Experience

• 

  Madavan inc

  Apr 2004 - Sept 2006

  Service engineer

  Servicing of the machines and Maintenance Part also

• 

  Aqa quality management systems pvt. ltd. - india

  Jan 2009 - Jan 2011

  Assistant manager - projects

  Handled information security &QMS consulting and training projects. • Managed Problem Management, Incident Management, Change Management, Business Continuity and Disaster Recovery Management and Knowledge Management processes• Implemented Information Security policy at different organization• Established, managed and implemented high level QMS polices at different organizations • Developed a comprehensive Information Security Audit training project• Successfully executed Information Security consulting and training projects• Managed and acted as a SPOC for all Information Security and QMS Consulting projects• Provided R&D, content and assessment materials for Information Security training projects• Worked as a team member for an Information Security policy implementation project (including BIA)• Responsible for managing communications of Information security project clients• Accountable for meeting SLAs and deadlines• Managed SDLC processes• Performed Project Feasibility Analysis and Post Implementation Review (PIR)• Prepared project proposals, quotes and invoices Show less

• 

  Image india

  Aug 2011 - Aug 2012

  Design engineer

  Design of medical equipment's & implementation of ISO 13485

• 

  Free lance

  Apr 2012 - Feb 2013

  Worked as a free lance management consultant

  IMPLEMENTATION OF QUALITY MANAGEMENT SYSTEMS, ISMS , EMS , OSHAS , SA 8000, e.t.c

• 

  Sbl

  Feb 2013 - Sept 2015

  Project lead - quality assurance

   Implements & review ISMS & QMS Policies & Procedures for the Organization as per standardDesign & Implementation of ISO 27001 Performing Gap assessment of the SBL documents and controls from ISO 27001:2005 to ISO 27001:2013- Formulation of ISMS Manual, Policy and Procedures- Asset identification and classification- Formulation of Statement of Applicability- Designing Risk Management framework- To conduct a Risk Assessment for Facility, Manpower, IT and Third Parties- Conduct Internal Audit and Management Review Meeting- Conducting information security trainings- Assisting in Certification Audit and Closure of findings ISO 27001 & 9001 Audits by TUV-Sud, Audit pre-assessment, document preparation, Audit planning and support, report creating and follow up until closure of NC’s / observations. Conduct Internal Audit for QMS& ISMS as per standard ISO 9001:2008 & 27001:2013 ISO 27001:2013 Implementation for all SBL locations.  ISMS Process improvement by doing Employee awareness and communication through ISMS awareness training on monthly basis, E learning Modules. Induction Trainings on behalf of compliance team for Information Security, Exception & Incident management, Quality management. Monthly review with management which includes Information Security measures in place, Incidents and Exceptions, Challenges Involved in the implementation of Business Continuity- ISO 22301:2012, prepared BCP, RA Documents as per requirement, Conducted tabletop exercise Risk Assessment for asset classification and control, Third Party Involvement, compliance, System Development and maintenance, Physical and environmental security on internal projects Handle the ISMS & QMS presentation for new client visit Show less

• 

  Unitedhealth group

  Sept 2015 - Mar 2016

  Information security analyst

  • Initiate, perform and coordinate supplier (also known as Second party) audits / risk assessments• Review vendor policies, procedures and other documentation for assessing security risks• Review risk assessment reports• Review HIPAA assessment reports• Review Vulnerability Assessment and Penetration Testing reports• Review ISO 27001, HITRUST, SOC2, PCIDSS compliance audit reports• Review Incident Response Plans, Business Continuity Plans, Disaster Recovery Plans and BC/DR test reports• Participate in internal events promoting Security Awareness Show less

• 

  Alphaserve technologies®, an eci company

  Aug 2016 - May 2017

  I.t.security consultant

  • Developing and implementing policies, standards, and procedures for organizations and creating well-written reports based on industry best standards.• Promote the Security portfolio of governance, risk and compliance services• Collect and determine information/data from appropriate sources to assist in determining customer needs and requirements• Oversee the deployment, integration and initial configuration of security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security• Assess processes in an end-to-end manner and drive testing efforts across multiple groups/operations Show less

• 

  Tech mahindra

  May 2017 - Jul 2018

  Security consultant

  • Consultancy support for the ESRM project• Completed one BCP/DR project planning and implementation• To perform supplier risk assessment process • Conduct Tabletop exercises • Access review for the user applications • Review vendor policies, procedures, and other documentation for assessing security risks• Develop security documents and posters according to the client requirement

• 

  Accenture

  Jul 2018 - now

  • HITRUST implementation support • Security officer role in various projects • Access review for the user applications • Review vendor policies, procedures and other documentation for assessing security risks• Develop security documents and posters according to the client requirement • Client data protection delivery

  • Security Delivery Associate Manager

    Dec 2022 - now

  • Security Delivery Team Lead

    Jul 2018 - now