Raghav Handa

Experience

• 

  IBM India Pvt. Ltd.

  Apr 2012 - Mar 2015

  Performed User ID management and User ID validation (QEV, CBN & PAR) on servers, sub systems, databases, applications, domain controllers and network devices using tools like URT (User ID Revalidation Tool), GIAMA, MPW.Performed security health check validation on servers, network devices and sub systems.Prepared and managed implementation manuals and checklists for various flavors of OS, sub systems and network devices.Performed basic hygiene process artifacts validation on servers, network devices.Performed vulnerability assessment on servers, network devices, security devices using tools like ISS(Internet Security Systems) and Nessus.Performed penetration testing, sanity checking on servers.Performed issue management, risk management for any non-compliance activity.Ensuring that security processes are governed on complete inventory in the cycle. Ensuring that the SLA agreed with client are met on time.Knowledge of problem management, change management, incident management, service activation and deactivation.Supported various audits and reviews. Show less

  • Identity & Access Management Lead

    Oct 2014 - Mar 2015

  • Service Delivery Associate

    Apr 2012 - Sept 2014
• 

  Infogain

  Mar 2015 - Nov 2016

  Implemented ISMS, performing Risk Assessments based on Asset based Risk Register, Context based Risk Register & FMEA (Failure Mode Effect Analysis) approach, maintaining Risk Treatment Plan.Prepared policies, processes and guidelines as per ISO 27001:2013 and client requirements.Implemented processes as per ISO 27001:2013.Hands on experience on Business Continuity Management, Incident Management, Physical Security, HR Security, IT Security, Application Security.Performed Risk Assessment and Risk Management during Merger & Acquisitions.Conducted audits & reviews on periodic basis.Performed security compliance assessments on periodic basis.Conducted training & awareness sessions among employees based on classroom sessions, online CBTs, posters, mailers, etc..Responded to client security questionnaire (Vendor Security Assessment Program) Show less Implemented ISMS, performing Risk Assessments based on Risk Register & FMEA (Failure Mode Effect Analysis) approach, maintaining Risk Treatment Plan.Prepared policies, procedures and guidelines as per ISO 27001:2013 and client requirements.Implemented procedures as per ISO 27001:2013.Hands on experience on Business Continuity Management, Incident Management, Physical Security, HR Security, IT Security, Application Security.Performed Risk Assessment and Risk Management during Merger & Acquisitions.Conducted audits & reviews on periodic basis.Performed security compliance assessments on periodic basis.Conducted training & awareness sessions among employees based on classroom sessions, online CBTs, posters, mailers, etc..Responded to client security questionnaire (Vendor Security Assessment Program) Show less

  • Senior Executive - Information Security

    Sept 2016 - Nov 2016

  • Executive-Information Security

    Mar 2015 - Sept 2016
• 

  Motherson Technology Services

  Nov 2016 - now

  Conducting ISMS and ITGC Audits for Samvardhana Motherson Group (SMG) companies.Implementing, maintaining and continually improving ISMS in the organization.Working on automating IT Governance, Risk & Compliance for SMG companies by evaluating/adopting multiple tools.Working on evaluating the Security Maturity & Security Metrics of various security areas/domains for SMG companies.Implementing Integrated Compliance Matrix comprising of various standards and IT acts and regulations across SMG locations.Hands on experience of various security standards/regulations/frameworks like NIST CSF, GDPR, CIS, etc.Conducting Information Security awareness for employees through various modes like classroom sessions, e-Learning, mailers, posters, etc.Documenting security policies, procedures and templates, managing IT risk and compliance, implementing and testing BC & DR plans, supporting Internal and external compliance audits, and conducting application security testing & vulnerability assessment. Show less

  • Senior Manager

    Apr 2024 - now

  • Manager

    Aug 2022 - Mar 2024

  • Deputy Manager

    Apr 2021 - Jul 2022

  • Assistant Manager

    Nov 2018 - Apr 2021

  • Senior Quality Analyst

    Nov 2016 - Nov 2018