Philip John

Philip John Email and Phone Number

Cyber Security & GRC Consultant
Philip John's Location
Pune, Maharashtra, India, India
About Philip John

An Information/Cyber Security/GRC professional with 31 years of diverse experience in Banking, Enterprise professional services (Information Security, Performance & Capacity Planning), Manufacturing/Trading/Contracting & Automotive industries. Has over 17 years of focused experience in Information Security/GRC domains - Enterprise IS/IT Security, Governance, Risk Management & Compliance. Combined technical knowledge with management skills, thought, open communication to bring significant value to the organizations. Has the ability to work in challenging environments effectively under broad direction/minimal supervision. Self-motivated and innovative. Has strong organizational, coordination, presentation, interpersonal communication and team building skills.SpecialtiesEnterprise IT/ Information Security, Governance, Risk Management and Compliance. Strategic definition/planning. Technology/Vendor reviews. IT/IS Project Management. Compliance with International Information Security Standards such as PCI-DSS, ISO/IEC 27001:2013 – Gap Assessment, Implementation and Audit.

Philip John's Current Company Details

Cyber Security & GRC Consultant
Philip John Work Experience Details
  • Alj
    Cyber Security/Grc Consultant
    Alj Jul 2012 - Sep 2017
    Jeddha, Ksa
    Information/Cyber Security/GRC Projects: Cyber Security Program Development Plan Project - ISO 27001-2013:Governance, Strategy, Roadmap, Policies, Processes, Procedures, Standards and Guidelines, Vulnerability Management, Email Gateway, Web Gateway, Intrusion Prevention System, Data Loss Prevention, SIEM, Endpoint and Server Protection - VSE, Datacenter, DR Projects, etc.
    View
  • Samba Bank
    Information Security Officer
    Samba Bank Oct 2009 - May 2012
    Riyadh
    • Enterprise Information Security, Governance, Compliance & Risk Management. • Handled regulatory compliance projects - 2FA, PCI-DSS Certification, migration to Version2 & re-certification. • ISO/IEC 27001 Re-certification. Information security reviews for change/new system / application / database / infrastructure components in IT infrastructure.• Information security review of Enterprise IT Operations. Review of Policy documents.• Source code review of infrastructure components, ISRP, Key Management & ESCROW. • Development of policies, standards and procedures.• Systems/server review - Oracle/Solaris and Windows.• Ethical Hack for Online Banking applications and Vulnerability Management.
    View
  • Bmc Software
    Principal Technical Support Analyst
    Bmc Software Nov 2006 - Dec 2008
    Pune Area, India
    Research based technical customer support on BMC® Performance Assurance® Suite of products dealing with Server System Performance and Capacity Management solution to ‘Fortune 100’ Customers within SLA. Comprising Perform Console, Agent, Analyze, Manager, Visualizer/Automator, Perceiver, Predict and Exception Detector for Distributed Systems (UNIX: Solaris - DSD, Container/Zones], AIX - HMC, LPAR, SPLPAR, DLPAR, HP-UX - nPAR, vPAR, Linux - (RedHat, SuSe), Windows, VMware) AS/400 (iSeries), Mainframe and Databases - Oracle/Oracle RAC, SQL Server, MS Access.
    View
  • Miel E-Security Pvt. Ltd.
    Tech Consultant - Infosec
    Miel E-Security Pvt. Ltd. Apr 2005 - Oct 2006
    Mumbai Area, India
    Information Security Audit: Current state assessment, Asset based risk assessment, Vulnerability assessment, Gap analysis based on BS 7799, ISO/IEC 27001 Standards.Risk Management: Review & formulation of IT security policies and procedures, Review and design of security architecture, OS hardening, patching and fixing.Information Security Projects (BS7799/ISO/IEC 27001)Project 1 – A leading Stock Exchange in India:• IT security policies and procedures formulation and implementation.• Designing and implementing the various records as supporting documents for the implemented procedures.• Review of Business Continuity & Disaster Recovery documentation and DR site inspection.• Internal Audits.• Execution of migration project: BS7799 to ISO/IEC 27001.• Assets identification and classification (AIC).• Risk Assessment - Threat & Vulnerability Analysis.• Risk Treatment/Mitigation. • Network security architecture report.• Preparation of Statement of Applicability (SOA).• Training - Senior and Middle Management, End users.• Closing of non-conformities, corrective and preventive actions.Project 2 – A premier Securities Company: GAP analysis, Risk Assessment, Security architecture review, Formulation of policies and procedures, Execution of migration project: BS7799 to ISO/IEC 27001.Project 3 – A Chemical Manufacturing Company: GAP analysis, Current state assessment, Security architecture review.
  • Bombay Stock Exchange Limited
    Iso 27001 Project Manager
    Bombay Stock Exchange Limited 2005 - 2006
    BS7799 Certification and Migration to ISO/IEC 27001 Certification:• Gap analysis based on BS7799 and ISO/IEC 27001 Standards,• Risk Management: Review & formulation of IT security policies and procedures, • Review and design of security architecture, OS hardening, patching and fixing,• Information security policies and procedures formulation and implementation,• Designing and implementing the various records as supporting documents for the implemented procedures,• Review of Business Continuity & Disaster Recovery documentation and DR site inspection,• Internal IS Audits (BS7799 & ISO 27001),• Execution of migration project: BS7799 to ISO/IEC 27001,• Assets identification and classification (AIC),• Risk Assessment - Threat & Vulnerability Analysis,• Risk Treatment/Mitigation, • Network security architecture report,• Preparation of Statement of Applicability (SOA),• Training - Senior and Middle Management, End users,• Coordination for the closure of non-conformities, corrective and preventive actions.
    View
  • Riyad Bank
    Information Systems Security Analyst
    Riyad Bank Dec 2001 - Dec 2004
    Riyadh, Saudi Arabia
    • Systems & Security Administration of SUN Enterprise, Cluster Systems in the e-Banking Infrastructure.• Development, enforcement of Policies, Procedures, Standards and Guidelines.• Security Administration and Monitoring.• Admin/monitoring of ISS Realsecure IDS/IPS & Cisco Secure Intrusion Detection System/Cisco Works.• Administration of RSA SecurID server.• Admin. & Monitoring of Websense, Clearswift MIMEsweeper, McAfee E-1000 Appliance. • Periodic Vulnerability Scanning of Servers, Network and Databases with ISS System Scanner, Internet Scanner, Database Scanner and E-eye Digital - Retina Scanner.• Monitoring and Administration of Consul Insight Security Manager.• Administration of iPlanet / SunONE Web / Proxy Server.• Coordination with Data Center- Operations, Technical Support, End User Support, Quality Assurance, Development and other Business units for the Administration, Implementation, Migration and Upgrade of various Software Projects, Patch Management, OS hardening and fixing known vulnerabilities.• Physical and environmental security review.• Security awareness campaign - user and management level.• Penetration testing & Vulnerability Assessment coordination Securioty Vendors. • Administration of CISCO PIX 525 and NetScreen (NS 5200) Enterprise HA Cluster firewalls.• Project Management: - Implementation/Migration of SunScreen Enterprise firewall to NetScreen.- Migration of ISS IDS/IPS to latest versions.- Implementation of Websense, Consul Insight Security Manager, SSL Accelerator and BMC® Patrol®.
    View

Philip John Skills

Iso 27001 Pci Dss Information Security Management Vulnerability Management Disaster Recovery Penetration Testing Security Architecture Design Dlp Networking It Grc Windows Server Linux Content Filtering Threat And Vulnerability Management Data Center It Audit Oracle/sun Solaris Ids/ips Performance And Capacity Management System Administration Unix Information Security

Philip John Education Details

Frequently Asked Questions about Philip John

What is Philip John's role at the current company?

Philip John's current role is Cyber Security & GRC Consultant.

What schools did Philip John attend?

Philip John attended Advanced Computing Training School (C-Dac/acts), Madras University.

What are some of Philip John's interests?

Philip John has interest in Human Rights, Children.

What skills is Philip John known for?

Philip John has skills like Iso 27001, Pci Dss, Information Security Management, Vulnerability Management, Disaster Recovery, Penetration Testing, Security Architecture Design, Dlp, Networking, It Grc, Windows Server, Linux.

Not the Philip John you were looking for?

View similar profiles

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.