Aug 2021 – Jul 2023 · 1 yr 11 mos · Noida, Uttar Pradesh, India · Remote

• Icertis provides the leading enterprise contract management platform in the cloud, helps companies unlock the full business value of their contracts to increase revenue, reduce cost, accelerate cash flow and minimize risk. The adaptable, AI-infused Icertis Contract Management (ICM) platform quickly turns contracts from static documents into strategic assets. Icertis, the analyst-validated industry leader, is used by innovative companies like Airbus, BASF, Cognizant, Daimler, Johnson & Johnson, Microsoft and Sanofi across 90+ countries to manage 7.5 million contracts governing more than $1 trillion.
• I am responsible for defining and managing Information security across Icertis.
• Primary responsibilities include to oversee the safety and integrity of data as well as that of our customers.
• Review and refine data and network security processes, development methodologies and ICM platform security.
• Working with Icertis IT, Operations, HR and Customer Success and ensuring that security processes are the best in the business and are regularly updated.
• Working with the security consultants to audit and improve overall organizational security.
• Fostering the security culture within the organization and help keep the leadership team informed and educated on our security levels.
• Working closely with customers, IT and Operations to manage security incidents and the security incident & response process
• Performing security research into new tools and techniques.

Jan 2018 – Jul 2021 · 3 yrs 6 mos

• S&P Global Inc. is an American publicly traded corporation headquartered in Manhattan, New York City. Its primary areas of business are financial information and analytics.
• My responsibilities included-
• Manage information security teams, managing their workload and prioritising as required to deliver efficient services.
• Build strong partnerships across all the functions represented in the region(development, testing, data operations etc.) to incorporate security requirements at the design/concept stage.
• Partner with risk, compliance, HR and legal teams on matters relating to Information Security.
• Collaborating with Product Managers, Platform Leads, and Information Technology teams, to architect and design cloud security solutions. Solid understanding of cloud security services such as AWS Identity and Access Management, Cloud formation, VPCs, etc.
• Work as part of the global AWS Security team responsible to ensure AWS and our customer facing security services are executing to the highest standards, thus maintaining and enhancing customer trust and our ability to deliver the best security service in the world.
• Partner with AWS business owners to define and develop enterprise protection solutions. Communicating with executive management on project status, risks, and mitigation and our engineering and product management teams.
• Developing and executing strategies to increase Cloud Security knowledge throughout the enterprise, as well as developing and mentoring more-junior security analysts and engineers.
• Participating in key management meetings to further the security requirements and culture transformation to have security ‘Built in Design ’.
• Leading training and technical forums, serving both as formal and informal mentor, and executing other initiatives designed to share knowledge across Security Platforms and/or Technology teams.

Dec 2014 – Jan 2018 · 3 yrs 1 mo

• My responsibilities included-
• Manage information security teams, managing their workload and prioritising as required to deliver efficient services.
• Produce high quality reports surrounding the security functions, KPI’s & KRIs for senior management.
• Manage projects to deploy Information Security systems to help control/audit and enforce the Information Security Policies.
• Managing threats and mitigation, DoS/DDoS prevention and response, Incident response, Disaster Recovery implementation, File integrity monitoring, Multi-factor authentication, Encryption Security metrics reporting & dashboards.
• Supervising managed security service providers and security operations centres, Responding to audit requests for information.

Jan 2010 – Aug 2014 · 4 yrs 7 mos · Noida Area, India

• Adobe is the global leader in digital marketing and digital media solutions. Adobe tools and services allow their customers to create ground breaking digital content, deploy it across media and devices, measure and optimize it over time and achieve greater business success. Adobe helps its customers make, manage, measure and monetize their content across every channel and screen.
• My responsibilities at Adobe Included-
• ■ IT Security Infrastructure Management
• ■ Vulnerability Management
• ■ Data Security
• ■ Service Delivery Operations
• ■ Network Management
• ■ People Management
• ■ Vendor Management
• ■ Business Development
• ■ Solutions Management
• ■ Project Management
• ■ Innovation & Competencies Management
• ■ Client Relationship Management
• Responsible for managing global security teams, execution of all security initiatives, incident management and liaison with legal and HR.
• Developing explicit understanding within the organization of Information Management & Information Security needs, requirements and opportunities.
• Leading the team performing network vulnerability assessments, review findings, and implement solutions including policy remediation and selection and implementation of countermeasures and security safeguards.
• Performing remote security consulting including penetration testing, application testing, web application security assessment, onsite internet security assessment, social engineering, wireless assessment, and IDS/IPS hardware deployment.
• Developing information security strategies to assist with future need; managing global security technology resources of the company; planning, organizing and managing enterprise security functions.
• Providing senior management a view of major operational risks facing the business and advise on risk appetite.

Jun 2000 – Jan 2010 · 9 yrs 7 mos · Noida Area, India

• Cadence is a leading provider of EDA and semiconductor IP. Cadence custom/analog tools help engineers design the transistors, standard cells, and IP blocks that make up SoCs. Cadence digital tools automate the design and verification of giga-scale, giga-hertz SoCs at the latest semiconductor processing nodes.
• My responsibilities at Cadence Included-
• Overseeing implementation of information security technologies, processes, methodologies, risk management models, and policy / procedures. Involved in Security - Information and Technical - Architectural, Engineering, and Management disciplines. Developing Security Processes and Procedures as per standards and best practices; ensuring compliance to information security policies.
• IT Infrastructure
• Ensuring application of & compliance with the company's policies in administration of IT Infrastructure / Facilities after review of new hardware and accessories. Assessing IT requirements of the organisation in terms of software, hardware and other peripherals / products, and handle procurement of the same.
• Service Delivery Operations
• Heading service delivery functions, to ensure end-to-end ownership of incidents and service requests. Meeting deadlines and Turn Around Time without compromising quality norms and adhering to SLA.
• Project Management
• Planning project activities viz. scoping, estimation, budget planning, tracking, change management, delivery management and post implementation support. Implementing project plans within preset budgets and deadlines.
• Network Management
• Managing the overall administration of LAN & WAN systems involving design of network layouts, configuration and maintenance of application servers and databases. Overseeing installation of IT Assets, Routers/Switches/Modems,
• People Management
• Providing direction, motivation & training to the IT / Information Security personnel for ensuring optimum performance and enhancing their professional and soft skills.

Jan 1999 – Jun 2000 · 1 yr 5 mos

• Key Deliverables:
• Functioning as a Specialist in System Integration (Networking and Security Division); implementing ISP including installation & configuration of routers, switches, RAS, firewalls, Linux/Unix, Netscape Suitespot, etc.
• Managing entire gamut of tasks involved in execution of various networking projects in Govt. Sectors like ONGC, GAIL, NTPC, etc.