Summary

Sample Engagements: Conceptualized and developed Privacy rationalization requirement framework of US Laws, Contracts and Agreements for clients. Identified and summarized applicable Privacy requirements for clients from various sources. Rationalized Privacy requirements and identified outliers. Served a very large financial services client in a Data Protection Assessment engagement. The work involved identification of Data Protection Solutions and associated technology capabilities, review of client’s current inventory of Data Protection related solutions, creation of an assessment framework, performing gap analysis and development of remediation recommendations. Conducted interview of client to prioritize its business process for information security assessment purpose. Developed questionnaire and an assessment engine for client to assess their information security system. Conducted interview and generated risk ranking of client indicating the pain areas. Conducted Penetration test at the internal hosts and a financial web application. Succeeded in identifying vulnerabilities. Prepared a detailed report including severity classification, approach and mitigation methods. The engagement involved use of various vulnerability Scanning tools. Conducted interview of client to prioritize its business process for data protection and privacy assessment purpose. Conducted interview of client to analyze the flow of data/information within the process. Developed Visio diagram of client indicating the gaps and privacy requirement. Analyzed client’s Standards & Policies with which all vendors need to abide by, and reviewed the technical and security due diligence reports and questionnaire filled by the vendor. Conducted interview of client to prioritize its business process for BIA purpose. Conducted interview of client to analyze its BCP system. Generated BIA report indicating the risk areas and recommendation for BCP.

Work History

Work History
Apr 2008 - Present

Risk Consultant

Deloitte US
Jan 2006 - Jun 2006

Network Engineer

Ramco Systems

Education

Education
2008 - 2008

ISO27001 LI

BSI
2006 - 2008

MS

Indian Institute of Information Technology
2001 - 2005

BE

Barkatullah Vishwavidyalaya