Download PDF

Summary

I am progressive, enthusiastic, customer-centric, committed for value delivery professional with over twelve years experience in IT Services and consulting industry, with proven success in developing, managing and advising global enterprise clients on strategy and solutions that minimize risks in an enterprise, caused due to business environment, people, process and technology.

Primary Responsibilities

  • Perform technical planning, system integration, verification and validation, cost and risk, and effectiveness analyses for security systems
  • Performing risk analysis of potential business options and providing consultation to the business on innovative options for risk mitigation
  • Develop security compliance processes for external services (e.g. cloud service providers, data centers)
  • Capture project objectives and develops support strategies that map to IAM service offering
  • Maintaining and advancing use cases for collaborative network environments (e.g. Innovation Centers) in support of rapid solution evaluation
  • Reviewing cloud, on-prem and hybrid security architectures and developing innovative design strategies geared toward maximizing the available solution space while maintaining Bechtel security standards
  • Working with Vendor Management, Procurement, and Legal on contractual requirements; recommend contract revisions, and recommendations to protect Bechtel's interests
  • Presenting situations in terms of the security risks and educating peers and management so they can make informed business decisions based on a risk management methodology
  • Developing, populating, and tracking performance metrics and providing analysis reports
  • Provides security subject matter expertise and consultation to customers on network security solutions including architecture, design, documentation and policies
  • Leading security reviews and providing consultation and approval for changes to network, infrastructure and connectivity solutions through the Change Management process
  • Working with various groups to solve IS&T and business problems with available technology
  • Providing excellent customer service to stakeholders including routine interactions/communication with customers, vendors and another support staff
  • Function as a technical mentor within the team and to other employees while fostering a team environment
  • Keeping informed of issues and changes in the information security industry including new technology and processes for managing change
  • Assisting with the audit processes and reviews as needed
  • Develop, pilot, and test secure implementation plans for new technology solutions, including but not limited to those encompassing IoT (Internet of Things), job-site connectivity and other emerging technologies
  • Travel to various job sites and offices as needed to perform risk assessment for projects to meet business and information security requirements
  • Assessments and audits and preparation for ISO 27001. Ensuring that security policies are aligned to global standards, ISO 27001 requirements and customer contractual terms

Recent Key Achievements

  • Implementation of the strategic IT security projects such as Data Leakage Prevention (DLP), Data Classification, Vulnerability Risk Management System
  • Development of Cloud risk assessment framework for hybrid cloud implementation
  • Internal Audits for various offices across the globe and various business functions based on ISO 27001 requirements
  • Lead and successfully facilitated for migration to ISO27001:2013 certification
  • Leading security incident investigations and regularly reporting the security posture status to the management via relevant KPIs
  • Planned and implemented Security Awareness and phishing Campaigns for the organization
  • Implemented the Vulnerability Risk Management system across enterprise.

Work History

Sep 2004Present

Information Security Consultant

Bechtel Corporation

Information Security Consultant

2002Aug 2004

Senior executive - IT

IBM Global Process Services

Senior IT Consultant

Education

20092011

Master of Business Administration (M.B.A.)

20002002

Bachelor of Information Technology

May 2009Present

Diploma in Cyber Law

Certifications

Apr 2016Present

OSSTMM Professional Security Expert (OPSE)

ISECOM
Apr 2015Present

GCIH: GIAC Certified Incident Handler

Global Information Assurance Certification (GIAC)
Oct 2014Present

ISO/IEC 27001:2013 Lead Auditor

British Standards Institution (BSI)
Mar 2011Present

CISA: Certified Information Systems Auditor

Information Systems Audit and Control Association (ISACA)
2010Present

Six Sigma/Lean

Bechtel Corporation
Dec 2010Present

CCSK: Certificate of Cloud Security Knowledge

Cloud Security Alliance (CSA)