DataProtectionExpert
BNPParibas
Skills
Core Competencies:
- Extensive knowledge of planning and implementing information security systems addressing Endpoint Protection, Data Loss Prevention, Intrusion Detection/Prevention, EDR/ATP, Risk and Compliance, SIEM and Data Security
- Performing Information Security Practices also drafting the information security policies & information security guidelines & other industry best practices
- Implementing security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation/calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation
- Implementation and managing overall operations for executing projects involving scoping, initiating, high level design & architecture, execution within cost & time parameters
- Managing IT requirements of the organization in terms of software, hardware and other peripherals / products, and handling procurement of the same.
- Reviewing the physical & logical security measures and safeguarding the information resources of the enterprise to maintain integrity, confidentiality & availability of data
- Developing security operations procedure for efficient operation and protection of asset and property set up and maintain security integrity and function with strict rules and regulations
- Reviewing the IT security measures and safeguarding the information resources of the enterprise to maintain integrity, confidentiality and availability of data / application, Risk Assessment & Risk Treatment
- End Point Data Recorder / Advance Threat Protection - Symantec Endpoint Detection & Recorder / Adv Threat Protection (EDR/ATP)
- Intrusion Detection & Prevention System - (IDS/IPS) - Symantec Data Center Security (DCS)
- Endpoint Security & Protection - Symantec Endpoint Protection (SEP)
- SIEM - Symantec Security Information Management (SSIM) / IBM QRadar
- Data Prevention - DLP - Symantec Data Loss Prevention (DLP)
- IS Standards / Frameworks: - NIST, PCI-DSS, ISO 27001/2
- Vulnerability Manager: - Nessus
- Certified Information System Auditor (CISA)
- Certified ISO 27001 Lead Auditor
- ITIL certified
- RHCE
Project history
09/2019
-
12/2019
Role:
? Handling Data Protection controls based on BNP Paribas objectives and demonstrating compliance against internal and
externalmandates.
? Conductingpolicydesignreviewsassecurityrepresentative
? Ensuring compliance with business risks through an integrated framework that incorporates risk assessment into IT
controlscomplianceautomation
? Responsibleforunderstanding,reviewingtherequirementsofDataProtectionandactingasatrustedsecurityadvisoron
issuesofrisk,securityandcompliance.
? Planning,designing andimplementing region-wide DataProtectionpolicies.
? ManagingthecategorizationofInformationDataaccordingtobusinessvalue.
? Fixing&overseeingvulnerabilitiesinInformationAssets
? Implementingcommonprocessesforthecreation,acceptance&disseminationofpolicies&standardsacrosstheorganization
? Handling Data Protection controls based on BNP Paribas objectives and demonstrating compliance against internal and
externalmandates.
? Conductingpolicydesignreviewsassecurityrepresentative
? Ensuring compliance with business risks through an integrated framework that incorporates risk assessment into IT
controlscomplianceautomation
? Responsibleforunderstanding,reviewingtherequirementsofDataProtectionandactingasatrustedsecurityadvisoron
issuesofrisk,securityandcompliance.
? Planning,designing andimplementing region-wide DataProtectionpolicies.
? ManagingthecategorizationofInformationDataaccordingtobusinessvalue.
? Fixing&overseeingvulnerabilitiesinInformationAssets
? Implementingcommonprocessesforthecreation,acceptance&disseminationofpolicies&standardsacrosstheorganization
11/2017
-
09/2019
Sr.SecurityConsultant
IngramMicroAsia
Role:
? Identification of technological needs for the client environment and working towards providing cost effective solutions
forsetting-upthenetwork,ITinfrastructureandinformationsecurity.
? Analyzeandassestheclientenvironmentandpreparethesolution
? Preparationof systemdesignreviewsasleadsecurityrepresentative
? Ensuringcompliancewithbusinessrisks
? Responsiblefor handlingCustomers queries, newrequirementand maintain satisfaction level.
? Providingtheendtoendsecuritysolutionsasperclientsrequirement
? Workwithvendortoprovidesupportduringimplementationofgivensoultion
? Conductingpostimplementationreviewandhandingovertheprojectalongwithdocumentation
? Identification of technological needs for the client environment and working towards providing cost effective solutions
forsetting-upthenetwork,ITinfrastructureandinformationsecurity.
? Analyzeandassestheclientenvironmentandpreparethesolution
? Preparationof systemdesignreviewsasleadsecurityrepresentative
? Ensuringcompliancewithbusinessrisks
? Responsiblefor handlingCustomers queries, newrequirementand maintain satisfaction level.
? Providingtheendtoendsecuritysolutionsasperclientsrequirement
? Workwithvendortoprovidesupportduringimplementationofgivensoultion
? Conductingpostimplementationreviewandhandingovertheprojectalongwithdocumentation
07/2012
-
10/2017
SeniorTechnicalEngineer
SymantecCorporation
Compliance&SecurityManagement(InformationSecurityandRiskManagement)
Role:
? ProvideSupport,deployandconfigureSymantecThreatProtectionsolutions(HIPS/HIDS/Antivirus/SIEM/EDR-ATP
/Compliance)inenterpriseandmidsizedclientenvironments.
? Configure high-availability & fault tolerant Data Center Security deployments to protect the data center and Cloud
environment
? Handlingthetechnicalescalationsandworkwithproductteamtoresolvetheissues
? Interacting with Product Engineering Team to provide inputs for the product enhancements, customer requirements,
reportedbugsanddocumentationerrors
? Impartingproducttrainingtonewjoiners&teammembersondifferentproductmodulesandtechnologies
Role:
? ProvideSupport,deployandconfigureSymantecThreatProtectionsolutions(HIPS/HIDS/Antivirus/SIEM/EDR-ATP
/Compliance)inenterpriseandmidsizedclientenvironments.
? Configure high-availability & fault tolerant Data Center Security deployments to protect the data center and Cloud
environment
? Handlingthetechnicalescalationsandworkwithproductteamtoresolvetheissues
? Interacting with Product Engineering Team to provide inputs for the product enhancements, customer requirements,
reportedbugsanddocumentationerrors
? Impartingproducttrainingtonewjoiners&teammembersondifferentproductmodulesandtechnologies
01/2007
-
07/2012
Sr.Network/SystemAdministrator
ApparelCompusourcePvt.Ltd/DavidLloydSoftwarePvt.Ltd
Role:
? Setting-upthenetwork,ITinfrastructureandinformationsecurityfortheheadofficeaswell
? asthebranchoffice.
? CustomerSupport-ProvidingtechnicalsupporttoclientsofApparel
? LiaisoningwithvendorsforallITpurchasesandensuringthatqualitygoodsandsupportisdelivered.
? Definedandimplementedpoliciesandproceduresfor;InformationSystemsusage,Backupand
? Disasterrecovery,PurchaseproceduresandVendorevaluationandrating,Usertrainingneeds
analysis.
? Setting-upthenetwork,ITinfrastructureandinformationsecurityfortheheadofficeaswell
? asthebranchoffice.
? CustomerSupport-ProvidingtechnicalsupporttoclientsofApparel
? LiaisoningwithvendorsforallITpurchasesandensuringthatqualitygoodsandsupportisdelivered.
? Definedandimplementedpoliciesandproceduresfor;InformationSystemsusage,Backupand
? Disasterrecovery,PurchaseproceduresandVendorevaluationandrating,Usertrainingneeds
analysis.
08/1996
-
01/2007
SystemAdministratorandITsecurityin-charge
NextStepInfotechPvt.Ltd
Role:
? ISO&CMMLevel5Experience-Iwasactivelyinvolvedinthecompany'sISO&CMMpractices
? Setting-upthenetwork,ITinfrastructureandISsecurityfortheheadofficeaswellasthebranchoffice.
? ManagingtheSupportdivisiontoensuresystemavailabilityforthedevelopmentteams.
? LiaisoningwithvendorsforallITpurchasesandensuringthatqualitygoodsandsupportisdelivered.
? Definedandimplementedpoliciesandproceduresfor;InformationSystemsusage,Backupand
? Theserverssetup-NovellNetWare/ Windows/SCOUnix/Linux
? ImplementedMail,andSoftwareVersionControlserversalongwith bug-reportingsoftware
? ISO&CMMLevel5Experience-Iwasactivelyinvolvedinthecompany'sISO&CMMpractices
? Setting-upthenetwork,ITinfrastructureandISsecurityfortheheadofficeaswellasthebranchoffice.
? ManagingtheSupportdivisiontoensuresystemavailabilityforthedevelopmentteams.
? LiaisoningwithvendorsforallITpurchasesandensuringthatqualitygoodsandsupportisdelivered.
? Definedandimplementedpoliciesandproceduresfor;InformationSystemsusage,Backupand
? Theserverssetup-NovellNetWare/ Windows/SCOUnix/Linux
? ImplementedMail,andSoftwareVersionControlserversalongwith bug-reportingsoftware
Local Availability
Only available in these countries:
India
Other
Experience:
Total experience is 18 years in IT industry and having 8 years core experience in IT Security implementation and consultancy.
Since the last ten years I have gained experience in the area of IT planning, networking, security and support.
Technology:
Endpoint Protection, SIEM, EDR/ATP, IDS/IPS, Data Prevention, Risk & Compliance, Data Security
Core Competency:
1. Implementation and managing overall operations for executing projects involving scoping, initiating, high level design &
architecture, execution within cost & time parameters
2. Managing IT requirements of the organization in terms of software, hardware and other peripherals / products, and
handling procurement of the same.
3. Reviewing the physical & logical security measures and safeguarding the information resources of the enterprise to
maintain integrity, confidentiality & availability of data
4. Developing security operations procedure for efficient operation and protection of asset and property set up and
maintain security integrity and function with strict rules and regulations
5. Reviewing the IT security measures and safeguarding the information resources of the enterprise to maintain integrity,
confidentiality and availability of data / application, Risk Assessment & Risk Treatment
6. Implementing security systems by specifying intrusion detection methodologies and equipment; directing equipment and
software installation/calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining
keys; providing technical support; completing documentation
7. Result oriented individual with excellent problem solving and analytical skills
Certification:
Certified Information System Auditor (CISA)
Certified ISO 27001 Lead Auditor
ITIL certified
RHCEExperience:
Total experience is 18 years in IT industry and having 8 years core experience in IT Security implementation and consultancy.
Since the last ten years I have gained experience in the area of IT planning, networking, security and support.
Technology:
Endpoint Protection, SIEM, EDR/ATP, IDS/IPS, Data Prevention, Risk & Compliance, Data Security
Core Competency:
1. Implementation and managing overall operations for executing projects involving scoping, initiating, high level design &
architecture, execution within cost & time parameters
2. Managing IT requirements of the organization in terms of software, hardware and other peripherals / products, and
handling procurement of the same.
3. Reviewing the physical & logical security measures and safeguarding the information resources of the enterprise to
maintain integrity, confidentiality & availability of data
4. Developing security operations procedure for efficient operation and protection of asset and property set up and
maintain security integrity and function with strict rules and regulations
5. Reviewing the IT security measures and safeguarding the information resources of the enterprise to maintain integrity,
confidentiality and availability of data / application, Risk Assessment & Risk Treatment
6. Implementing security systems by specifying intrusion detection methodologies and equipment; directing equipment and
software installation/calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining
keys; providing technical support; completing documentation
7. Result oriented individual with excellent problem solving and analytical skills
Certification:
Certified Information System Auditor (CISA)
Certified ISO 27001 Lead Auditor
ITIL certified
RHCE
Total experience is 18 years in IT industry and having 8 years core experience in IT Security implementation and consultancy.
Since the last ten years I have gained experience in the area of IT planning, networking, security and support.
Technology:
Endpoint Protection, SIEM, EDR/ATP, IDS/IPS, Data Prevention, Risk & Compliance, Data Security
Core Competency:
1. Implementation and managing overall operations for executing projects involving scoping, initiating, high level design &
architecture, execution within cost & time parameters
2. Managing IT requirements of the organization in terms of software, hardware and other peripherals / products, and
handling procurement of the same.
3. Reviewing the physical & logical security measures and safeguarding the information resources of the enterprise to
maintain integrity, confidentiality & availability of data
4. Developing security operations procedure for efficient operation and protection of asset and property set up and
maintain security integrity and function with strict rules and regulations
5. Reviewing the IT security measures and safeguarding the information resources of the enterprise to maintain integrity,
confidentiality and availability of data / application, Risk Assessment & Risk Treatment
6. Implementing security systems by specifying intrusion detection methodologies and equipment; directing equipment and
software installation/calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining
keys; providing technical support; completing documentation
7. Result oriented individual with excellent problem solving and analytical skills
Certification:
Certified Information System Auditor (CISA)
Certified ISO 27001 Lead Auditor
ITIL certified
RHCEExperience:
Total experience is 18 years in IT industry and having 8 years core experience in IT Security implementation and consultancy.
Since the last ten years I have gained experience in the area of IT planning, networking, security and support.
Technology:
Endpoint Protection, SIEM, EDR/ATP, IDS/IPS, Data Prevention, Risk & Compliance, Data Security
Core Competency:
1. Implementation and managing overall operations for executing projects involving scoping, initiating, high level design &
architecture, execution within cost & time parameters
2. Managing IT requirements of the organization in terms of software, hardware and other peripherals / products, and
handling procurement of the same.
3. Reviewing the physical & logical security measures and safeguarding the information resources of the enterprise to
maintain integrity, confidentiality & availability of data
4. Developing security operations procedure for efficient operation and protection of asset and property set up and
maintain security integrity and function with strict rules and regulations
5. Reviewing the IT security measures and safeguarding the information resources of the enterprise to maintain integrity,
confidentiality and availability of data / application, Risk Assessment & Risk Treatment
6. Implementing security systems by specifying intrusion detection methodologies and equipment; directing equipment and
software installation/calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining
keys; providing technical support; completing documentation
7. Result oriented individual with excellent problem solving and analytical skills
Certification:
Certified Information System Auditor (CISA)
Certified ISO 27001 Lead Auditor
ITIL certified
RHCE
