Passport Number: K6494222
Country: India
VISA: B1 VISA for USA.
VISA Validity: till Mar 2022
Applied the security domain knowledge in multiple Third Party Audits, and PCI DSS Assessments.
ISO 27001:2005 Lead Auditor and have done multiple ISO 27001 readiness assessment and implementation for Banking, IT/ITES and Insurance sector
Implemented a framework for Risk Assessment based on ISO 31000 Inormation Security Risk Assessment guidelines.
Performed multiple Vulnerability Assessments and Penetration Testing for Financial, Media, Halthcare and BPO majors.
Helped the PFI (PCI Forensic Investigator) in performing disk imaging on couple of projects
MCSE helped me in conducting various infrastructure assessments and also provided me a knowledge to provide prudent recommendations on closure of observed issues on Microsoft platform.
Knowledge gained from CSOE helped in conducting SOX 404 assessments for multiple financial majors across India.
Payment Card Industry Qualified Security Assessor (PCI QSA) and have conducted numerious PCI DSS assessments for Banks, Merchants and Service Providers
Applied the security domain knowledge in multiple staff augmentation and CISO services projects covering ISO 27001 and PCI DSS Implementation and Sustenance.
Passport Number: K6494222
Country: India
VISA: B1 VISA for USA.
VISA Validity: till Mar 2022
1. Award for Academic Excellence for year 2003-2004 (Guru Nanak Dev Polytechnic)
2. Award for Academic Excellence for year 2004-2005 (Guru Nanak Dev Polytechnic)
3. Awarded with I-to-I (Initiation to Implementation) award at Compare Infobase Pvt Ltd.
4. Awarded with Technical Excellence Award ( January 2009 )
5. Awarded with OVATION Award (January 2013) at Verizon India Pvt Ltd
6. Awarded with OVATION Award (March 2013) at Verizon India Pvt Ltd
A responsible and challenging position in an organization that would utilize my experience, nurture my ambitions and give vent to my inquisitiveness to learn and acquire newer skills. Get opportunities for growth based on achievements and to gain comprehensive understanding of the working of the Organization and to contribute to its overall growth.
Role: Project Manager and Lead Assessor
Responsibilities: To manage and conduct the Gap Assessment for one of the Largest USA Bank across multiple geographies within APAC region.
Role: Project Manager / Lead Consultant
Responsibilities: To implement the practical business operations recovery strategy for a medium sized organization. This is in-line with the compliance and sustenance of ISO/IEC 27001:2005 control.
Role: Project Manager / Lead Consultant
Responsibilities: To provide a project management and implementation support for an organization to achieve and sustain compliance to Payment Card Industry – Data Security Standard (PCI DSS) v2.0.
Role: Project Manager / Lead Consultant
Responsibilities: To provide consultation and project management for implementation and operation management for RSA DLP, RSA enVision and Cisco IronPort Web proxy in a Medium Sized Technical Support organization.
Role: Project Manager / Lead Consultant
Responsibilities: To manage and execute the medium – large sized (100 Web Application, 500 Network Devices) vulnerability assessment and penetration testing project for multiple clients.
Role: Lead Consultant
Responsibilities: To identify, exploit, document and provide recommendations for the identified vulnerabilities in offline and online test bed for Cert-IN empanelment.
Role: Project Management
Description: To provide support and play a CISO role in an organization for strengthening Information Security services, managing compliance to various regulatory and organizational requirements, managing Vulnerability Assessment and Penetration Testing projects, conducting risk assessment, managing and coordinating for external PCI DSS, ITGC and Corporate Audits, to implement ISO 27001 standard and to manage the implementation of Security Operations Center (SOC).
Practice Development & Project Management
PCI DSS
Carried out PCI DSS Gap Assessment and issued Initial Report on Compliance, Final Report on Compliance and Attestation of compliance to:
PCI DSS Gap Assessment for:
Initial Report on Compliance for:
Final Report in Compliance and Attestation of Compliance
ISO 27001 Implmentation & Readiness Assessment
Implemented ISO 27001 for 2 Banking Clients, 2 IT Clients and 1 B.P.Os which included:
Vulnerability Assessment & Penetration Testing
Manual Configuration Review
Performed manual configuration review of the following:
Risk Assessment
Carried multiple risk assessments which includes formulation of Asset Register, Asset Classification, threat and vulnerability identification, likelihood of impact and probability of occurrence, based on Industry best practices such as:
Incident Management Matrix Formulation
Formulated a Incident Management Matrix based on Verizon's VERIS Framework
a. Providing expert level support for Linux Servers, Clusters, Databases and Healthcare Application.
b. Conducting RCA for Servers, Databases and Healthcare IT incidents
a. Managing Datacenter Operations.
b. Directing Administrators on Server Administration.
a. Providing Advisory on Linux and Microsoft infrastructure implementation
b. Conducting awareness sessions on Linux and Microsoft infrastructure implementation
a. Active Directory Management for in-house network
b. Microsoft infrastructure maintenance for in-house network
c. Security Controls (technical) implementation
Post Graduate Diploma in System and Database Administration