Jul 2023 – Sep 2023 · 2 mos · Doha, Qatar · On-site

• ✔Leaded the Vulnerability Assessment, Penetration Testing & Patch Management Program by team of VAPT experts, through tools like Nessus, NMAP Zen Map, Burp Suits, Kali Linux, Nipper for Network, Servers, End Point Systems, WAPT in support of the functional & Hamad Hospital Subsidiary PHCC’s strategy, goals, and performance objectives. Reviewing of IAM and PAM access review, Review and Validate each user's access, compile Access Lists of users, their assigned roles and the systems or applications they have access to.
• ✔Reviewed Information Security Operational policies and procedures documents and conducting IT Audit for full IT Security audit with evidence gathering with a focus on Hamad Medical Healthcare related challenges.
• ✔Interfaced with senior leadership on vulnerability remediation, driving security hardening best practices, and representing the Vulnerability and Patch Management team.
• ✔Reviewed Security Architecture design including VMware virtual architecture review and assessed gaps and controls to determine the design flaws/weakness and to accessing the implemented architecture against industry’s standard and best practices.
• ✔Report preparation for VAPT assessment for Critical, Medium, High, Low risks and remediation measures.

May 2021 – Apr 2023 · 1 yr 11 mos · India · On-site

• ✔Worked as Freelancer for IT Security, IT Risk and GRC services. Managing Cyber Security and IT Risk management for Banking, Telecom, Oil and Gas sector. Working on BIA/LRA, and Risk assessment for Application and Infrastructure environment. Working on gap assessment and implementation of IT Security controls.

Mar 2020 – Mar 2021 · 1 yr · Saudi Arabia · On-site

• ✔Working on Governance Risk and Compliance for Banking environment. Managing an organization’s governance, enterprise risk management and compliance against standards and frameworks like ISO 27001, SAMA, NCA, CMA.
• ✔Working on Information Security Risk Assessment to identify the risk associated with the existing Infrastructure and providing recommendations to maximize the protection of confidentiality, Integrity and Availability.
• ✔Reviewing, developing, or evaluating information security policies through IT Audit and recommending the gaps and changes to be developed in the organizations policy and procedures.
• Reviewing Security Architecture design to determine the design flaws/weakness and to accessing the implemented architecture against industry’s standard and best practices.
• ✔Designed a self-assessment CMMI maturity tool for banking clients for SAMA. NCA and CMA regulations and compliances.

Jan 2015 – Dec 2019 · 4 yrs 11 mos · Qatar

• ✔Managed Airlines, Airport IT Infrastructure Operations systems comprises of IT Systems/Change Mgmt. Operation / ITIL Process / IT Security & Process Improvement.
• ✔Looked after Airport Security Systems changes including Access Control System (ACS) ,Video Surveillance System (VSS) for CCTV includes (commission/decommission).
• ✔Established IT Service Desk for handling Incident occurs at Airport on 24/7 basis.
• ✔Managed day to day activities of datacenter, managing IT changes which are raised by Vendors for carrying out activities like hardware replacement like UPS, Cable and IT equipment.
• ✔Deal with different IT Vendors for services at Airport and negotiating SLA.
• ✔Managing the quality of IT changes being made to the production systems impacting end user.
• ✔Chaired the Change Advisory Board (CAB) and Emergency Change Advisory Board (ECAB) meetings.
• ✔Worked on defining metrics & KPIs for measuring Service delivery quality and Project performance level which helps in improving IT operations.
• ✔Used Netka Systems/HPSM as ITSM tool for handling ITIL processes, worked on setup of Configuration Management system for Airport IT.
• ✔Performed ISO 20000 Gap Assessment / Audited and Implemented ISO 20000 Standard at Qatar International Airport IT Department.
• ✔Worked on Information Security activities like reviewing and coordinating activities for Microsoft OS Security vulnerability patches for workstations and Servers.
• ✔Analyzed IT Security impact of any change deploying in the Airport IT infrastructure production environment.
• ✔Worked on IT Security Risk Mgmt. involves identifying, assessing, treating risks to confidentiality, integrity, availability of assets. Managing Security governance through applying Security principles via Change control management, activities involves installation of OS Security patches (test patches to be done).
• ✔Worked on documentation /Implementation Security policies, standards, procedures, guidelines throughout the organization.

Jul 2013 – Dec 2014 · 1 yr 5 mos · Saudi Arabia and UAE

• ✔Worked as IT Manager for Home Ministry National Information Centre, MOI and UAE Bank.
• ✔Supported ICT (Infrastructure Communication Technology) processes like Access, Event, Request Fulfilment, and Service Desk and coordinating lifecycle management for Infrastructure Services.
• ✔Working on several service desk quality metrics to improve performance of service desk agent and team.
• ✔Managing Different IT Teams like Service Desk, Command Centre, windows Team, Messaging Team.
• ✔Worked for availability management process for MOI NIC for enhancing the availability of the services by planning long term service availability, measuring, and monitoring service availability, and formulating service availability design criteria that meet requirements. Also, responsible for planning, improving, and reporting the availability of IT services and IT infrastructure components to meet the availability level.
• ✔Designed ITIL/ITSM Process documents like Process Flows and Policy Procedure Manuals for different processes like Incident, Change, Configuration, Availability, IT Service Continuity, and IT Security Management, Business relation management and Supplier management for UAE Bank.
• ✔Worked on ISO 20000 assessment in Correspondence to ISO 20000 clauses. ITSM – ISO 20000 Recommendation Plan, Roles & Responsibility, Resourcing, Process flows, Review Criteria, report Design document, RACI Metric, Process Policy document, and Work Instructions.
• ✔Documented policies & procedures meeting the regulatory compliance and risk management requirements.
• ✔Managed 3rd party/sub-contractors as part of the GRC delivery engagement.
• ✔Performed Gap analysis of processes and indicative process maturity based upon the capability maturity model (CMMI), i.e. Initiation, Awareness, Control, Integration, and Optimization.

Jul 2011 – Jun 2013 · 1 yr 11 mos · Pune/Pimpri-Chinchwad Area

• ✔ITIL Project Manager for Retail Manufacturing Giant Procter & Gamble USA
• ✔Provided consulting advice for the large IT Set-ups to design, manage their IT Services. Involves consulting projects on IT Service Management (ITIL & ISO20000), Information Security ISO 27001,Risk Management, BC/DR
• ✔Operational standards, guidelines & implement Change/Release Mgmt. processes that achieve sustainable performance improvements for P&G IT including improved time of recovery
• ✔Driven root cause identification with problem manager & resolution in an efficient manner as per the fined Problem Management Process. Worked with P&G Global Change Management team & also participated in CAB
• ✔Worked for PPM (Policy Procedure and Manual) for different ITIL Processes. Coordinate and architect the process design in ITSM process models. Designed SOW (Statement of Work) for client for different services. Maintained P&G Application Availability Plan which prioritized and planed IT availability improvements & update the SLA timely
• ✔Partner with Process Owners and managers to understand customer needs and requirements in the design and implementation of ITSM processes.
• ✔Worked for making security policies & procedures for IT Infrastructure as per ISO 27001
• ✔Defined Security Controls SOA (Statement of Applicability) within IT Infrastructure.
• ✔Designed and implement RACI (Responsible, Accountable, Consulted, and Informed) Matrix for support teams
• ✔Worked with crisis management team and develop crisis management plan.
• ✔Risk Assessment and GAP Analysis: Involved in performing the RA for Project.
• ✔Ensured good governance of the regular SLA and OLA meetings by attending meetings and keeping minutes
• ✔Designed process for Business continuity management for manufacturing domain, also working with crisis mgmt. team for Disaster Recovery for Data Centre.
• ✔Worked on ISO 9001 Quality Management System, Internal Audits, Management Reporting

Oct 2010 – Jul 2011 · 9 mos · Pune/Pimpri-Chinchwad Area · On-site

• Project: TELECOM, AT&T
• ✔Experience with Global Clients-UK, US, AUS, Europe and Asia pacific Region.
• ✔Developed and deliver IT Service Management solution based on ITIL best practices that focused on the people, process and technology perspectives of providing business solutions within the IT Infrastructure. These solutions were successfully delivered within the budget and on time to several vendors.
• ✔Responsible for defining team member roles and expectations, and ensuring timely feedback.
• ✔Responsible for ensuring that project resources receive any necessary training and are used effectively.
• ✔Designed ITIL processes based on the client's maturity level with each of the ITIL process (Incident Management, Change Management, Service Request Management, Release Management, Capacity Management, Configuration management etc.).
• ✔Develop Policies and Procedures Manuals, Desk Level Procedures, and Custom Workflows for the Life Cycle Management (LCM) teams.
• ✔Worked with transition team for Project implementation and hiring processes and people management. Providing assistance to teams like Packaging, EUC, Service Desk, Help desk, Command Centre for better improvement work. Managed Vendor coordination for different products.
• ✔Developed Interface Agreements for work centres and Managed Third Party (MTP) vendors.
• ✔Instrumental in embedding the full business continuity life cycle in correspondence with ISO 25999 standard into the organization by business impact analysis, risk management, developing business continuity and local recovery plans.
• ✔Conducted business impact and risk analysis, identification of critical business processes, analyzing and documenting related level of risk.

Mar 2009 – Oct 2010 · 1 yr 7 mos · Noida, Uttar Pradesh, India

• ✔Experience with Global Clients-UK, US, AUS, Europe and APAC (Asia pacific Region). Managed IT IS for 35 countries and 65 RDA office locations.
• ✔Responsible for determining the project approach, staffing, responsibilities, and schedule.
• ✔Worked for EUC (End User Computing) services like Service Desk, Helpdesk, Command Centre, and Application Packaging etc. Responsible for ensuring that project resources receive any necessary training and are used effectively.
• ✔Initiated project planning activities such as Scope definition and management, STAKEHOLDER identification and MATRIX HUMAN RESOURSE MANAGEMENT.
• ✔Worked for ITIL Process Designing area of Incident, Problem, Change, Release, Configuration management and service desk and ITIL service delivery area of service Level Management, Availability, Capacity, Financial, Security Process and IT Service Continuity Management.
• ✔Developed implemented and reported Business Continuity exercises on 10 locations for Readers Digest associations IT Infrastructure for Storage and backup solutions.
• ✔Worked for consulting around data protection solutions for multinational clients using ISO 27001 standards, fort alignment of information service and Business Strategy.
• ✔Ensured Continuous Service Improvement Management (CSI) in delivering resolution and restoration of service of IT Services with SLA.

Mar 2008 – Oct 2008 · 7 mos · Gurgaon, India

• ✔Managed firms like AT & T, Verizon and other to sell Network monitoring tools and preparing sales report.
• ✔Worked for Analyzing Application and System logs on daily basis to prevent any failure.
• ✔Analyzed and troubleshooted issues by remotely accessing customer’s servers.
• ✔Pre-release follow up with client addressing issues are going to be fixed in release, fixing time
• ✔Generated monthly tickets closure reports through Sales Force CRM tool.
• ✔Researched, analyzed and providing solutions on the tickets opened by customers using Sales Force (CRM tool).Participate in coordinating activities related to implementing new or revised services, hardware, or software systems.