with big-picture vision and ability to make tough decisions that brings about positive
results. Effective leader of people, skilled at developing high-performance teams, creating cohesive teams by
building an environment of transparency, communication and mutual trust. Skilled at bringing out the best in
people and build solid performance oriented teams.

Page | 1
AREAS OF EXPERTISE

Information security governance Delivery Management


ISO 27001 & 20000 audit management Business continuity planning
IT Infrastructure Management Excellent Client Relationship Management
Project Management Liaising & Coordination Management
IT Implementation Methodology ( ITIL ) Teambuilding&Management
IT Consultancy Visionary Leadership
Information System Audits Strategic Planning
PCI, HIPAA, NIST, GLBA and SOX compliance Analytical Ability
Procurement &Negotiation Proactive/Industrious

Security and Risk Management Identity & Access Management.


Asset Security Software Development Security
Communications & Network Security Security Engineering

EXECUTIVE HIGHLIGHTS

Identify weaknesses and potential threats to existing information security usingSECURITY INFORMATION AND
EVENT MANAGEMENT ( SIEM ) like ALIENVAULT, IBM SIEM, E-COP AND ETHICAL KACKING TOOLS LIKE NESSUS,
OPENVAS, ACUNETIX etc.
Knowledge on network and application tools like core impact, Immunity canvas, checkmarx, Burp suite,
Netsparker. Data loss prevention tool Digital guardian, Forcepoint, Tufin orchestration tool for firewall
management, Forensic tools like Forensic toolkit, Atola insight manager, Blackbag MACQUISITION, Privileged
identity management using Arcos, Smokescreen and Cymmetria Mazerunner for cyber deception
Perform continual testing on current systems to determine potential problems or security threats
Prepare reports for internal and external clients detailing the security issues, making recommendations and
identifying solutions
Conduct network security assessments
Provide advice on hacking tools and techniques including advanced malware detection
Formulate an IT security incident response strategy and implement a method of notifying parties
Keep up to date with the latest thinking on secure coding and cyber-security issues
Support the business with a range of compliance requirements
Revise and analyze IT operations and systems, hardware configurations, physical security and operating
procedures across organization
Consult and comply with set controls, standards, policies and procedures while carrying out IT activities
Search technology and reduce risks in every information security segment
Suggest measures to improve IT related procedures, operations, processes and systems throughout organization
Implement penetration testing along with ethical hacking
Suggest and execute IT technologies, strategies and policies to guard customer’s information assets
Implement security risk analysis for current and new systems to find system weaknesses or disclosures.
Page | 2
Recommend solutions for explaining risks and reducing exposure areas.
Prepare security program plans and execute IT controls, processes, audit tools, interfaces and utilities for
authentication.
Perform as chief for audits and security aspects
Support and provide consultancy for audit compliance actions
Implement periodic, on-demand project audits plus vulnerability analysis
Determine compliance through user accounts, application usage, system file and outside scans
Perform independently in team implementing security and privacy engagements
Review client networks and applications
Effectively handled business operations to surpass annual objectives
Achieved stated targets of the organization within stipulated time
Received appreciations/laurels from senior authorities for excellent performance
Effectively and productively analyzed all the tasks undertaken
Instrumental in business development and generation activities

TECHNICAL PROFICIENCY

 IT IMS (INCIDENT, PROBLEM, CHANGE, SERVICE LEVEL, CAPACITY management)


 Facilitate an information security governance structure through the implementation of a hierarchical
governance program, including the formation of an information security steering committee
 Provide regular reporting on the status of the information security program to enterprise risk teams, senior
business leaders as part of a strategic enterprise risk management program, thus supporting business outcomes
 Lead the information security function across the company to ensure consistent and high-quality information
security management in support of the business goals
 Manage the budget for the information security function, monitoring and reporting discrepancies
 Develop and maintain a document framework of continuously up-to-date information security policies,
standards and guidelines. Oversee the approval and publication of these information security policies and
practices
 Security Infrastructure design and deployment Implementation Across products such as Firewall,
 IDS/IPS, NAC & End-Point Security
 ISMS Practice Implementation to achieve ISO 27001:2013 and ISO 2000-1:2011
 Expertise in methods of IT strategy, enterprise architecture and security architecture
 Good knowledge on security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS
mitigation technologies
 Experience in ISO 27001, ITIL and COBIT frameworks
 Knowledge on PCI, HIPAA, NIST, GLBA and SOX compliance assessments
 Experience in Windows, UNIX and Linux operating systems
 Firewall and intrusion detection/prevention protocols
 Secure coding practices, ethical hacking and threat modeling
 Network security architecture development and definition
 Knowledge of third party auditing and cloud risk assessment methodologies
 Strong Project Management Practice
 MS Exchange implementation & migration services
 Microsoft Active Directory planning & implementation services
 Microsoft OS platform migration services
 LANDesk Management Suite & Security Suite implementation

Page | 3
CERTIFICATIONS

CISSP ( Certified Information Systems and Security Professional )


Certified Ethical Hacker ( CEH )
Master HP Accredited Systems Engineer – Network Infrastructure ( MASE )
Checkpoint Certified Security Administrator (CCSA)
Master Dell Certified System Expert (MDCSE DELL) - Enterprise Storage
Master Dell Certified System Expert for EMC (MDCSE EMC) - Enterprise Storage

PROFESSIONAL EXPERIENCE

Allied Digital Services Ltd, Mumbai (Oct’97 –Sep’2010, 2013-2018)


Head – Network and Security Operations

Heading the entire delivery function for global clients aligned to Business Plan. Accountable to lead the team of 100 plus
technical resources (L1/L2/L3/L4), Technical Managers, Account Managers and Head of Departments.

Managing end to end Service Delivery (24 x 7 IT – Remote Infrastructure Management support) for approximately 50
plus global customers spread across in Americas, UK & APAC.

Responsible in Managing:

•Managed Security Services (SOC): Information Security Incident & Event Management, VAPT

•Global Service desk (GSD): Technical Service desk and Helpdesk

•Remote Desktop management services (RDMS): Desktop Patching through LANDesk, Microsoft SCCM and Remote
control

•Managed NOC Services & Support: Infrastructure and Application Management Services

•Transition Process and Project Management: PMO including transition’s & on boarding new clients

•Tools Assessment and deployment: SOC – Ecop SIEM, NOC- Traverse Zyrion, Ticketing tool – ADITaas, RDMS- LANDesk,
Microsoft SCCM

Page | 4
•Process & Quality assurance (ITIL, MIS)

•Identify the challenges in the existing Delivery & initiate Service recovery mechanisms(SIP)

•Review of Contracts and SOW / SLA Management /Compliance

•Customer Service Review and QBR with the customer.

•Ensuring service delivery costs are always kept under control

•Resource Management

•Responsible to meet Net Gross Margin targets.

•Generating more revenue from the existing account by pitching new/additional services to clients.

Major International Exposure: Mouchel Technology Group (UK)

Provide input for the IT section of the company's code of conduct

- Build and nurture external networks consisting of industry peers, ecosystem partners, vendors and other
relevant parties to address common trends, findings, incidents and cybersecurity risks

- Liaise with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that
the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by
these agencies

Create a risk-based process for the assessment and mitigation of any information security risk in the ecosystem
consisting of supply chain partners, vendors, consumers and any other third parties.

Ensure that security is embedded in the project delivery process by providing the appropriate information
security policies, practices and guidelines.

Manage and contain information security incidents and events to protect corporate IT assets, intellectual
property, regulated data and the company's reputation.

- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the
appropriate courses of action

Help the organization track interesting trends on emerging technologies that are relevant to business and take
advantage of such technology trends

Use sophisticated means to track and deliver software on schedule by minimizing risk, tracking dependencies,
proactive planning and efficient communication with the extended teams

Develop and execute a Strategic Plan that incorporates the Information Security Roadmap, resource plan,
policies, processes, procedures, standards as well as security awareness and training. Develop and manage
information security budgets

Manage a Cyber Assurance Practice that includes policies, processes, procedures and technology that addresses
Critical Business Process Identification, Departmental Risk, Sensitive Information, Systems Security Planning,
Page | 5
Systems Configuration Management, Vulnerability Management, Electronic Discovery, as well as Compliance
Management

Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical
controls. Evaluate network threat analysis data and risk assessment results to identify and recommend
appropriate security controls/solutions. Coordinate with departmental IT groups to ensure that Information
Security principles are integrated into the environment as part of the fabric of the organization

IT Infrastructure
Handling entire business operations to surpass annual objectives
Playing a pivotal role in business process design &SolutionIdentification, ProcessVision &Design, Enhancement
Strategy &Transition Strategy
Developing and deploying strategic business objectives
Spearheading Information System Audits focusing on Information Security, Disaster Recovery, Applications
Control and Systems Development initiatives
Negotiating SLA’s for large and medium-size business transformation projects

Systems Administration
Providing expert support in troubleshooting, systems backups, archiving, and disaster recovery, Virtualization
( VMWARE, Hyper-V, SharePoint, EMC and HP storage, Cisco and HP routers and switches, Checkpoint and
Palo Alto firewalls
Handling and resolving issues related to clients in a timely manner
Involved in the installation of Operating System and Application Software under multi-platform environments,
deployment of servers, disk quota management and distributed file systems and network
Responsible for planning and implementing software rollouts, patch management, and OS deployments /
upgrades
Formulating strategies for Disaster Recovery Management
Administering tasks on Citrix XenApp, XenDesktop

Networking
Involved in the administration of WAN
Facilitating in planning and implementation of additions, deletions and major modifications to the supporting
regional infrastructure
Designing and developing LAN / WAN as per organizational requirements
Assessing network / IS security requirements and accordingly implement network security devices / software
like Norton Anti-virus solution and Stinger (at client and server locations)
Performing network audits and maintaining technical documentation
Preparing monthly analysis report for the customer’s network
Supervising Layer2 and Layer3 switches of Brands likeCisco, 3com, Nortel, Enterasys, Cisco Routers and Switches

IT Security
Providing security consultancy & solutions on firewalls: checkpoint, stonegate, Cisco PIX & Linux based products
Ensuring 100% uptime and maintenance of servers for Securities
Responsible for troubleshooting, systems backups, archiving, disaster recovery

Other Responsibilities:
Involved in the recruitment and selection of hundreds of engineers for all projects based on expertise

Page | 6
Directing projects involving Legato Networker, Veritas backup products viz Backupexec for Windows 9.1 and
Netbackup under datacenter environment using SAN media server for shared drives from tape libraries
Implementing Veritas volume manager under Solaris and Windows environment
Installing, configuring, administering and troubleshooting network operating systems like Unix AIX on IBM P-
series servers, (SOLARIS 2.6 - 2.7-2.8-2.9), Win 2000, Linux. Projects involve providing consultancy various
companies, i.e. installing and configuring web servers, Exchange mail servers, apache on Linux and sun web
server
Responsible for the configuration of software RAID on various platforms including Linux

Bytescale Technologies Pvt. Ltd., Mumbai (Oct’2010-Aug’2013)


Head - Technology Operations (Reporting to Managing Director)

Responsible for providing IT support based on ITIL best practices and Information security management
Responsible for designing solutions based on HP networking (MPLS, SWITCHING, ROUTING, WIRELESS)
Responsible for Project Planning& Implementation, Scoping, IT Estimation &Deployment
Involved in Delivery Management for technical deliverables of projects
Responsible for the design, implementation of Enterprise computing products, networking and security
solutions
Handling a team of dedicated Presales & Post Sales Team for HP, EMC servers, storage across regions known as
Core technical team
Providing Consultancy, Understanding the Customer requirements, Designing & Architecting the
Solution preparation & Optimization of BOQ, and Presentation of the Proposed Solution.
Consultancy, Designing, Architecting & Deployment of Datacenter Solution which includes
Environment conditioning, Power conditioning, Civil Construction etc.
Leading the presales team to propose the Best of Breed Solution, keeping in mind the cost effectiveness,
Preparing Approach Paper, Consultancy and Technical Proposals. Also vetting technical Proposals for the
customer.
Providing Customer Presentation on the recommended solution. Outlining the benefits, ROI & TCO
of the solution.
Technical Capability and Project Management Methodology presentation to the customer.
Build team for Project Management and Handling Resource movement & allocation as per required
skill sets.
Coaching, Mentoring team members. Skill Sets upgradation thereby arranging Technical trainings &
sessions from OEM.
Performance Monitoring & Management of Team members, periodic feedback and appraisal.
Handling Presales &Post sales recruitment
Case / system / Process Study. Project planning, scoping, IT estimation & deployment.
Delivery Management for technical deliverables of projects.
Implementing project plans within pre-set budgets and deadlines. Ensure timely execution of project with
Project Completion Certificate Sign-off

Data-Pro Information Technology Ltd, Mumbai (Apr’95 – Oct’97)


Network Engineer (Reported to Manager NOC)
Key Deliverables:
ManagedWAN having NFS as the protocol
Managed and maintained the Mail Server (BSD Unix) to transfer mails
Handled the file system across the NetWare 3.11 network
Facilitated in the enhancement of TCP/IP network possessing twelve nodes across the country connected by 64
KBPS leased lines
Page | 7
Configured Router (RAD) and X.25 line as per the requirement
Provided technical support

PROJECTS HANDLED

#1:
Client: QUANTUM
Location: USA
Duration: 1 months
Environment: Stornext SAN file system
Description: Design SAN file system architecture for the Enterprise storage
Responsibility: Responsible for implementation, project management and training

#1:
Client: PSINET
Location: UK
Duration: 6 months
Team size: 20
Environment: Solaris Admin Tools
Description: Project involved implementation of Sun and Cisco products, design, consultancy and technical
support of Datacenter for OS and storage solutions in London which was at the beginning stage of implementation
having its base in CANADA and U.S. Project
Responsibility: Managed the overall implementation
#2:
Client: BSNL
Locations: Pune and Israel
Duration: 1 year
Team size: 15
Environment: Windows, UNIX, Networking, Information Security
Description: Project was to create unified messaging solution for BSNL
Responsibility: Involved in implementation, project management and training
#3:
Client: Tata Indicom
Location: Malaysia, Mumbai, Delhi, Hyderabad, and Chennai
Duration: 1 year
Team size: 15
Environment: Windows, UNIX, Networking, Information Security
Description: Project was to create unified messaging solution for BSNL
Responsibility: Involved in implementation, project management and training
#4:
Client: VFS (UKVisaApplicationCenter)
Location: Thailand, Sri Lanka, Ghana, Kazakhstan, China, Russia and UAE
Duration: 8 months
Team size: 10
Environment: Windows, Networking, Information Security, IT Infra

Page | 8
Description: Project was to setup IT Infrastructure
Responsibility: Responsible for implementation, project management and tra

SCHOLASTIC CREDENTIALS

BSc - IT , Pursuing MBA - Information Technology

PERSONAL DETAILS

Date of Birth : 10thAugust, 1971


Languages known : English, Hindi, Marathiand Gujarati
Location Preferred : Mumbai
References : Furnished upon request

-------------------------
(Anand Bhatt)

Page | 9