In my role as Chief Information Security Officer at Elecon Group , I spearhead the development and enforcement of Information security to safeguard business critical data. By leading strategic discussions on cybersecurity, I ensure organizational compliance with regulations and legislation align with the business requirements. while also educating leaders on the importance of cybersecurity to enhance our overall cyber strategy.

A team of cybersecurity professionals implemented advanced information security programs using cutting-edge technologies and methodologies to identify vulnerabilities and mitigate risks in a dynamic digital landscape, aligning with typical CISO responsibilities.• Implemented and achieved certification for PCI DSS and ISO 27001, establishing a robust Information Security Management System (ISMS) to ensure compliance with industry standards.• Managed the strategic migration of data centres from AWS to GCP, enhancing cyber resilience and meeting System Audit Report (SAR) requirements for improved security posture.• Ensured alignment with Indian regulatory requirements, including SEBI guidelines across all exchanges and RBI regulations for Non-Banking Financial Companies (NBFCs), achieving comprehensive regulatory compliance and risk management.• Designed and enforced a Third-Party Risk Management program, integrating IT and Information Security initiatives to manage and mitigate third-party risks effectively.• Led comprehensive Application Security initiatives, including Vulnerability Assessment and Penetration Testing (VAPT) and web Application Penetration Testing (WAPT), and managed Security Operations Centre (SOC) and Security Information and Event Management (SIEM) operations.• Directed InfoSec Operations, establishing protocols for Data Privacy, Cookie Consent, and compliance with Personally Identifiable Information (PII) under Digital Personal Data Protection (DPDP) standards.• Oversaw IT and Information Security operations, ensuring continuous protection and risk management of organizational assets through effective Application Security, SOC, SIEM, and general InfoSec practices.Achievements:• Successfully transitioned data centre with zero downtime and enhanced security postures.• I am proud to be recognized for my exceptional leadership by demonstrating the best practices in efficiency and cost-effectiveness.

Directed the company's information security strategies and compliance initiatives, achieving key certifications and strengthening data privacy measures.• Managed PCI DSS, ISO 27001, and SOC2 Type2 compliance processes.• Orchestrated Information Security Operations and adhered to ISO/IEC 27018 standards for cloud privacy.• Designed and enforced a Third-Party Risk Management program.• Attained ISO/IEC 27018 certification, ensuring robust protection for personal data in the cloud.• Implemented comprehensive data privacy practices, including cookie consent management and Personally Identifiable Information (PII) protection, aligning with industry standards and enhancing user trust.Achievements:• Achieved critical security certifications including PCI DSS, ISO 27001, and SOC2 Type2, significantly elevating the company's compliance and security standards.

Spearheaded the establishment and global implementation of comprehensive information security initiatives, ensuring robust protection and compliance across the organization.• Launched and successfully executed foundational information security initiatives from the ground up, establishing a secure global organization. • Have successfully established and effectively lead a 24x7 Security Operations Centre (SOC) to safeguard our operations across the organization with a strong emphasis on proactive threat detection and rapid incident response. • Have established and implemented comprehensive policies in safeguarding organizational assets and data integrity. By meticulously creating and enforcing policies for Physical & Environmental Security, Change Management, Incident Management, Patch Management, Vulnerability Management, and Backup & Restoration Procedures, organization have strengthened their defences against potential threats and ensure operational sustainability. • By proactively strategized and implemented robust BCP and DR measures align with ISO 22301 BCMS, have effectively mitigated risks, minimized potential disruptions, and maintained uninterrupted business operations during unforeseen events.• Overseeing of Customer contractual requirement align with business demands. Additionally, was perform Third Party Risk Management (vendor due-diligence) • Have conducted ISMS internal audit quarterly specifically tailored for overseeing IT and Information Security controls to proactively identify and address any vulnerabilities or compliance gaps, ensuring that our systems and data remain protected against potential threats. Achievements:• Launched the company's first-ever comprehensive Information Security program, significantly reducing potential security incidents.• Achieved compliance with GDPR, Data Privacy, ISO 27001, ISO 22301 BCMS, Cyber Essentials, HiTrust, and SOC standards, reinforcing stakeholder trust and credibility

Led IT infrastructure modernization and optimization, implemented robust security measures, and managed global IT operations to support business goals.• Spearheading the implementation of Server Virtualizations in VMware 5.5, IDC Core infrastructure upgradation and involved in IT recruitment, team lead, 3rd Party IT Service Management & Vendor Management, etc.• Prepared and adhered to Annual Operation Plans for IT, focusing on infrastructure and software upgrades. • Managed IT cost and resource optimization. Overseeing & implementing operating plans and performance measures that align and integrate the cybersecurity program with corporate strategy and business goals.• Established and maintained Information Security mission, goals, and strategic objectives, developing annual and long-term plans to address emerging needs.• Developed a preventive intelligence security strategy to address the dynamic targeted threats to organization digital assets.• Delivers analytical reports to senior leadership to reflect efficiency measures of the cybersecurity program, trends, and leading indicators of risk. Reports actual results against budget and feasibility of proposed cybersecurity strategies.• Deploying IT Policies & Procedures and taking ownership of all IT Security threats and issues for Dimexon Group globally along with identifying security vulnerability in the systems and propose solutions.• Conducting periodical internal security audit in coordination with outsourcing IT Security Company E & Y.• Working with applications team on security projects related to applications.Achievement• Efficiently managed Data Centre at Mumbai with 30+ Servers inclusive SAP AIX Servers• Handling 1000+ end users for IT Infrastructure onsite/virtual support across the group.• Functioned as IT Infrastructure Head for locations in India, China, Hong Kong, UAE, and Belgium• Implemented and maintained “Information Security Management System” as per ISO 27001:2005 standard.

Hiral steered the set-up and administration of IT/ Network (WAN, LAN, Firewalls, DMZ) Infrastructure comprising of 250 systems with more than 5 Higher End Servers.

Hiral handled complete IT infrastructure Operations in the company and provided troubleshooting support to all end users. Administered installation, configuration as well as management of Network Servers HP ProLiant DL 380 G7.

IT Manager

IT Infrastructure & Operations

IT Officer in Vadodara Office

IT Administrator, FoxPro Programmer, Data Processing, IT Support & Services