Experience

• 

  Wisec globel ltd

  Jan 2005 - Jan 2007

  Technical support
• 

  Jetking

  Jan 2007 - Jan 2009

  Faculty
• 

  Ica infotech pvt. ltd.

  Mar 2009 - Jan 2011

  Technical head
• 

  Vinsys

  Jan 2011 - Jun 2012

  Corporate trainer
• 

  Koenig solutions pvt. ltd.

  Jun 2012 - Mar 2018

  Assistant technical manager infosec management

  • Conduct training for clients on-site as well as off-site.• Designs and executes information security awareness training and educational activities• Conducts information security risk assessments and control selection activities• Design and implementation of security processes;• Definition and development of security control designs including those required to support external regulations;• Contributes towards the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations, such as PCI DSS.• Designs and executes information security awareness training and educational activities• Supports the design, implementation, operation and maintenance of the Information Security Management • System based on the ISO/IEC 27000 series standards, including certification against ISO/IEC 27001 where applicable• Conducts activities relating to contingency planning, business continuity management and IT disaster recovery (BCMS) in conjunction with relevant functions and third parties• Perform Information security assessments. • Plan and conduct IS Audits (ISO 27K). • Develop, evaluate and review IS policies and procedure. • Plan and conduct Application controls and IT General control reviews. • Manage task allocation, ensuring quality of the deliverables in line with industry standards and best practices. Show less

• 

  Isc2

  Jan 2014 - Jan 2015

  • Member

    Jan 2014 - Jan 2015

  • Member

    Jan 2014 - Jan 2015
• 

  Freelance, self-employed

  Mar 2018 - Jul 2018

  Information security mangement trainer / consultant
• 

  Shell

  Jul 2018 - May 2022

  • Conducts information security risk assessments and control selection activities.• Act as the functional specialist for IT Information Risk Management (IRM)• Proactively review Organizations information security and related risks wrt threats and vulnerabilities, legal and regulatory compliance• Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies.• Facilitate smooth conduct of Risk Assessment on Applications, Network& Systems, and Legal & Regulatory.• Coordinate in conducting VAPT (Vulnerability Assessment and Penetration Test), Review VAPT results and recommend the risks to be remediated.• Work with Project Managers, Business Analysts, Architecture and Support Team to ensure Organizations IRM standards are being followed.• Incorporate Security in the Software Development Life cycle Support the ‘Prevent’ and ‘Validate’ staff and IRM COB in education and awareness of Information security related issues and risks, and influence of behaviors of IT and Business staff as part of mitigating these risks.• Support in development of tooling to support IRM processes and ensuring this is fit for purpose.• Actively participate in reviewing and improving the Information Security Controls implemented in the organization.• Active participation in the Assurance and Architecture level discussions in the engagements.• Ensure that IRM continues to focus on risks significant to the Business, with emphasis on innovation.• Ensure a successful response to the Information Management, Health & Safety. Show less

  • Senior Risk and Control Advisor - JV Cyber & Information Risk Advisory

    Oct 2021 - May 2022

  • Risk and Controls Advisor

    Jul 2018 - Oct 2021
• 

  Amazon web services (aws)

  Jun 2022 - now

  Technical trainer
• 

  Junglee games

  -

  Senior program manager - governance, risk & compliance (grc)