Varun Grover

Experience

• 

  IBM

  Jan 2006 - Jan 2022

  • 15 Years’ experience in IT Infrastructure environment managing end to end service from version scoping, Insider Risk, Threat analysis, cloud security and solution implementation.• Broad-based expertise in Cybersecurity including Cloud Security (AWS/GCP), Application & Container Security, Data Protection, Vulnerability Management, Security Testing (PT&VA), Privileged Identity Management, Advanced Threat Management & SIEM/SOC, HSM and DAM ZERO TRUST solutions along with OWASP, GRC (RSA Archer), Splunk, Sentinels. • Managed part in data center with their internal audit readiness.• ISMS Implementer (PDCA) as per ISO standards. • Private/Hybrid cloud security (BareMetal security implementation NIST SP- 1800-19) • Delivered large special projects to revamp existing (AS-IS) infrastructure to match the competitive market• Coordinated with clients for audit readiness & compliance to contractual requirements, IBM & client security documents (such as ITCS104, GSD331, ISeC), global process documents, & security self-assessment workbooks with a focus on process control points, execution of primary controls, artifact creation & retention• Executed user account management secure activities performed vulnerability assessment, penetration testing, & application security testing • Reviewed functional architecture of regional products complying with firms’ global business strategy• Monitored SOC for non-conformity assessment and controlled a team of 20 FTEs of different technologies to assessing risks & steering the team to get daily throughput to achieve the target • Designed SLA & SLO, methodology for smooth business flow, mechanisms following compliance standards, and process to manage health checks for the accounts• Actively involved in the hiring process, managing people, CIRAT &non-compliance issues, conflicts & targets, transferring knowledge, and implementing ITCS104 Show less

  • Service Delivery Manager

    Jan 2017 - Jan 2022

  • Deputy Manager Operations

    Jan 2015 - Jan 2017

  • Assistant Operations Manager

    Jan 2011 - Jan 2015

  • Subject Matter Expert

    Jan 2009 - Jan 2011

  • Graduate Engineer & Senior Analyst

    Jan 2006 - Jan 2009
• 

  EY

  Jan 2022 - now

  Principal Consultant – Cyber Security

  An expert in Information Security and focused additionally on security domains around Vulnerability Management, Application Security, Security Assurance, Data Security, Information Risk Management, specializing in Information Security solutions and strategic enterprise cyber security. Currently supporting the following• Provide presales/prebid services to business verticals, and ensure solutions, proposal management, knowledge management, business support & strategic marketing activities• Maintain coordination with alliance partner OEMs, attend business user meetings, engage in project planning, and provide customized solutions• Respond to client queries on cyber security practices & compliance mapping requirements • Manage several bid types such as RFQS, RFIS, RFPS & standard techno-commercial offers, bundle solution bids, and upgrade SOWs• Prepare organizational BPMS (Business Process Management System), policy documents for competency, department, function & entity & effective enforcement, implementation and testing for those• Coordinated with clients for the initiation planning, cost & effort estimation, prioritization, understanding of scope, and negotiating of requirements • Prepare & test organizational business process management system & policy documents for competency, department, function & entity, and ensure effective enforcement & implementation• Manage development team for POC/design, agile development, continuous integration, packaging/release, performance, implementation, documentation Show less