Management Security
Resume:
S. MANJUNATH
# No. *," Shreematha", *st Cross Road, Shankarapuram, Bangalore - 560 004
Contact No.: +91-944******* E-Mail: acd4bp@r.postjobfree.com
[pic]
Senior IT Professional with rich experience in Information Technology,
seeking a position of Chief Information Security Officer / Information
Security Manager / IT Audit / Information Systems Lead Auditor / etc.
Presently working as Manager Information Security, at PoinCross.com,
Bangalore. PointCross is into the data standardization & data management
of health care, pharmaceutical industries, Oil and Natural Gas
industries.
SKILLS PROFILE
o Technically sophisticated management professional with a pioneering
career reflecting strong leadership qualities coupled with enormous
experience and exposure in ISMS-Information Security Management
(ISO27001:2005 / BS17799), NIST 800-53, CFR 21 Part 11,CSV, FISMA, DPA,
COBIT, ISO 20000 (ITSM) and QMS (ISO 9001:2008) standards.
o Development of documentation and Implementation of the same for
Information security Management-ISO 27001:2005 & 2013 standard's and
Quality Management System-ISO 9001:2008 standard and maintenance of
documents on share point portal.
o Conducting periodic internal audits as per different compliances for
Information Security, Information Systems, Quality Management Systems
etc.
o Successful transition from ISO 27001:2005 standard to ISO 27001:2013
standard.
o Successfully implemented Risk Management process which involves risk
analysis, risk treatment, risk acceptance for information assets,
projects & people, using an integrated web enabled solution.
o Co-ordination for governance functions such as Physical Security,
Facilities, Risk Management, IT Infrastructure, HR Management, Legal and
Compliance across the organization as necessary, for information security
management such as routine security activities plus emerging security
risks and control technologies as per compliance.
o Developed & implemented Business continuity and Disaster recovery plan
for the organisation and successfully conducted tests.
o Information Security incident management and its analysis using in house
application tools and suitable actions for security incidents in
consultation with information security board and management.
o Co-ordination of Information Security Management system awareness
training programs to the employees.
o As a certified auditor for ISO 27001:2005 and ISO 9001:2008, conducted
third party audits for various companies.
o Exposure to TS 16949, AS 9100 Rev C and ITSM/ISO20000 (ITIL) standards,
as co-auditor
o Involved in the execution of IT Infrastructure projects for simulators,
as per the different CMMI levels i.e Project Management, Process
standardization, QMS and continues improvement.
o Results-driven professional, recognized for taking on major initiatives,
adapting to rapidly changing environments and resolving mission-critical
issues to ensure bottom-line success
o Skilled in mapping client requirements, scope management, activity
sequencing, resource allocation, risk management, effort & cost
estimation and negotiations aligned to pre-set guidelines
o Management style characterized by a focus on discipline, prioritization,
and keeping focus on mission critical objectives
o A visionary leader with good communication, team building and management,
interpersonal & analytical skills.
o Designed & implemented structured cabling network with CISCO 5510 ASA-
Firewall, CISCO-3560 and 2960 network switches, 3COM - 4400 series
network switches & hubs for connecting 200 computers in addition to
configuration & administration of Symantec Backup Exec and NAS for
regular back up process.
o MS Windows 2003/2008 server Active Directory Administration, Cisco
network products administration, CISCO Firewall Maintenance, Remote
Administration, Symantec Backup Exec's Administration, Systems Planning &
Configuration Management, Release Management, System Integration &
Testing, IT department Budgeting & Cost Control, IT Resource Allocation,
IT Infrastructure Management based on ITIL methodologies like Incident
Management & Service reporting.
o Proficient in HP & Dell servers, Desktops, laptops and peripherals, MS
Exchange 2007 server management, MS Share-point 2007 administration, EPBX
management, BMC Remedy IT Infrastructure service management suite,
implementation and usage for hardware and software service support.
o Planning & coordination of hardware & software installations, maintenance
and monitoring activities on systems used for software development &
system integration in addition to monitoring tuning, performance and
health of servers.
o Maintenance of regular backup of file servers & clients using Symantec
Backup Exec ver. 12, software apart from Backup Exec software
administration, maintenance.
o Proficient in Administration of Intranet, DHCP and proxy server installed
on SME-Linux Server Ver. 9.
CAREER GRAPH
Manager Information Security, PointCross India Pvt. Ltd., Nov 2012 to To-
date
Management System Assessor, DQS-UL India Pvt. Ltd., Feb 2012 to Nov 2012
IT & Operations, Zen Computers, Feb 2011 to Feb 2012
IS/IT Technologist-3, CAE India Pvt. Ltd., Jun 2007 - Feb 2011
Sr. System Administrator, Macmet Technologies Pvt. Ltd., Aug 1996 - Jun
2007
Member System Admin (Team Leader), SE Technologies India Pvt. Ltd., Jun
1995 - Jul 1996
Executive Systems, Macmet India Limited (SSD), Dec 1990 - Jun 1995
KEY ACCOMPLISHMENTS
. Recognized for successful implementation & certification of Information
Security Management System based on ISO 27001:2005 standard, IT
Infrastructure maintenance department team management & work allocation,
Quality Management System-ISO 9001:2005 and ITIL / ITSM 20000.
JOB PROFILE
. W.e.f the year 2007, Involved in the implementation of ISMS (ISO
27001:2005),QMS (ISO 9001:2008) processes, NIST 800 series processes,
besides functioning as Information Security Officer and Auditor for
Information Security Management System and Quality Management System.
. W.e.f the year 2008, Focus on the implementation and execution of IT
Infrastructure projects to meet the requirement of ISMS 27001,NIST 800-
53, CFR 21 Part11, ISO 9001:2008 and ISO 20000 standards, i.e Project
Management, Process standardization and continues improvement.
. Development and implementation of MS Excel tool for managing risk
assessment, treatment and acceptance, which suits both the organisational
and ISO 27001:2005 standard's requirement with reference to ISO
27002:2005.
. Involved in the information security incident management and its analysis
using in-house application tools.
. As a Team lead, successfully implemented Business continuity and disaster
recovery plan and conducted tests.
. Co-ordination of information security awareness training programs for the
employees.
. In-charge for software releases and configuration control for all
software products/solutions and its releases to clients.
. Manage ITIL Service Support areas of Incident, Problem, Change, Release,
and Configuration Management & Service Desk, based on few of ITIL best
practices in addition to IT Service Delivery areas of Service Level,
Availability, Capacity, Financial & IT Service Continuity Management.
. Provide leadership to a team of software engineers involved in
development of in-house software tools for management of vulnerability
reports.
. Focus on troubleshooting of Servers, Computers, Local Area Network (LAN)
hardware and software components, performance of external computer
service engineers.
. Involved in implementation & administration of Enterprise Project
Management (EPMS) based on MS Project 2007 server and clients to monitor
the status of all software & hardware projects within the organization.
. Reporting of monthly Information security status to the management as per
the department's standard operating procedure using the monitoring
tools.
. Managed hardware setup of RIG's and prototypes of various fighter planes
Simulator projects apart from maintenance of simulator hardware &
software with external agencies.
. Involved in IT resources allocation planning & deployment to different
projects and departments besides being involved in IT resource planning,
installation & maintenance for branch offices at various locations using
Citrix software & office communicator software.
. Involved in development & delivery of IT infrastructure tactical &
strategic multi-platform solution based on business requirements for a
medium size project consisting of 5 servers, 250 PC's with network
infrastructure.
. Involved in Implementation & usage of BMC remedy IT service management
suite, used for hardware and software service support, system to
manage IT helpdesk process besides supporting software tools & products
used for software development & configuration on various servers
including backup tools, monitoring, security & anti-virus tools.
. Involved in administration & maintenance of MS Windows Share point portal
for various departments
. Accountable for vendor analysis, procurement of IT resources (hardware &
software) and computer consumables to enable stores & supply chain
management using Oracle's ERP application in addition to Business
continuity Assessment and Business Resumption/Disaster Recover
. Coordinate with project managers, developers and focus groups to avoid
redundancy, minimize expenditures and improve overall synergy within
organization
. Involved in management of various subcontractors for outsourced IT
infrastructure deployments to ensure compliance to delivery schedules and
other SLA parameters
. Functioned as Tech lead for below mentioned IT Infrastructure &
Information Security Management projects:
o Indian Airforce, Bangalore, 4 months
o Indian Navy, Goa, 6 Months
o KPCL Power Plant, Varahi, 6 Months
o BPO's & Health Research Data Management organisation
EDUCATIONAL
. Post Diploma in Computer Management, Datapro Information Technology,
Bangalore, 1991
. Diploma in Computer Science & Engineering, Sri Venkateshwara
Polytechnic, 1989
. Trainings/ Certifications:
o ISO/ ISMS 27001:2005 IRCA Certified auditor / Lead Auditor, DNV
o ISO / ISMS 27001:20013 transition training by BSI
o ISO / QMS9001:2008 IRCA Certified auditor / Lead Auditor, DNV
o Internal Quality Audit training for ISO 9001:2000, DNV
o Certified Ethical Hacker 7 ( CEH7), EC Council
o Network Security Management, STQC IT Service
o Configuration Management, TQMI
o Pursuing CISA, appearing for exam in Dec 2014
. Technical Skills:
o ISO 27001:2005 & ISO 27001:2013, ISO 27002 - ISMS and QMS 9001:2008
implementation and maintenance
o Conducting Audits of ISO27001:2005 & 2013, NIST 800:53 series, HIPAA and
ISO 9001:2008 & it's Compliances
o MS Windows 2003 / 2008 Active Directory Administration & Help desk
management
o IT Infrastructure Management based on ITIL methodologies like incident
management, service management
o Cisco network products administration & Cisco EPBAX management
o MS Project 2007 server administration, MS Exchange 2007 server
administration & MS Share-point 2007 administration
o BMC remedy IT service management suite implementation and usage for IT
helpdesk ticketing system
o Implementation of Oracle ERP financials, Supply chain management & etc.
PERSONAL DETAILS
. Languages Known: English, Kannada & Hindi
. Valid Indian Passport holder
. Reference available on request[pic]
Contact this candidate