Promote the protection of the confidentiality, integrity, and availability of critical information resources. Provide guidance on and assess compliance to industry and customer security requirements. Evaluate environment to recommend appropriate security policies. Partner with IT and business units to evaluate and treat information security risks. Assess and communicate compliance to industry and customer standards. Use security knowledge to identify appropriate security controls for information technology projects and services Perform testing to provide evidence of security controls to internal and external audit Provide customer-consumable information regarding security policies and posture

GLOBAL VULNERABILTY MANAGEMET AND REMEDIATION PROGRAM -Driving the Global Vulnerability Management Program which includes large number of EMC acquired companies from the Vulnerability Scanner evaluation to remediation of Vulnerabilities with high cross functional collaborative. The variants in performing the Vulnerability Scans are Global EMC2 Data Centers, DMZ, Desktops, Pre-Production Servers and Virtual Data Centers. Demonstrating high level of vulnerability analysis by Criticality, Exploitation of vulnerabilities and Business impact on the organization which projects technical mastery.Recommending patches to internal teams according to the vulnerabilities found in the scans. Design the workflows that were followed by internal teams for patching the vulnerabilities in the servers. Performing root cause analysis when we found any unscheduled outages during the patching. BUSINESS SECURITY ENABLEMENT -Business security analyst for enabling and supporting remediation of information security risk across APJ.• Enhance High-Value Asset Security - Identify, assess, and secure high-value assets through collaboration with EMC’s businesses• Promote Business Ownership of Security - Enable each EMC business to better understand and take ownership of their risks and security responsibilities.• Drive Remediation of Information Security Risk Identified – Enable and Support Business for remediation of Information Security Risk identified.• Drive Sensitive Data Protection (SDP) - Develop controls, processes and education around identification and protection of sensitive data at EMC• Mature Information Security Governance in line with Global policy.• Employ Controls Framework and Reporting.

1. Identity Assurance & Lifecycle Management: Objective of the project is to manage the account lifecycle for all vendors and contractors. Assist in review for Sarbanes-Oxley (SOX) compliance. Conduct periodic checks for non-compliance to policies and procedures. Defining roles and responsibilities as per business need and workflow. 2. Internet Access Management:Project includes reviewing exception requests for acceptable use policy. Capturing metrics and providing inputs to improve process. Perform regular checks to review old exceptions and have them removed. Interact with end user and make them understand information security processes and procedures. 3. Vendor Access Management:Managing vendor access management system. This includes review of network access requirements of vendors. Approving access based on least privilege methodology. Identify gaps in the vendor security profile. Interact with business and vendors to mitigate the gaps. 4. Email Exchange :Installation of MS exchange server 2003. Creating and removing of OU’s and DL’s. Creating, configuring and provisioning of user mailbox. Testing mail flow and outlook web access. Creation of new storage groups, mailbox stores and public folders.