Oversee IT strategy, execution, and project leadership for a prominent financial organization, ensuring top-tier planning, development, and deployment.Propel the client's goals forward by implementing a cybersecurity controls risk assessment framework that aligns with regulatory requirements.Elevate the client's cybersecurity posture through the development of standards, procedures, and controls, alongside process automation and continual enhancements.Enact governance, risk, and compliance measures to automate and persistently oversee information security controls, highlighting exceptions, risks, and evaluation processes. Craft and maintain reporting metrics, dashboards, and evidence artifacts.Regularly update security controls and provide comprehensive support to all stakeholders regarding security measures, focusing on internal evaluations.Conduct thorough assessments of both internal and external information security risks, addressing incidents, scans, and patch management.Offer relentless technical support and manage escalations regarding security issues via Everbridge.

Defined, developed, and operationalized 7 security metrics while employing classified systems to help protect data on running devices• Implemented security best practices in AWS including multi-factor authentication, access key rotation, role-based permissions, encryption using KMS, enforced strong policy, configured security groups and NACLs, S3 bucket policies and ACLs, mitigating DDoS attacks etc.• Generated Certificate Signing Request (CSR), create private key files and requested SSL certificate from Entrust. Imported SSL encryptions keys into AWS Certificate Manager (ACM), and configured application load balancer for it.• Implemented secure key and certificate management: Store encryption keys and certificates securely and rotate them at appropriate time intervals while applying strict access control; for example, by using a certificate management service, such as AWS Certificate Manager (ACM). Defined, developed, and operationalized 7 security metrics while employing classified systems to help protect data on running devices.• Monitored open source and commercial threat intelligence for Indication of Compromise (IOC), new vulnerabilities, software weaknesses and other attacker Techniques and tactics procedures (TTP). • Monitored alerts from the SIEM tools and responded with analysis of the triggered alerts.• Investigated emails and attachments to identify the presence of any phishing or malware attack and to prevent the loss of sensitive data.• Examined alerts from various security monitoring tools, identified potential risks, such as virus and malware attacks, and hacking.• Monitored, investigated, and reported incidents of suspicious activity from the monitoring center.• Analyzed security breaches to determine the root cause of problems.• Monitored identity and access management as well as monitoring for abuse of permissions

Monitoring alerts from the SIEM tools and responding with analysis of the triggered alerts.• Performed S3 bucket creation, access policies, and archive outdated data to Glacier through the Lifecycle policy configuration.• Knowledge of PCI-DSS Compliance requirements related to credit cards. Working knowledge of security tools such as firewalls, IDS/IPS, anti-spam, content management, server and network device hardening.• Performed evaluation testing on enterprise intrusion detection systems and prevention systems (IDS/IPS) such as McAfeeMonitoring alerts from the SIEM tools and responding with analysis of the triggered alerts.• Knowledge of PCI-DSS Compliance requirements related to credit cards. Working knowledge of security tools such as firewalls, IDS/IPS, anti-spam, content management, server, and network device hardening.• Performed evaluation testing on enterprise intrusion detection systems and prevention systems (IDS/IPS) such as McAfee.• Developed and supported the patch and vulnerability management process for Systems and Service Desk.• Observed and helped reduced IT and information security risk across people, processes, and technologies.• Performed risk assessment before systems go live and conduct periodic security check on live systems.• Stay up-to-date with security vulnerabilities and remediation steps.