Maninder Pal Singh

Experience

• 

  Tata Consultancy Services Limited

  May 2004 - Apr 2006

  System Analyst

  At the onset of my professional journey, I was privileged to kickstart my career with TCS, a global IT powerhouse. This formative period shaped my perspective on IT security and its overarching significance. My key Responsibilities and Achievements at TCS were as follows:- Technical Mastery: Engaged in core IT security initiatives encompassing BS7799 Advisory, IT Controls Review, and Application Security. These pursuits ensured the clients' infrastructure remained robust, compliant, and resilient against emerging threats.- Client-Centric Approach: Navigating client relationships early in my career, I championed: - Documentation Excellence: Evaluating and enhancing client security documentation to ensure alignment with the BS7799 standards. - Audit Mastery: Conduct meticulous Information Security Management System audits, setting the bar high by using BS7799 as our benchmark. - Risk Insight: Orchestrating in-depth Information Security Risk Assessments and delivering nuanced Management and Treatment reports tailored for each client, spotlighting vulnerabilities and actionable solutions. - Knowledge Dissemination: Crafting and delivering bespoke security training modules for diverse teams, demystifying the intricacies of BS7799 implementation and adherence.This initial phase at TCS was more than just a job; it was a comprehensive education. It instilled in me a passion for IT security and a commitment to excellence that has been the bedrock of my subsequent endeavors. Show less

• 

  KPMG

  May 2006 - Sept 2008

  Senior

  My tenure at KPMG underscored the synergy between robust IT security and business growth, equipping me with a multifaceted understanding of the field. My key Responsibilities and Achievements were:- Auditory Engagements: I delved deep into a broad spectrum of IT security audit assignments, from supporting statutory audits and spearheading SOX audits to driving compliance audits and SAS 70 examinations. - Advisory Leadership: Played a pivotal role in leading advisory services, including: - Guiding organizations on their ISO 27001 journey. - Assisting in SOX preparations, ensuring seamless transitions and integrations. - Advising on IT roadmap development, ensuring alignment with long-term business objectives. - Assisting clients in informed product selections, considering both security imperatives and operational efficiency.- Global Exposure: I was privileged to be deputed to KPMG LLP’s FS IT advisory practice in the U.K. Over six transformative months, I led IT Audit teams in London, focusing on SOX audits for prominent global bank operations. This international stint enriched my perspective, exposing me to global best practices and regulatory landscapes.- ISO Certification Pioneer: Championed the ISO 27001 certification journey for a major global BPO/IT Services company, underlining the importance of international standards in driving operational excellence.- Security Assessments & Testing: Leveraged my technical acumen to deliver:- Application Security Assessments, safeguarding client applications from potential threats.- Vulnerability Assessments & Penetration Testing, unearthing and addressing potential chinks in the digital armor.- ISO 27001 audits, ensuring clients met and exceeded the gold standard in information security.At KPMG, every challenge was an opportunity to innovate, learn, and lead. The diverse experiences here further ignited my passion for IT security, propelling me to strive for excellence in every subsequent endeavor. Show less

• 

  BT

  Sept 2008 - Aug 2009

  Security Manager

  As I transitioned to British Telecom, a global leader in communication services, I embraced a pivotal role in fortifying the company's security posture, particularly in collaborations with external partners. My focus here was on compliance and nurturing a security-aware culture, recognizing that proactive measures are the best defense. My key Responsibilities and achievements were as follows:- Upholding Partner Security Standards: Assiduously maintained and enforced BT's esteemed security standards among our outsourced partners. My routine involved meticulous audits, ensuring every partner consistently adhered to our stringent policies.- Incident Management & Resolution: At the forefront of security incident response, I guided investigations and decisively implemented corrective actions whenever security breaches emerged within partner and supplier locales. My proactive approach ensured swift resolutions and minimal impact.- Business Continuity Assurance: Conducted critical evaluations of Business Continuity and Disaster Recovery plans for essential assets. My assessments ensured compliance and steadfast resilience, ensuring operations remained unyielding despite unforeseen adversities.- Strategic Security Reporting: Acted as a trusted advisor to the Chief Security Officer for the Asia Pacific region. My comprehensive briefings provided insights instrumental in refining and enhancing BT's security protocols and practices.- Cultivating Security Consciousness: Recognizing that awareness is the bedrock of security, I championed and supervised various security awareness initiatives across India, targeting both supplier and partner facilities. These programs were crucial in fostering a security-centric mindset at every touchpoint.With British Telecom, I further honed my ability to blend strategic oversight with hands-on engagement, ensuring that security wasn't just a checklist but a lived experience for all stakeholders. Show less

• 

  Barclays

  Sept 2009 - Dec 2011

  Senior Manager - Risk & Governance

  While serving at Barclays Shared Services, I was pivotal in intertwining operational efficiency with stringent compliance standards. In an environment where attention to detail was paramount, I led initiatives, ensuring that every operational facet met internal and global standards. My key Responsibilities and Achievements were as follows:- Pioneering Risk-Based Audits: Commanded specialized teams to execute exhaustive risk-based audits across core support domains like Sourcing, HR, and Admin. Our approach ensured a seamless alignment with internal benchmarks and global regulatory imperatives.- Regulatory Project Leadership: Orchestrated projects that responded directly to global regulatory benchmarks, seamlessly integrating mandates from the U.K. Data Protection Act (1998), U.K. Bribery Act (2011), and the ISO 27001 Information Security Management System into our operations.- Technological Collaboration for Security: In a joint effort with the technology divisions, I championed formulating and implementing rigorous Internet access controls. Simultaneously, we devised solid data leakage monitoring policies, ensuring unparalleled data integrity and privacy.- Strategic Stakeholder Coordination: Forged collaborative bridges with the Legal and Sourcing teams, ensuring that our suppliers were well-versed and contractually committed to all relevant statutory and policy guidelines.- Supplier Compliance Vigilance: With a commitment to upholding our standards beyond our immediate premises, I led regular supplier audits. These initiatives scrutinized suppliers' adherence to their contractual commitments and global statutory mandates, guaranteeing unwavering compliance across the board.An enduring commitment to excellence marked my tenure at Barclays Shared Services. In an era where oversight can be costly, I ensured that our operational pulse was in rhythm with global compliance beats. Show less

• 

  SBI Card

  Dec 2011 - May 2015

  Chief Information Security Officer

  During my tenure as the CISO at SBI Cards, a joint venture between GE Capital India and the State Bank of India, I played an instrumental role in bolstering the organization's information security posture. My primary responsibilities and achievements include: - Strategic Leadership in Information Security: Spearheaded Information Security Governance and Risk Management initiatives. Under my leadership, we built the team from scratch to more than 20 people strong, got ISO 27001 certified, and established robust protocols & strategic measures, ensuring the organization's data assets and IT infrastructure were well-protected against potential threats.- IT Strategy Committee Membership: I was part of the IT Strategy Committee, a pivotal team responsible for thoroughly evaluating major IT initiatives. Our collective efforts ensured that only the most viable, efficient, and secure IT programs were presented to the Board of Directors. - Stakeholder Communication: Regularly interfaced with top-tier executives, including the Board of Directors, to communicate the importance of security measures, provide updates on potential risks, and secure buy-in for vital security initiatives.- Continuous Learning & Improvement: Kept abreast of the ever-evolving landscape of cybersecurity threats and trends. This knowledge enabled me to introduce innovative solutions and measures, fortifying SBI Cards against the latest security challenges.Throughout my role at SBI Cards, I maintained a steadfast commitment to ensuring the utmost security, resilience, and compliance of our digital assets, thereby contributing to the organization's reputation and trustworthiness in the industry. Show less

• 

  Birlasoft

  May 2015 - Feb 2016

  Chief Information Security Officer

  As the CISO at Birlasoft, I championed the establishment and evolution of the organization's information security practice, ensuring we met rigorous standards and exceeded client expectations. My key Responsibilities & Achievements were as follows:- Strategic Leadership: Pioneered Birlasoft's comprehensive internal compliance processes, encompassing Assets Governance, Software Governance, Network Security, Systems (end-point) Security, and BC/DR, with a relentless focus on zero defects.- Operational Excellence: Personally managed critical segments like client-supplied assets and Business Continuity/Disaster Recovery (BC/DR), fostering a culture of utmost diligence and efficiency.- Process Oversight: Conducted continuous monitoring of information security controls, diligently identifying and addressing any potential gaps or non-compliances.- Stakeholder Collaboration: Collaborated closely with various internal teams including Systems Administration and Project Delivery. This synergy ensured daily adherence to our security and compliance standards.- Client Relations: Represented Birlasoft in numerous client forums concerning Information Security. Ensured transparency, trust, and fostered strategic relationships through consistent engagement.- Audit Management: Prepared and steered the organization for annual client-driven external audits, typically conducted by top-tier audit firms, reinforcing our commitment to global standards.- Team Leadership: Led a dedicated team of professionals, nurturing their growth and aligning their efforts with Birlasoft's strategic vision.- Technical Proficiency: Leveraged hands-on experience with Information Security frameworks such as ISO 27001 COBIT, and became conversant with standards like NIST, CIS. Further, I expanded my acumen with various tools integral to the Information Security landscape. Show less

• 

  Deloitte

  Feb 2016 - Mar 2018

  Cyber Security Consultant
• 

  EC-Council Global Services

  Mar 2018 - Nov 2021

  Elevated to the esteemed position of Vice President at EC-Council Global Services, my role extended beyond the boundaries of leadership, intertwining executive strategy with the intricate facets of cybersecurity. With an expanded remit, I led the Information Security Consulting division and was entrusted with the pivotal responsibility of the Chief Information Security Officer (CISO) for the entire EC-Council Group. My key Responsibilities & Achievements were:- Divisional Legacy: Continued to shepherd the Information Security Consulting division, deepening our offerings, refining operational processes, and expanding our client footprint.- Strategic Oversight as CISO: As the CISO of the EC-Council Group, I crafted and implemented robust cybersecurity strategies, ensuring the holistic protection of our digital assets and infrastructure. I harmonized consulting insights with organizational security imperatives in this dual capacity, fostering a synergy that elevated our cybersecurity posture.- Growth & Expansion: While leading the Business Development teams, we penetrated newer markets, solidified our standing in existing sectors, and achieved remarkable growth milestones.- Technical & Managerial Leadership: Steered the successful delivery of multifaceted consulting projects. My role oscillated between a hands-on technical leader and a strategic overseer, ensuring client satisfaction at every juncture.- Upholding Accreditation Standards: Under my stewardship, not only did we maintain our esteemed accreditations, such as ISO 27001 and CREST, but we also consistently pushed the envelope, aspiring for newer benchmarks in security excellence.In this elevated role at EC-Council Global Services, I strived to strike the perfect balance between proactive leadership and reactive agility, ensuring that our consulting division and the broader EC-Council Group remained at the vanguard of cybersecurity excellence. Show less In my leadership role at EGS, I pioneered transformative changes in the Information Security Consulting landscape. Tasked with spearheading the division, my vision extended beyond mere establishment; it was about fostering innovation, driving growth, and setting the gold standard for excellence in security consulting. My key Responsibilities & Achievements were:- Foundational Leadership: Initiated and orchestrated the Information Security Consulting division, laying its cornerstone. This involved a hands-on approach in recruiting, training, and nurturing a cadre of talented professionals with specialized skill sets.- Crafting Niche Offerings: Devised and presented tailored offerings for corporate clients, targeting specific sectors, ensuring our solutions were innovative and directly aligned with clients' needs.- Team Building Excellence: Championed the challenge of sculpting the consulting team from the ground up, ensuring a blend of diverse skills and expertise to drive the division's success.- Business Growth & Expansion: Directed our Business Development teams with strategic acumen, identifying opportunities & sealing deals, translating vision into tangible business outcomes.- Project Leadership: Assumed the dual role of a technical overseer and managerial lead for consulting projects. Whether remote direction or on-site implementation, I ensured that our delivery met and surpassed expectations.- Strategic Market Expansion: Collaborated closely with the Business Development team to architect strategies, amplifying our market presence and capturing newer business avenues.- Accreditation Oversight: Led the charge in ensuring the department's alignment with global standards. Under my supervision, we achieved esteemed accreditations such as ISO 27001 and CREST, solidifying our position as leaders in Information Security Consulting.At EGS, every challenge was an opportunity, and every success was a testament to our collective commitment, drive, and passion. Show less

  • Vice President

    Apr 2021 - Nov 2021

  • Executive Director

    Mar 2018 - Apr 2021
• 

  Tech AGRIM

  Dec 2021 - Apr 2024

  Partner

  At Tech AGRIM, I helmed the Cyber Security & Trust Services division, overseeing its strategic direction and operational vigor. As a cornerstone of this pivotal segment, my responsibilities spanned leadership, strategy, execution, and global team coordination. My Key Contributions & Responsibilities there were:- Holistic Leadership: At the helm of the division, I oversaw every facet, from talent acquisition and retention to upskilling our dedicated team, ensuring that we remained at the forefront of industry developments and best practices.- Offshore Team Expansion: Actively involved in architecting our global footprint, I established and nurtured our offshore teams in India, ensuring seamless collaboration and high operational standards.- Board Membership: As a board member of our Indian entity, I contributed strategic insights and governance, shaping the trajectory of our regional endeavors and fortifying our position in the market.- Business Expansion: Driving our growth trajectory, I spearheaded business development initiatives, architected and nurtured client relationships, and ensured impeccable project delivery that upheld Tech AGRIM's reputation for excellence.- Client-Centric Solutions: I was deeply involved in curating bespoke cyber-security solutions, ensuring that our offerings were tailored to meet our clientele's unique challenges and needs.- Strategic Alliances: Building and nurturing relationships with product companies was paramount. My active involvement ensured we leveraged these alliances, bringing the best-in-class tools and technologies to our service portfolio, further enhancing client trust and satisfaction.At Tech AGRIM, I was passionately committed to forging a future where our cyber security solutions protected and empowered businesses, fostering an ecosystem of trust and resilience in an increasingly digital world. Show less

• 

  Clients

  May 2024 - now

  Cyber Security Consultant

  As a Cyber Security Consultant, I help clients manage their cyber security risks and compliance requirements. My Key Contributions & Responsibilities are:- Risk Management & Compliance: I oversee the identification, assessment, and mitigation of cyber security risks for various companies, ensuring they comply with industry standards and regulations.- Strategic Consulting: I provide strategic guidance to consulting firms, aiding them in establishing and enhancing their cyber consulting practices to deliver exceptional value to their clients.- Virtual CISO: Acting as a Virtual CISO for some clients, I provide leadership and oversight for their cyber security programs, ensuring comprehensive protection and strategic alignment with business goals.- Tailored Solutions: I design and implement bespoke cyber security solutions, tailored to meet the unique needs and challenges of each client, ensuring their assets are protected.- Client Engagement: I engage closely with clients to understand their specific requirements, delivering customized strategies and solutions that align with their business objectives.- Best Practices Implementation: I ensure the implementation of best practices in cyber security, keeping clients updated with the latest industry developments and technologies.- Training & Development: I conduct training sessions and workshops for client teams, enhancing their knowledge and capabilities in managing cyber security threats effectively.- Continuous Improvement: I constantly seek to improve my consulting methodologies and practices, staying abreast of the latest trends and innovations in the cyber security landscape.In my role, I am dedicated to empowering businesses to fortify their cyber defenses, ensuring they operate in a secure and resilient digital environment. Show less