Providing information security consultancy support for o Business Continuity Planning, o Security Program Management, o Vulnerability Assessments & Penetration Testing, o Enterprise Risk and Compliance Management.

Manage and lead 24×7 Security Operations Center activities working to continually improve the level of automation and technical skills.Manage Security Operation Engineering Staff responsible for compliance, managed security services, SIEM, Log Management, , endpoint security, network monitoring, network security and security monitoring & networking securityOversee security vendor relationships and assess vendor solutions, representing the Security Operations group.Provide direction and oversight of operational activities of the IT and information security program portfolio, including prioritizing project workloads, providing project oversight, reviewing project status, taking corrective action, ensuring compliance with established processes, providing status and metrics to management and committees, and ensuring projects are delivered on-time and within scope.Prepare overall security plans and manage security operations services, including assignments and staffing.Access control reviews, Change Control Reviews & Policy Reviews.Review of technical architectural documents (Conceptual, Logical and Physical).Review of security design and end-state and redefine (if necessary), assessment based on best practices and identification of areas of improvement in design and implementation. Perform external and internal penetration tests, network vulnerability assessments to provide a comprehensive view of the clients` network weaknesses that are exposed to threats.Identify and review the various preventive, detective and reactive security controls techniques in place, the processes and operational procedures that are being implemented to meet the strategic goals of the business.Perform compliance audits, system reviews and physical risk environment assessments including gap analysis of policies and procedures. Conduct gap analysis against ISO 27001, ISO 22301 and PCI DSS requirements.

Technical risk assessment of infrastructure components (Perimeter, end points, network, etc)Access control reviews, Change control reviews, & Policy Reviews.Review of technical architectural documents (Conceptual, Logical and Physical)IT General Controls and Business Process Reviews Policy/ Procedure documentation design, review and compliance management.Responsible for RFP and RFI response. Providing Compliance Consulting w.r.t. organization's vision & mission.Conducting Risk assessments, Business Impact Analysis and IT systems recovery analysis.Performing disaster recovery/business continuity planning documentation, reviews and updates.Develop, implement and maintain the Project Management Plan including the configuration management, risk management, vendor/contract management and communication plans.Project Planning, Execution and Service Delivery.Quality review of deliverables.Active ownership of assigned elements of project.Provide consistent, visible, persuasive leadership to ensure strong individual and team motivation and productivity.Leading team in identifying, implementing and continually improving processes and procedures for accomplishing work.Represent the project team at client meetings. Obtain buy-in from senior management for all key project plans, commitments, and changes including requirements, quality assurance plans, and schedule and scope changes. Maintaining contact with decision makers and influencers in key customer organisations.Support retention and/or development of long term customers. Meeting SLAs for large and medium-size business transformation projects. Leading, mentoring & monitoring the performance of team members to ensure higher productivity & efficiency in process operations.

 Maintaining framework to ensure that information security policies, technologies and processes are aligned with the business regulations of the organization.  Identifying and implementing practices in security to enhance the operations of the organizations. Performing Penetration Testing, Vulnerability Assessments & Web Application Audits and taking the required counter actions and measurements to ensure the security of the IT infrastructure / systems.  Responsible for RFP and RFI response.  Analysis and documentation of network security requirements and define security policy for firewalls and other network control point devices (e.g. switches, VPN, routers, Wireless Access points, etc.) and for enterprise client and business critical servers.  Conducting Information System Security Audits, Third Party Security Audits w.r.t organization's IS / IT Policies, Best Practices / Standards / Compliance requirements Research, analyse, and recommend the implementation of software or hardware changes to rectify any infrastructure security deficiencies or to enhance security performance.  Designing and implementation of the disaster recovery plans for security of the systems, databases, networks, servers, and software applications.  Providing Compliance Consulting as per ISO 27001:2005 w.r.t. organization's vision & mission. Monitoring and managing security incidents in the organization, key member of Incident Response Team. Participated in Cert-In Empanelment process and ISO 27001:2005 Certification for the organisation. Conducting Risk assessments, Business impact analysis and IT systems recovery analysis. Performing disaster recovery/business continuity planning documentation, reviews and updates.

 Implemented McAfee End Point Security (McAfee ePO, VirusScan Enterprise, Antispyware, Site Advisor Enterprise Plus, Host Intrusion Prevention System), McAfee Vulnerability Management (Foundstone), McAfee NAC & McAfee Remediation Manager (Hercules) for Passport Seva (MEA) across multiple locations for 4500 workstations and 340 Windows, Linux and AIX servers.  Supervised in the implementation of Nessus Vulnerability Scanner for a leading telecom company across multiple locations. Deployed of McAfee products like EPO, Managed Antivirus, VirusScan Enterprise, DLP, Foundstone, Host IPS, Network IPS, Safeboot, etc in many large enterprises which includes BPOs, KPOs, Financial, Banking, Retail and Software sector. Implemented Data Protection Suite (Safend) in leading telecom company and many other large enterprises in Financial, Banking, Retail and Software sector. Deployment of Patch Management Solution (Shavlik) for many large Enterprises. Deployment of Fortigate and Juniper SSG series UTMs across different locations. Performed Vulnerability Assessment and OS hardening for a VAS provider of leading Telecom Company. Performed Penetration Testing for large enterprise.  Installed proof-of-concept systems and trained/supported end-users.  Performed security and network audits. Handling a project of Managed Security Services as escalation point, submission of reports, weekly discussion with client and continuous maintenance of SLA’s. Carried out pre-sales, RFP / RFI related activities. Performed due diligence, thus helping sales team in Identifying and tapping new customer, understanding their requirements and working towards business expansion; providing pre-sales support including customer presentations, demos & writing technical proposals.

 Installation & configuration of various OS, Applications, VPN, NAS, Exchange Server & FTP (Windows & Linux) Servers. Implementation, Configuration and Administration of Windows 2000/2003/NT & Linux Servers. Implementation, Configuration and Administration of File Server (Samba) and Mail Server (MS Exchange and Sendmail).  Virtualization of different server using XenServer and VMware. Backup and restoration of Virtualized environment. Ensure the compatibility of the hardware and software of the system by determining it.  Responsible for the evaluation and recommendation of the new hardware and software.  Assistance in resolution of hardware, software and system related issues.  Analyze performance of the system and ensure the performance objective and availability of the requirements. Configuration and Administration of DHCP and DNS servers. Implementation, Configuration and Administration of Routers, Switches. Installation, Up-Gradation & Migration of LAN. Network and IT Infrastructure Designing. Implementation, Configuration and Administration of Terminal Servers and Thin Clients.

 Managing of windows 2000 Networks and Novell NetWare. Configuration and Administration of DHCP and DNS servers. Supervised configuration of client server network on 500 machines on windows 2000. User creation and role delegation. Deployment of OS and security patches. Provided technical support to users of various departments & projects. Installation of various OS, Applications and Print Server. Troubleshooting of Network, NetWare, Windows, Linux Servers and Workstations. Implementation, Configuration and Administration of Routers, Switches. Implementation & Optimization of LAN.