Advisory Board Member 2018
Director Security & Quality Governance
Areas of Expertise
Evolution of Cybersecurity; Cybersecurity Strategy; Cybersecurity Risk Management; Implementation Issues with Cybersecurity
• 25+ Years of experience in IT Industry in Compliance, Security Analysis, Design, Development, Implementation, Testing & Auditing of IT and Business processes.
• Highly skillful in GRC Framework, developing and executing Risk Assessment Process, Risk mitigation plan, Business Impact Analysis (BIA), Business Continuity (BCM) and Disaster Recovery (DR).
• Expert in designing appropriate IT And Business processes to meet Compliance for ISO 9001, ISO27001, SAS 70, SOX, PCI-DSS, HIPAA, NIST, Cobit, FISMA, GLBA & FFIEC and to achieve certifications for these compliances.
• Adept in written correspondence, reports, implementation requirements, project status reports, oral presentations and email, to keep executive staff and team members apprised of goals, project status, and resolving issues and conflicts. Sound Knowledge of Security, RISK & Quality models like ISO 9001, ISO 27001, ISO 20000, OCTAVE, CRAAM, BS 7799, SEI-CMMI, TQM, ITIL.
• Highly experienced in Developing, reviewing and re-engineering Cyber security and vendor management processes and policies, standards, procedures and guidelines.
• Good Process, Metrics design, Presentation Skills and Great People Management Skills with the ability to mentor and guide with a vision and leadership to a good size team
PROFESSIONAL TRAININGS AND CERTIFICATIONS
• Certified Information Security Professional (CISSP)- ISC2 USA
• Certified Information Security Manger (CISM) – ISACA New York USA
• Certified in Risk and Information Security Controls (CRISC)- ISACA, New York US
• Certified Ethical Hacker (CEH) from EC-Council USA
• ITILf Certified from Quantum Singapore
• Trained Auditor for Information Security for BS 7799 / ISO 27001
• Trained Auditor for Quality Management System (ISO 9001), IRCA UK
• Trained Auditor for IT Service Management System (BS 15000 / ISO 20000) by itSMF, U.K
• CMM intro trained.
• Trained at SEI CMU Cert-US, Pittsburgh USA on IT Risk/ Information Security/Incident handling