Risk Identification and Assessment:Vendor Due DiligenceRisk Mitigation StrategiesContractual Risk ManagementMonitoring and ReportingWork Extensively on Cost-Effective Risk Control ModelsLiaison with Suppliers and Internal StakeholdersEnd-to-End Cyber Security Risk AssessmentsDevelopment and Implementation of Standards and ProcessesInterface Maintenance: Collaboration with various security processesAdditional Initiatives:Security Awareness TrainingCyber Security Capability Cataloguing Presentation (Descriptive & Infographic)People Management and Work Efficiency SupportInternal Strategies for Cyber Security Branding EnhancementSecurity Awareness Program DevelopmentAchievements:- Successfully implemented a centralized third-party risk management framework, resulting in enhanced visibility and control over vendor-related risks across the organization.- Developed program for implementation of automated on vendor risk assessment processes, resulting in improved efficiency and accuracy of risk assessments.- Established strong partnerships with cross-functional teams, including procurement, and cross Cyber teams, to ensure alignment and collaboration on third-party risk management initiatives.

Key Responsibilities:Liaison with Suppliers and Internal Stakeholders:Act as a primary point of contact for suppliers and internal stakeholders to gather relevant information and establish the level of cyber security risk associated with supplier relationships.Foster strong relationships with suppliers to facilitate open communication and collaboration on cyber security matters.End-to-End Cyber Security Risk Assessments:Conduct comprehensive cyber security risk assessments on suppliers, covering the entire supplier lifecycle from initial on-boarding, contract negotiations, ongoing monitoring, and end-of-service transitions.Develop risk reduction plans in collaboration with suppliers and track the implementation of risk mitigation measures to ensure effective risk management.Development and Implementation of Standards and Processes:Lead the development, implementation, and operation of relevant standards, processes, tools, and reports for managing supplier cyber security risks across Vodafone.Ensure alignment with industry best practices to enhance the effectiveness of cyber security risk management efforts.Support for Internal Stakeholders:Provide guidance and support to internal stakeholders within Vodafone to help them navigate the supplier security process, understand relevant policies, and interpret outputs from the process.Collaborate with cross-functional teams to integrate supplier cyber security processes into broader risk management frameworks and ensure consistency in risk assessment methodologies.

Conducting reviews of firewall connectivity rules across data centers to ensure compliance with network connectivity policy and manage exceptions effectively.

Conducting reviews of firewall connectivity rules across data centers to ensure compliance with network connectivity policy and manage exceptions effectively.

- Develops and manages the implementation of functional policies, systems, processes,procedures and controls covering all areas of the information security policies and procedures- Creates and publishes procedures, standards and guidelines for the implementation ofInformation Security policy in line with statutory guidelines and international standards.- Supervising the day-to-day operations of information security policies and procedures section to ensure that work processes are implemented as designed and comply with established policies, processes and procedures.- Ensures the confidentiality, integrity and availability of all Information Systems and Assets through valid, applicable and monitored application of Information Security practices.- Manages the effective and proactive identification of information security issues,concerns, threats and vulnerabilities in the current environment in order to ensure the security of existing systems- Manages the development and review of information system reports and security exploitreports in order to recommend and implement precautionary measures.- Ensures effective coordination and communication with all internal as well as client and external entities (such as vendors, suppliers, auditors, service providers etc) with highest standards of business ethics, in-order to ensure the services required by the organization are delivered in the most effective manner.- Supervises the activities and work of subordinates by providing formal and informal feedback to ensure that all work within the information security policies and procedures section is carried out in an efficient manner and in accordance with set individual targets.- Performs other ISMS related duties or assignments as directed.

Server Management- Server Security. Managing Anti-virus, Mail Gateway, Proxy Server.Strategic Consulting including Risk Analysis, Vulnerability Analysis, QEV, CBN & Priv. management. SOX Audit, Central endpoint protection and updates (WSUS), Patch Management (implementation & planning), Managing central content filtering, Managing AD RMS & ADFS, GPO, KM and SOP validation including creation and versions.