Download PDF


I am progressive, enthusiastic, customer-centric, committed for value delivery professional with over twelve years experience in IT Services and consulting industry, with proven success in developing, managing and advising global enterprise clients on strategy and solutions that minimize risks in an enterprise, caused due to business environment, people, process and technology.

Primary Responsibilities

  • Project management oversight and responsibility for deliverables relating to team performance
  •  Establishing team goals and monitoring workgroup performance on deliverables and operational support activities.
  •  Interfacing collaboratively with other team leads, IS&T and Functional staff to ensure success of projects outside immediate control.
  •  Evaluating and recommending enterprise technologies to achieve and extend organization business goals
  •  Performing personnel, administrative, budgeting/financial, and other duties as assigned
  • Perform risk assessment for new projects to meet business and information security requirements
  • Lead level 1 & 2 incident recoveries and root cause analysis
  • Draft enterprise security standards and guidelines
  • Represents major upgrades and re-configurations in change control
  • Maintain a timely and integrated view of risks, producing risk assessments and developing appropriate mitigation strategies to reduce risks to critical functions
  • Responsible for assessments and audits and preparation for ISO 27001. Ensuring that security policies are aligned to global standards, ISO 27001 requirements and customer contractual terms.
  • Conduct regularly meetings/demonstrations/training with key stakeholders for the purpose of reviewing progress as well as identifying new requirements
  • Develop security standards and best practices for the organization
  • Recommend security enhancements to management
  • Prepare reports that document security breaches and the extent of the damage caused by the breaches
  • Conduct penetration testing, to look for vulnerabilities in the systems before they can be exploited
  • Design & analyze mix of vendor services meeting business and information security requirements
  • Design and implementation of security infrastructure, including IPS (IBM ISS Proventia, Alert Logic), Vulnerability Scanner (Rapid7 Nexpose, nCircle IP360), log management (Splunk), and security assessment systems (HP AMP, Nessus, Snort and ISS Internet Scanner)

Recent Key Achievements

  • Lead and accomplished the strategic IT security projects such as Data Leakage Prevention (DLP) (Digital Guardian), Data Classification (Titus), Vulnerability management (Rapid7 Nexpose)
  • Internal Audits for various business functions e.g. Admin, HR,
    Legal, procurement and IT department, etc. based on ISO 27001 requirements. Lead and successfully facilitated external audits for migration to ISO27001:2013 certification
  • Leading security incident investigations and regularly reporting the security posture status to the management via KPIs
  • Planned and implemented Security Awareness and phishing Campaigns for the organization

Work History

Sep 2004Present

Information Security Consultant

Bechtel Corporation

Information Security Consultant

2002Aug 2004

Senior executive - IT

IBM Global Process Services

Senior IT Consultant



Master of Business Administration (M.B.A.)


Bachelor of Information Technology

May 2009Present

Diploma in Cyber Law


Apr 2016Present

OSSTMM Professional Security Expert (OPSE)

Apr 2015Present

GCIH: GIAC Certified Incident Handler

Global Information Assurance Certification (GIAC)
Oct 2014Present

ISO/IEC 27001:2013 Lead Auditor

British Standards Institution (BSI)
Mar 2011Present

CISA: Certified Information Systems Auditor

Information Systems Audit and Control Association (ISACA)

Six Sigma/Lean

Bechtel Corporation
Dec 2010Present

CCSK: Certificate of Cloud Security Knowledge

Cloud Security Alliance (CSA)