Samrat Nandi

Experience

• 

  CMS Info Systems

  Jun 2003 - Aug 2006

  Customer Support Engineer

  Trouble shoot end users issue in their laptop and desktop.Installation of OS, mail solutions, AV managment, hardware issues, applications related issue.

• 

  Wipro

  Aug 2006 - Feb 2011

  Senior Information Security Engineer

  Detailed Job Role:1. Doing Compliance audit for different IT team & preparing the final check list with evidence as per standard guidelines.2. Tracking KPI As per SAS 70 & PCI DSS control point for all IT teams in weekly/Monthly/Quarterly basis.3. Preparing monthly Compliance tracker sheet for all IT teams after review there monthly activity/reconciliation data of IDs.4. Keep track of process changes & doing process Gap analysis for all IT tracks.5. Doing risk assessment & maintain RART sheet for operation team as per ISO 27001 guideline, tracking all risk & handling risk mitigation plan discussion.6. Running vulnerability scans using scanners like ISS & Nessus. Deciding the policies for different scans.7. Coordinate the development and maintenance of information security policies and standards,• Develop an Information Security Policy for the project based on guidelines from customers• Recommend updates/upgrades to infrastructure based on the policy.• Continuous review of the policy to accommodate changes.• Regular audits to ensure compliance of the policy.• Generate compliance report for the defined policies on regular basis and update the concerned departments on the status. This would include Audit reports, security incident and action taken report, firewall configuration changes report etc.8. Investigate security incidents and coordinate their resolutions:• Review all security vulnerability logs for the systems and disseminate such information to appropriate technical staff for resolution.• Review network alerts, outage notifications, or other networking issues and disseminate such information to appropriate staff.• Coordinate security incidents• Thorough analysis of security incidents. 9.Maintain compliance of Security and Network Systems & Servers• Maintain compliance by informing the respective teams about Security and Network related latest patches Show less

• 

  Verizon Data Services India Pvt Ltd

  Mar 2011 - Nov 2011

  Systems Engineer
• 

  PwC Acceleration Center Shanghai

  Dec 2011 - Apr 2015

  Assistant Manger Information Security & BCP

  1. Assist the ISM (Information Security Manager) in managing Information Security and Business Continuity compliance2. Responsible for creation/maintenance/update/review of security and BCP documentation (policy, procedure, guideline, SOP)3. Operational IT Risk Management framework and maintains the same4. Works together with IT Infrastructure and Applications teams in facilitating implementation of security policies in the areas of IT security5. Works with Admin and HR teams to implement physical and people security at SDC premises6. Plays an active role in information security/BCP awareness and education7. Identifies client security/BCP requirements from business units and work with ISM to address them 8.Vulnerability management and technical security review of servers, applications and network elements• Creation of security infrastructure for business units9. Face external audits, as and when needed10.Conduct internal security audits11.BCP/DR Testing Show less

• 

  Tech Mahindra

  May 2015 - now

  • Principal Security Consultant

    Apr 2022 - now

  • Manager Risk and Compliance

    May 2015 - Apr 2022