Partner, Information Security And Risk Services
CurrentManage security governance processes and provide security guidance and counseling to leadership teams. Define security roadmap, strategies, metrics, reporting mechanisms, and program services.Align security initiatives with business vision, goals, and strategy to ensure that the company meets compliance, legal, and contractual requirements.Reduce security exposure and remediate configuration gaps on the next-generation firewall, IDS, WAF, and proxy implementations. Identified applications based on their communication and created security policies to allow the specific flow of identified source and destination basis.Reviewed vulnerabilities found in infrastructure applications and recommend software upgrades and bug fixes. Advised application team members on secure software development life cycle (SDLC) and reviewed currently in use applications from security perspective.Identified, monitored, and managed risks in the environment to an acceptable level and proactively recommend risk mitigation strategy. Reviewed internal and external applications from security perspective and provided inputs to secure the environment.Created professional development plans for all members of the security team.Ensuring compliance with information security policies. Development and revision of information security policies & program as well as maintain information security awareness, education, and training program. Created security awareness programs and advised on security issues and best practices and functioned as a primary checkpoint during significant information security incidents.Promoted collaborative, effective security working relationships across departments. Managed relationships with third-party vendors for service delivery and security monitoring services.