Nov 2021 – Oct 2024 · 2 yrs 11 mos · India

May 2019 – Nov 2021 · 2 yrs 6 mos · Greater Delhi Area · On-site

Sep 2016 – May 2019 · 2 yrs 8 mos · Gurgaon, India

• Manager Information Security
• Manage PCI DSS and ISO 27001 certificate for Genpact Global Compliance.

May 2015 – Aug 2016 · 1 yr 3 mos · Gurgaon, India

• Assistant Manager Information Security and Business Continuity.

Mar 2015 – May 2015 · 2 mos

Feb 2013 – Mar 2015 · 2 yrs 1 mo

• Based out of Manila Philippines, I am part of International Compliance Team. I am responsible for managing Information Security for South East Asia Offices of FIS Global.
• Also working as Information Security Officer (ISO) for Manila office. Responsible for:
• 1. Compliance Maintenance for all the processes services out of the location.
• 2. ISO 27001, PCI DSS certification implementation and maintenance for the location.
• 3. Facing Client assessment w.r.t. information Security.
• 4. Day to day compliance activity.

Nov 2012 – Jan 2013 · 2 mos

• Joined International Compliance Team of FIS Global India.
• Responsibilities:
• Manage International Compliance Projects.

Apr 2011 – Nov 2012 · 1 yr 7 mos

• Working as Information Security Engineer at FIS Global, Gurgaon, as the part of Security Testing Team (STT) for India and Philippines. Responsible for Vulnerability Assessment, Penetration Testing and Consulting requirements for different compliance such as PCI, ISO 27001,etc. for FIS.
• I was the first member of the India STT, and worked through to establish Security Testing Team(STT) in India.
• Job Description Includes:
• Quarterly Vulnerability Scanning for PCI Compliance(internal & External) for all devices in scope for PCI all over the world(for FIS).
• Annual Penetration Testing for PCI Compliance.
• Any other VA and PT Work need to be conducted.
• Network Security Audit
• Tools Uses:
• 1. Qualys Guard
• 2. Qualys PCI Merchant
• 3. Foundstone.
• 4. Nessus
• 5. Nmap
• 6. Metasploite
• 7. BackTrack, etc.

May 2010 – Mar 2011 · 10 mos

• Worked as a Pre-Sales Executive at TvsNet Technologies Ltd. Gurgaon. Responsible for Consulting and Designing solutions for the clients in the domain of Data Networking and Security(Switches, Routers, Firewall, Survillance, Access Control System, etc) from the OEMs like HP(H3C & 3COM), Juniper, Avaya(Nortel), Cisco, etc.
• Job Description Includes:
• Meeting the clients.
• Understand their network and deployment.
• Understand their pain areas in their network.
• Consult for the better option they can opt for or
• Design the best solution possible to help them perform at their best.

May 2009 – Jun 2009 · 1 mo

• I have done my summer internship at iSec Services Pvt. Ltd., Mumbai. As an intern i worked on Data forensics, Copyright Violation Evidence collection. For my final project i was given a project from CERT India, in which i have to do a Vulnerability Assessment and Penetration Testing for a Web Server and a Mail Server. The Web Server which we were given was running on Windows 2003 machine and was hosted using IIS 6.0, and the Mail Server was running on Red Hat Linux. We used some tools for the Vulnerability Assessment such as Nmap, Nessus, Acunetix. For the Penetration Testing we were give two tasks in which we had to bypass the authentication and create a file on the Web Server. For this we used Metasploit Framework.
• for any querry feel free to contact me @ kapilmishra06@gmail.com