Velavan M

Experience

• 

  Ajuba Solutions India Pvt Ltd

  May 2007 - Jun 2011

  Information security Executive

  • Review and update all required Policies and procedures documentation with relevant change control for ISO 27001• Review & analyze LAN user ID logon failures, locked accounts & user account changes captured in the Event log analyzer.• Review of Symantec Anti-Virus Logs and initiate security incidents for all Virus Incidents and repeated Quarantines• Have followed ISO 27001 standard.o Project Managemento Understand the Businesso Business Impact Analysiso Risk Assessmento BC Plan Development (Incident Management Plan and Business Continuity Plan)o Training and Awareness• Executed multiple SAS70 engagements for business processes and IT controls in India.• Define global information risk solutions and security, create information security management systems.• Project improvement documentation, delivered process documentation• To Perform Internal & External Network Vulnerability Assessment and Penetration Testing• Monitor and control IT security functions such as Firewall logs, Server Event logs and user permissions.• To review `Red alerts generated by physical access control logs for all the facilities including common access points and restricted access points and analyze all received Red Alerts and take appropriate action to mitigate risks. • To review license compliance on random sampling and report non-compliance for quick corrective action• Responsible of preparing monthly security newsletter with new threats and industry events• Conducting team weekly meetings• RFP preparation and vendor coordination to implement information security requirements with DLP software’s, Ant-spam and Encryption Show less

• 

  AGS Health

  Jun 2011 - Mar 2013

  Governance Risk Information security and Complaince - Team Leader

  Managing the establishment and implementation of IT Security policies, procedures and standards.Managing and implementing security awareness and training efforts and educating the Company and its customers on security policies, practices and best standards.Conducting Company IT systems security assessments and reviews for compliance with established security standards, policies, procedures and guidelines.Overseeing the facilitation of information security risk assessment methodologies and managing information security risk assessments and mitigation practices.Response, follow through and monitoring of any information security responses to audits.Implementing management reporting and metrics for security compliance.Implementing process and tracking to monitor compliance to policies and standards.Coordinating policy exception requests and tracking.Ensuring ISO 27001 compliance.Ensuring compliance with security and privacy terms as per contracts with customers and partners. Show less

• 

  Accenture

  Mar 2013 - now

  Responsible for reviewing the cloud-related configuration and security controls that must be necessary to implement on AWS/Azure/Google Cloud Hosting Environment.Responsible for leading the execution of Venture and acquisitions IT/IS Cyber Risk Reduction and Rapid Risk Reduction. Multiple Venture & Acquisition assessments performed and ensured aligning the acquired organization to be in line with security controls.Responsible for the overall management of IS & IT Integration activities for Post-Merger IntegrationReviewed and Authorized security deviations to the organization’s security policies and standards (Risk Acceptance Sign off). Show less

  • Security Delivery Associate Manager -Information Security Governance Risk & Compliance

    Dec 2020 - now

  • Security Delivery Team Lead - Governance Risk and Compliance

    Sept 2015 - Dec 2020

  • Senior Information Security Consultant - Global Information Security Compliance and Risk Management

    Mar 2013 - Sept 2015