Mar 2020 – Feb 2023 · 2 yrs 11 mos · India

Oct 2016 – Feb 2020 · 3 yrs 4 mos · Greater Hyderabad Area

• Security Architecture team:
• Work with key stakeholders from IT and the business to develop secure solutions for both on premise and cloud-based applications and services. Serve as subject matter expert with regard to information security architecture
• Serve as architecture and risk management advisor and partner for business units
• Develop effective regional information security education & awareness campaigns. Policy, Privacy, and Compliance
• Participate in the development of information security policies, standards and guidelines. Reporting and Metrics
• Ensures security program processes and procedures are performing at optimum levels by developing effective reporting metrics.
• Review customer requests for new applications and services to ensure compliance with security architectural standards and best practices.
• Use established frameworks to review the security posture of 3rd party suppliers Site Reviews
• Review physical and technical controls for both Qualcomm facilities, 3rd parties, and suppliers.
• Work with stakeholders, ensure all review findings identified are tracked to resolution.

Aug 2015 – Sep 2016 · 1 yr 1 mo · Greater Hyderabad Area

• Contribution in successful delivery of Information Security Risk assessments related to IT Architecture, Network systems, Software Applications, Vendor’s IT service and solutions and act as a advisory to reduce identified risks.
• Below are some key responsibilities
• Identify scope and assets under review, interview stakeholders and prepare initial and in-depth analysis of applicable threats, vulnerabilities, controls and resulting risk
• Creating risk assessments for raised exception requests
• Analise network infrastructure change requests and raising potential risk issues
• Analysis of IT control environment of vendors providing various IT services
• Assisting IT functional management to identify, assess and document risks to the IT environment
• Interacting with IT Management, Business and Risk Management teams across the organization to discuss risk assessments/risk exposure to ensure accuracy and transparency across all key stakeholders
• Acting as a mentor for junior colleagues. Providing subject matter expertise in IT Risk Management

Aug 2013 – Aug 2015 · 2 yrs · Pune/Pimpri-Chinchwad Area

• Working as Information Security Risk Analyst, my responsibilities involve in identifying scope and assets under review, interview stakeholders and prepare initial and in-depth analysis of applicable threats, vulnerabilities, controls and resulting risk.
• Undertake application security risk assessment as part of development projects identifying areas of information security control weakness.
• Working with project managers and development teams to identify controls to remediate control weakness identified during risk assessment.
• Provide consultancy service to project team and service to business owners to identify appropriate information security controls.

Aug 2011 – Aug 2013 · 2 yrs

• Being a Security Consultant i was engaged in on-time delivery of security solutions to our clients. Primerily perform Web Application and Network devices Penetration Testing. Worked on multiple security engagements at on-site client location. Recieved opportunity to work for clients in banking, telecom, governance domain.

Mar 2011 – May 2011 · 2 mos · Mumbai Metropolitan Region

• Developed a report generating software using Python. The application will ease Administrators in consolidating server logs/files and build reports for Senior Management.