Cloud Cyber Security
Cyber Security & Data Protection Resource
Summary

A cybersecurity expert hired from PeoplActive hold good years of experience and hands-on experience in IT infrastructure design, Cyber Security and Technical Implementation, Information security, Industry-specific compliance implementation, and maintenance. Our IT security professionals stay up to date with the latest tactics to secure the data from any threat.

  • Have 17+ years of work experience in the IT Infrastructure Design, Cyber Security and Technical Implementation, Information security, Industry specific compliance implementation and maintenance, project management experience.
  • Played various roles such as Support engineer, Senior network engineer, Consulting, IT security manager, Enterprise security architect, Team lead and Project manager.
  • Have worked for various Industries such as Banking, Logistics, and IT
  • Good Technical understanding and exposure to IT networking and Infrastructure.
  • Developing, Implementation, and Maintenance of ISMS(ISO-27K), Payment Card Industry Standards (PCI-DSS) Implementations and Maintenance, PCI-CP, SAMA Cyber security assessments, GDPR, SOX, DPA, Hippa, NIST cybersecurity framework etc.
  • Implementation experience of IT security and Information security projects which includes project planning (prepare business cases, RFPs, RFQ, SOW, Project plan, Project communications, Stakeholder communication, Project Budgeting, Resource planning, Business requirement gathering, Internal Signoffs, Project closure etc.)
  • Project Implementation of CyberArk Privilege Access Management (PAM), Data classification, Firewall solution.
  • Industry experience: Financial, Banking, IT and ISP
Technical Skills

Developing, Implementation, and Maintenance of ISMS(ISO-27K), Payment Card Industry Standards (PCI-DSS) Implementations and Maintenance, PCI-CP, SAMA Cyber security assessments, GDPR, SOX, DPA, Hippa, NIST cybersecurity framework etc.

Implementation experience of IT security and Information security projects which includes project planning (prepare business cases, RFPs, RFQ, SOW, Project plan, Project communications, Stakeholder communication, Project Budgeting, Resource planning, Business requirement gathering, Internal Signoffs, Project closure etc.)

Project Implementation of CyberArk Privilege Access Management (PAM), Data classification, Firewall solution.

Managed PCI-DSS certification for one of the Largest Bank (For Acquiring) in UAE, and assisted them in achieving PCI-DSS V3.2 Certification (2016-17,2017-18).

Certified Payment card industry PCI-ISA (Internal security Assessor).

Certified ISO Lead Auditor (Certificate No-TUVSA/2018/PC24/0004/0020/0002).

Certified in Prince2 Foundation in Project Management (GR656166399VP).

Certified Prince 2 Practitioner in Project management (GR657074929VP).

Certified CCNA (Cisco Certified Network Associate) and CCNP (Cisco Certified Network Professional) & CCIE(W) (Cisco Certified Internet Expert Written in R&S).

Assessed, managed, and implemented PCI-DSS v3.0 standards for one of the leading global bank and successfully achieved PCI-DSS v 3.0 certification Lead the ISO 27001:2013 ISMS implementation, Attained ISO certification for Netsentries Operations.

Handled PCI-DSS compliance, technical implementation, certification and maintenance related projects for various banking and financial institutions.

Develop Information security policies for the organization based on the business operations, implemented technology in alignment with industry best practices and standards (ISO, PCI, HIPPA, DPA, GDPR, etc).

Develop technical audit standards for the IT infrastructure, develop, execute and maintain technical audit plan at enterprise wide.

Performed complex IT Risk Assessments, Vulnerability Assessments, Entity Level Controls Assessments, IT Infrastructure Audits, Business Continuity Planning, Technology Risk Management

Perform Technical Configuration reviews for various security devices such as Firewalls (Cisco, Paloalto, Juniper, Cyberoam, Stonegate and Fortigate), IPS, Load balancer.

Manage compliance projects(GDPR and PCI) remotely for Clients.

Professional Experience
Cyber security & Threat Management
Netsentries, Dubai
  • Perform Security Architecture Reviews.
  • Implementation of ISO and related practices with in organization which includes developing project plans, resource planning, develop milestone and activity planner, handle stakeholder communication for project updates, policy & procedure development, develop internal audit program, and involvement with external auditors for ISO certification.
  • Manage security testing projects for different customers, perform Threat modelling reviews for RPAs, Generate reports.
  • Manage compliance projects(GDPR and PCI) remotely for Clients.
IT security and Compliance (PCI-DSS)- Oman Arab Bank
LCC Muscat, Oman (Unit of TECH MAHINDRA Company)
  • Develop RFPs(Identity and Access management, Data classification, Data leakage and prevention, Privilege access management), SoW, Project plan, Project Charter, Business case for the IT projects. Manage entire project lifecycle for the IT Security.
  • Manage vendors assigned for different projects.
  • Currently Handling IT security projects related to NAC Implementation, DR security Solutions, MFT implementation, CyberArk PAM (privilege access management), VDI Implementation, Data classification, PCI-DSS etc.
  • Communicate with all the internal stakeholders, Develop management presentation on the project status.
  • Document all the project risks related to people, process, and technology.
  • Implementation of Cyberark PAM solution(CPM, PSM, PVWA, Vault) in the bank which includes development of detailed project plan, sow, work with vendors on RFP, perform technology evaluation, estimate licenses, estimate resource requirements, perform budgeting, PR preparation, develop project implementation roadmap, stakeholder management, liaising with various internal teams, vendor co-ordination, risk management, raise CR for any project deviation, development of operating model(governance and related documentation), addressing technical challenges, provide technical solution, handle technical issues, configuring safes, account management, password management, and workflow management.
SAMA Cyber Security Assessment
Tag technologies (Netsentries, LLC), Dubai
  • Lead and performed Gap Assessment based on Cyber security for one financial company operating in middle eastern region.
  • Liaised and provided internal teams with gap report and road map for the end to end implementation of SAMA cyber security framework.
  • Provided cost estimates for the technology and resources.
  • Developed Audit requirements for the various control domains outlined in the SAMA cyber security framework.
  • Development of cyber security charter, policies and documentation.
  • Communicate the policies to the internal teams and obtain necessary signoff.
PCI-DSS Certification Project (2016-17,2017-18)
  • Assisted Internal teams in understanding, gathering PCI-DSS related evidences for achieving PCI-DSS certification.
  • Performed Configuration and rule set reviews for the network and security devices.
  • Compiled PCI-DSS Gap assessment(Not limited to policies, technology, applications, risk management, information security, monitoring, VA and PT etc) for having an understanding of the current state of infrastructure in terms of PCI-Compliance.
  • Ensured identified Gaps are properly addressed to achieve PCI-DSS certification.
  • Liaise with business teams in understanding the business model and operations, deployed supporting payment applications (For eg. CSFi,Prime etc),payment infrastructure, ATMs, PoS.
  • Liaise with support teams to prepare data flow designs based on the business operations, ensure the CHD is handled in a secure manner(to meet the intent of PCI requirements).
  • Liaise with Internal teams to verify and ensure various database tables holding CHD information properly masked and encrypted with proper access controls implemented.
  • Perform risk assessment for the acquiring business.
  • Prepare LLD and HLD for the network infrastructure.
  • Perform merchant assessments against the appropriate PCI-SAQ and provide the report.
  • Conduct PCI related trainings and maintenance calendar and schedules.
  • Conduct mock audit, and spot audits to ensure the increase the PCI awareness among the teams.
  • Perform detailed analysis on the usage of SSL(which are weaker) and report with mitigation measures.
  • Assist teams during the external pre-audit, audit, and post audit for the certification.
Assessment projects
  • Perform IT GAP assessments (related to security compliance, industry standards etc), and provide necessary technical recommendations.
  • Perform configuration reviews for the firewalls, routers, switches based on industry best practices and provide the report with mitigation and recommendation.
  • Communicate the project requirement (Vulnerability assessment and Penetration tests) from the clients to the internal teams (both offshore and onsite).
  • Prepare the schedules, resource allocation for the assessment projects.
  • Review and finalize the VA and PT reports.
  • Obtain the necessary the signoff for the projects.
GRC Practice Lead
  • Handle Compliance projects pertaining to PCI-DSS, ISO-27001
  • Assist internal teams in Building Project Plans, SoW, RFP, Business Plans,Compliance Deliverables, Perform and Review Vulnerability Assessments and penetration tests, Security Road Maps etc
  • Building IPs for the organisation
  • Perform technical reviews of the clients Infrastructure, Identify the GAPs and provide recommendations
  • Provide assistance in End-to-End Implementation of ISO standards, PCI-DSS standards .
  • Identify the IT security risks in various applications, systems and networks and recommend the practical solutions for fixing the security related issues.
  • Identify the gaps relating to ISO 27001 compliance
  • Review and Approve the Different Network Infrastructure Design architectures and recommend better security for the offshore project implementations
  • Perform Technical Configuration reviews for various security devices such as Firewalls (Cisco,Paloalto,Juniper,Cyberoam,Stonegate and Fortigate),IPS.
  • Review of End point security includes recommendations, vendor consolidation, products review
  • Create, Review Information Security Policies and recommend best practices to various stakeholders
  • Risk assessments for the new technologies will be carried out and the identified risks will be brought to logical closure
  • Conduct Training to the Internal technical teams on latest security trends.
  • Facilitate the PCI-QSA (External Auditors) for the certification and brief them on the Information Security policies, standards.
  • Perform the VAPT and prepare remediation report and recommend the necessary compensating controls.
  • Provide Assistance in building SoC , Good experience in SIEM products such as Splunk.
  • Prepare Necessary documentation and process for Implementing SOC, Incident reporting (Daily, weekly and monthly), Incident Response flows.
Information Security Group
Security Architect
Tech Mahindra India Ltd
  • Manage the team of security, network engineers to identify the IT security risks in various applications, systems and networks and recommend the practical solutions for fixing the security related issues.
  • Identify the gaps or deficiencies relating to ISO 27001 Audits will be done as per cycle
  • Review and Approve the Different Network Infrastructure Design architectures and recommend better security for the offshore project implementations
  • Prepare a detailed audit plans and sampling mechanism for the audits
  • Prepare Infrastructure Standards and checklists for the audits
  • Create, Review Information Security Policies and recommend best practices to various stakeholders
  • Conduct Information security audits for the offshore projects, Technical infrastructure on a quarterly and submit reports.
  • Risk assessments for the new technologies will be carried out and the identified risks will be brought to logical closure
  • Assist and Liaise with Internal stakeholders for any project based Information security standards (PCI-DSS,SSAE, CoBIT etc) requirement
  • Client visits and management for audit purpose
  • Assist External Auditors and brief them on the Organisation or project specific Information Security policies, standards.
  • Conduct Training to the Internal technical teams on latest technologies, Cyber security, Defence against DDoS etc
  • Manage Security Incidents.
  • Involvement in Techncial DR drills.
  • Involvement in new role outs SIEM, Webex etc.
  • Prepare audit checklists for the infrastructure components such as checkpoint firewall, ASA firewalls, Network routers,switches,IPS,Proxy(websense),Loadbalancers,Windows(AD,DNS,DHCPetc), Unix, Exchange, Sharepoint, Lync etc
  • Manage the VAPT teams and prepare vulnerability threat heat maps to derive the overall IT security posture for the organisation and recommend the necessary Security.
PCI DSS Assessment
Security Consultant
Scope International Pvt Ltd
  • Role involves assessing the credit card and debit card applications, infrastructure, and making the infrastructure PCI-COMPLIANT.
  • Prepare project plan for performing the PCI-DSS assessment.
  • Liaise with Internal stakeholders and brief them on PCI-DSS requirements, update regularly to the CTO on the progress of PCI Certification.
  • Facilitate the PCI-QSA (External Auditors) for the certification and brief them on the Information Security policies, standards.
  • Assist and gather Information pertaining to the Cardholder Environment.
  • Analyse the information as per the PCI requirements and suggest the people across various teams in building a more secure Card Holder Environment and Infrastructure. Assist the various technical teams in decoding and to implement the technical controls to meet the PCI-DSS standards.
  • Prepare PCI reports for various stakeholders.
  • Built a team of PCI-DSS Internal Security Assessors who monitor the PCI compliance for the Bank on a annual basis.
PCI DSS Compliance Strategic Refresh
Lead Consultant
Capgemini India Pvt Ltd
Client: TransUnion, USA
  • Environment Cisco 2900,2600,3900,3750,ASR,4500,6500,7200,Nexus 5020,Cisco ASA,PIX,ARCLogger,CA Tool,Infloblox,Paritra,F5,ITIL standards
  • To make the Network PCI-DSS Compliant by following the best practices available in the IT industry
  • Understand the network related PCI requirements, Design the network with optimal solution and implement accordingly the respective changes in the network.
  • Involves configuring the ASA firewall (Object groups, Contexts, Nat, ACL’s) in the production test and development environments.
  • Establishing Connectivity between Cisco distribution switches (6500) access switches (3700, 2900) and Nexus 5K Switches (Vlans, Portchannels, FCoE).
  • Modify and perform configuration changes for all the network devices(Cisco switches, routers, Load balancers, firewalls etc) which are be part of the migration activities.
  • To work closely with onsite team for successful implementation of PCI flows connects in the network devices.
  • To co-ordinate with the respective stakeholders and to update them on the environment changes.
  • To prepare and review the documents for standardization.
  • Document Control, Configuration Management, and Asset management.
  • Preparing the security documents related the data network access which involves implementation encryption, using ssh,https(via ssl),AAA, hashing mechanisms,authentication methods(radius,tacacs),3des,aes etc.
  • Process and implement change requests for deployments, enhancements, Attending escalations, prepare root cause analysis (RCA) for major incidents / problems.
  • Incident, change and problem management using CA unicenter Tool.
  • Providing the technical assistance for the issues pertaining to the network.
  • Distributing the tickets/logs to the team members and help the team to resolve the issues.
  • Co-ordinate with teams to provide the support and meet the project timelines within the stipulated time.
  • Resource planning as per the requirement and conducting interviews being part of the interview panel.
  • Preparing the KPI for the team members.
  • Organizing Technical training.
NIS France Support Team
Senior Consultant
Client: DC services Clients
  • Environment: Cisco 2900,2600,3900,3750 ,6500 ,Cisco ASA,PIX,BMC remedy,EARS,F5-Big IP, Cacti, Kiwi syslog server,IPAM.
  • As senior consultant have assisted the Monitoring and managing the incident, problem, change management queues for the customers of Capgemini who has availed DC services.
  • Roles include report generation based on the service requests worked upon by the team members for all the customers in a weekly basis.
  • The volume of Service requests usually varies from 20 to 150 in a week’s period based on the criticality.
  • Tools used are BMC remedy ITSM and EARS for the requests, the requests usually gets generated from the customer calling the Service desk and from the monitoring tools such as HPOV.
  • Providing the necessary technical support to the customer based on the Service Request.
  • Preparing the KPI for the team members.
  • Organizing Technical training.
Cloud (Infrastructure as a Service)
Senior Consultant (CoE)
Client: IaaS transition team
  • Environment Cisco Nexus 5020,Cisco 6500,Cisco ASA Module,Cisco 2960
  • Cloud CoE is a team which supports the back end operations in building the cloud(IaaS) for the Capgemini Customers. Cloud Team supports the onsite team in successfully administering the Cloud. As a part of the network team my role was to understand the network and preparing the connectivity diagrams and documenting all the necessary information related to the network devices and configurations. Providing the support to the team in network change related activities.
  • Identifying the areas in the network which needs improvement by working with the global teams.
  • Carrying out the network related activities like network changes in the cloud in liaison with the other teams.
  • Preparing standards in the accessing the cloud and implementing them by adhering the best practices.
  • Network related test activities for the availability and redundancy.
  • Check the interface and log information on the devices for which the access was provided.
  • Documenting the Hardware information (Cisco devices) and their features.
  • Providing information and suggestions on hardening and securing(by implementing encryption,authentication,authorization,hashing mechanisms, keying methods and certificates and licenses) the network devices.
  • Prepared a security governance model for the cloud and auditing information related to the
  • Providing the necessary actions in how to carry out the up gradation of IOS in the Network devices and documenting the same.
  • Necessary change related activities as required to change the configuration in the network devices by briefing the change and its implications.
  • Roles include providing the network related support to the internal teams.
  • Extending the support in carrying out network related activities like testing, changes, and planned outages.
  • Creating necessary firewall rules and making the network environment ready for the cloud customers.
  • Support provided based on the Service requests raised by the customers once the service was handed over to the customer.
  • Service requests usually incidents and change requests are raised by our service desk in BMC ITSM tool which is in turn assigned as a ticket to us.
  • Based on the criticality and priority requests will be worked upon.
  • Monitoring of the network devices( approximately 30 devices) is handled by our centralized Network Team.
  • Preparing a weekly report on number service requests worked upon which details about the customer, issue, priority, resolution time, solution provided, and feedback.
Secondary Roles
  • Preparing the documentation on the existing hardware in the Cloud.
  • Working in liaison with the internal teams and customers in provisioning the VM’s in cloud.
  • Documenting the customer related technical information for eg, configuration information, requirements, new changes etc.
  • Providing the network related trainings to the internal teams.
  • Suggesting the new features and technologies.
  • Carrying out security related work which actually identifies the security issues in the Individual domains of the cloud.
  • Working on security, management's functions involve determining objectives, scope, policies, priorities, and strategies.
  • Knowledge Enhancement in other technical domains (Storage, OS, VMWAREetc) working with teams.
  • Attended PCI-DSS security internal training, CISSP training.
  • Self-learning via Mylearning and by attending Internal training.
NCE
Cisco CA
Cisco Systems, Bangalore
Client: Multiple (US enterprise)
  • Environment Cisco router series and switch series
  • As a network consultation engineer, I will be responsible for analyzing the bugs found in various Cisco IOS (SXH, SXF, SB, etc) and their impact on the Customer networks.
  • We create a project if the customer requests for a change in IOS in his network with the help of customized tools such as RAT, JIRA.
  • Based on the Technical information provided by the customer our tools will pick up the relevant bugs which will impact the respective IOS.
  • And we analyze and comment on each and every bug and its impact (for eg; CPU hogs, memory leaks, crashes) on the Customer network and the trigger.
  • Once the analysis is completed we will generate a report which will have the list of major impacting bugs.
  • We will discuss on the same with the Customer.
  • We will do the quality check for each project which will be delivered.
  • I will be responsible in writing the information about each bug(Issue) which is pulled from the tools, we do the impact analysis of the issue on the customer network and the cisco hardware.
  • Based on the requests from the customers on IOS we will internally team up for completing the project and deliver it within the timelines.
  • For every customer there will be a spoc who will act responsible for the analysis and do the thorough check of the issues(Bugs) which are analysed by team.
  • I have taken up my CCIE in routing and switching written exam as apart of knowledge enhancement program in cisco.
  • I have provided internal trainings with in the team.
Senior Consultant
Design and Support Team
Hughes Communications India Ltd, Bangalore
Client: Multiple
  • Environment: Cisco router,switches,Vsats,Firewalls
  • Job Responsibility involves Implementation and maintenance of networks.
  • Designing the networks by understanding the customer needs and requirements, and proposing cost effective solutions for building the Infrastructure.
  • Support for the Clientele based in Bangalore, Chennai, Hyderabad. Customers include Banking sector.
  • Designed a point to point connectivity for one of the leading institute in Clinical research.
  • Vendor interaction on the clients issues and resolving the same.
  • Worked on Vsats which are Hughes proprietary.
  • Worked on Cisco router series of 2600, 1700 ,3600,7200.
  • Hands-on experience on configuring Frame-relay and ISDN networks.
  • Troubleshooting various issues related to LAN, Vsats, WAN, ISDN issues, etc.
  • Troubleshooting Routing protocol (OSPF and EIGRP) issues.
  • To Document the customer network (i.e. IP address details, troubleshooting network related issues).
  • Working experience on firewalls such as ASA,Cyberoam and Fortigate.
  • Designed a wireless solution for a leading hotel.
Technical Support engineer
Support Team
Progeon (Infosys company),Bangalore
Client: Ingram Micro , Alcoa, UBS
  • Environment: Cisco 3750, Cisco 2900, Cisco Pix, Symantec IDS, Packeteer, Windows 2003 server, Windows XP
  • Job role involves Maintenance of Windows 2003 and Windows Xp network of around 500 Nodes, Daily back up, and Health check, Installation of patches and updates, printer issues.
  • Configured the Avaya voice phones.
  • Worked on 3750 switches.
  • Implemented Voice Vlans with Qos for the voice traffic.
  • Implemented Etherchannels with Pagp in our Local Area Network.
  • Implemented Symantec IDS in the network with the respective configuration changes on one of the core switches.
  • Coordination with PTT and ISP if there is a major Network issues in the Wan.
  • Implemented WSUS for the windows updates and EPO for the Antivirus updates.
  • Implemented VPN’s based on IPSEC/IKE
Network Engineer
Field Support Team
Tulip IT Services, Bangalore
Client: Orange(FormerlyEquant),Exel India,maersk logistics,HDFC bank
  • Environment: Cisco Routers and switches,ISDN Links,frame-relay,Packeteer,Mux,Nortel passports.
  • Integration and maintenance of network devices in WAN and LAN consisting of 3750 And 2950 series of switches, Cisco routers, and modems.
  • Actively involved in setting up the connectivity for BPL India ltd across various Locations in India. Configured Ospf.
  • Configured ISDN as the backup for the BPL project.
  • Installation of routers at the customer premises. Worked on 1700,2600, 3600, 3725, 3745 series of routers.
  • Troubleshooting various network related issues.
  • Upgrading IOS and Firmware’s in Routers.
  • Handling the customer calls of EQUANT, Bangalore.
  • Involved in migration of frame-relay to ATM circuits.
  • Configured Vlans and ether channels (Pagp) on 3750 switches.
  • Implementing and Maintaining E1 lines.
  • Maintenance of Entire Network of external clients and supporting their infrastructure which has connectivity spanned across India with Eigrp as the core routing protocol and ISDN as the backup for the main site located in Bangalore
  • Installation of packeteer at the customer premises.
  • Knowledge of Channelised E1’s, ISDN, frame-relay, ATM, Implementation of policy based Routing, access-lists, route maps, crypto maps, AAA. Implementation of quality of service in the network.
  • Involved in testing voice via ATM circuits.
  • Worked on Layer1 and up gradation of firmware on the Nortel’s high end switches known as Passports.
  • Coordination with PTT and ISP if there is a major Network issues in the Wan.
System engineer
Support Team
Compudyne Winfo systems, Bangalore
Client: Multiple
  • Environment: Cisco switches,and PC troubleshooting
  • To troubleshoot issues related to PC hardware and software, and replacement of components in case of any failure.
  • Job Role involves maintenance of Local Area Network.
  • Worked on Windows 2000 network, which comprises around 250 nodes, with a DNS Server and DHCP Server.
  • Implemented VLANs, using Cisco Catalyst 2900 and Catalyst 1900 Switches.
  • Creation of user ids and giving permissions.
  • Configuration and Servicing of Network printers.