Sep 2021 – Apr 2022 · 7 mos · Hyderabad, Telangana, India · Remote

• Measure and analyze cyber security posture across the organization and recommend improvements and solutions to current cyber security issues and risks.
• Support identifying the scope of the Governance processes, drafting and validating business cases, conducting business analysis, leading the gathering process of business requirements.
• Identify and communicate findings in a clear, logical, and concise manner
• Assist in GRC (Governance Risk and compliance) related initiatives within the firm.
• Provide support in evaluation of security tools for the firm.
• Coordinates the implementation of cyber security solutions (new/modifications) to reduce risk while enabling business efficiency and productivity
• Assist in development, implementation, maintenance and enforcement of policies, processes and procedures associated with cyber security
• Assists in development and management of end point security, including hardening, tools, and procedures
• Writes situational analysis for high-risk threats and suggests appropriate courses of action for remediation
• Assists in the development and refinement of patch and vulnerability management processes and solutions
• Assists in the development and refinement of incident response procedures and documentation
• Assists in coordinating cyber security incident response across the enterprise
• Assist various teams in capturing and refining information protection requirements, integrating those requirements into system designs and ensuring program compliance
• Assist in planning and engagement efforts for organizational physical security evaluations, and floor architecture reviews.
• Provide support for contract review for customer engagement from an Infosec perspective.
• Provide support for periodic Awareness to internal employees.

Dec 2019 – Oct 2021 · 1 yr 10 mos · Bangalore Urban, Karnataka, India

Dec 2019 – Sep 2021 · 1 yr 9 mos

• Designate as Security DRI with overall responsibility of information security compliance and Governance.
• Coordinate with client security manager on regular basis, provide monthly/weekly reports and ensure compliance
• Preparation of various reports and submission to client as well as top management of Concentrix.
• Conduction of internal audits according to ISO 27001and other security standards to maintain compliance.
• Implementation of global security directives and guidelines.
• Manage security incidents and investigations in accordance with the Information Security.
• Conduction of activities like VA, DLP logs review, Netskope logs review and VPN logs review. In addition, ensure closure of observations and VA gaps in timely manner.
• Preparing multiple weekly/monthly MIS reports, Graphical presentations that shows the Service Improvement trends to management.
• Security DRI shall ensure any employees having logical and physical access to Confidential and sensitive information shall have criminal background verification completed successfully prior to having access.
• Investigate any incident or potential breach of security and any theft, loss, manipulation or disclosure of Confidential or Sensitive Information, digital or physical.

Feb 2016 – Dec 2019 · 3 yrs 10 mos

• Experience in performing, Vulnerability Assessment and Auditing (Internal & External).
• Experience in working with a leading product company.
• Handling various technical aspects like project documentation, report preparation, security metrics and reviewing the documents.
• Expertise in Minimum Security Baseline Standard (MSB) development for different platforms and servers.
• Track open vulnerabilities with stakeholders and drive closure.
• Prepare security approaches and effort estimates based on client’s security testing requirements.
• Performing Application Security for various applications using Burp Suite
• Design and implement GDPR along with stakeholders.
• Experienced in handling customer and client queries and project demonstrations.
• Experience in managing a critical application from the start till the end and ensure in its completion in strict timelines.
• Supported & administrated security of intranet systems and networks.
• Participated in understanding of security practices and standards
• Developed training programs and trained ethical hackers internally.
• Examine current dynamic scanning practices and identify key risks, then execute programs to address them.
• Take ownership of assessment from start to finish. Ensure that assessments are executed on-time, within defined scope.