Ashish Sharma

Experience

• 

  MARG Software Solutions

  Sept 2002 - Mar 2006

  System Administrator

  Administrating windows 2000/2003 server including Active Directory.Configuring & Managing VLAN, WSUS on windows 2003 server.Provide Desktop Support to NTPC, NRHQ officers Special

• 

  CMS Computer Company Limited

  Mar 2006 - Nov 2006

  Project in charge

  Monitoring the Progress of the report against the timeline defined and escalate issues/hurdles to higher authority whenever require to insure smooth execution of the project.Implementing GSD (General Security Document from IBM) on servers and submit the report to central team on quarterly basis.

• 

  Ramco Systems

  Nov 2006 - Dec 2007

  Technical Consultant

  Performing Network Performance & Network Security audit for various customers.Conducting Vulnerability Assessment, Penetration Testing, and Network Security & Performance Audit for various customers.

• 

  Frontier Business systems Pvt. ltd.

  Dec 2007 - May 2010

  Consultant

  Delivering the ISO27001:2005 projects including Risk Assessment, Business Continuity Plan, Statement of Applicability (SOA), creating Policies & Procedures, etc. on schedule.Delivering projects for Network Performance & Security, Vulnerability Assessment, Penetration Testing, etc. on schedule.

• 

  IBM India Private Limited

  May 2010 - Feb 2014

  Gathering functional and nonfunctional requirement and providing, security solution to fulfill those requirements. Developing detailed design documents for the security service, including the technology and process designs. Serving as account managed security focal and documenting architectural decisions to include options, a recommended decision, impacts and risk. Studying customer network architecture, identify the gaps/risk in theexisting environment and develop solutions to mitigate the identifiedgaps/risk. Performing impact assessment for the changes in enterprisearchitecture and present to all stakeholder, update the Blueprint, ifrequired. Show less Overseeing the implementation and managed of operational security activities, process and policies as required.Reviewing security status with account team on a regular basis that includes review of risk, issue, incident, and outstanding activities, current and planned changes.Serving as a dedicated focal point for managing security incident.Performing executive level presentations for the account or client management.Managing security control, performing risk assessment, incidentmanagement.Driving vulnerability remediation activity. Show less

  • Information Security Architect

    Dec 2011 - Feb 2014

  • Information Security Advisor

    May 2010 - Dec 2011
• 

  Oracle

  Feb 2014 - Feb 2021

  Running various regional security programs including but not limited to contributing to security policy drafting, supplier security program, education and awareness program, merger and acquisition program, incident response, computer forensics and cloud security.Overseeing the compliance to various industry specific regulatory requirements as well as international standards like ISO27001:2013 for various line of business (LoB) and business units (BU).Reviewing legal contracts with customer from information security perspective.Working closely with Compliance & Ethics as well as Human Resource (HR) department to address complain raised at ethics helpline, helping them in understanding technical investigation result so that an informed decision can be taken by respective stakeholders. Show less Partnering with the Business Continuity Team to ensure that the Business Continuity Plans for Information Security were current and addressed disaster recovery risks.Establishing security policies and procedures, and conducted security education for executive management, developers, consultants and contractors.Responding to customer's security questionnaire.Performing forensics images of computers, mobile phones, external storages of custodians.Conducting internal audits against ISO27001:2013 for certified line of business (LoBs), reporting the findings to ISMS owner and senior management of respective line of business. Show less

  • Director Information Security, India & Southeast Asia

    Jan 2018 - Feb 2021

  • Senior Manager, Information Security

    Feb 2014 - Dec 2018
• 

  HCLTech

  Feb 2021 - now

  • Managing cybersecurity delivery for HCLTech customers, ensuring the protection of information assets.• Implementing strategies to drive value and uphold the confidentiality, integrity, and availability of data.• Collaborating with cross-functional teams to enhance cybersecurity measures and mitigate risks. Leading & Managing ISRM/Cybersecurity Globally for European Customers

  • Deputy General Manager, Cybersecurity

    Apr 2024 - now

  • Associate General Manager, Cybersecurity

    Feb 2021 - Sept 2024