SAJEEV RAMACHANDRAN

http://in.linkedin.com/in/sajeevramachandran/

Contact: +91-952******* / +91-484-******* ~ E Mail: acgmbt@r.postjobfree.com

Seeking leadership opportunities in an organization of repute to serve as the catalyst for achieving business objectives through

effective and efficient contributions in the domain of Information Security Governance.

PROFESSIONAL PROFILE

Commitment Innovation Leadership Integrity

A proven visionary and strategic leader with more than Sixteen years of rich and diverse experience ranging from start ups to Fortune 500

corporations

Comprehensive experience of more than Thirteen years in strategizing, planning, and executing Information Security Management and

Governance functions.

Advanced leadership competencies include providing direction and accountability, planning, change management, quality management, and

personnel management.

Provided executive leadership to the programs which generally includes the key functional components, such as Information security, IT

Risk, Audit and Regulatory Reviews, Third Party oversight, Application security Assessments, Business resiliency and Cyber law.

Ability to drive a security conscious culture and transform organizations towards a proactive and mature security posture.

Proficient at managing and leading multi cultural\remote teams towards facilitating solutions for critical constituents of information security,

compliance and risk.

Demonstrated experience and exposure in standards and regulations like COBIT, PCI DSS, HIPAA and ISO 27001.

CORE COMPETENCIES

IT Security Management & Consulting Enterprise Risk Management Data Protection

Information Security Assurance Metrics & Reporting Talent Development

Program / Project Management Control Automation Budgeting & Cost Control

IT Risk & Resiliency Management IT General Controls Global Team Leadership

Techno Legal IT Law Application Security Security Governance

Information Technology Audits Vulnerability Assessments SOX and SSAE 16

ORGANIZATIONAL EXPERIENCE

Sutherland Global Services, Senior Director – Information Security Audits and Assurance since Sep’12

Accountabilities:

Heads Information Security Audits and Assurance (Including ITGC part of SOX and SSAE16), secure software initiatives, vulnerability and

penetration testing portfolios globally.

Maintain a high state of situational awareness regarding threats to the organization and the industry and keeps current with changing

technologies and threats which could impact stability and operations.

Responsible for identifying, evaluating, protecting against, and reporting on information security risks in a manner that meets compliance requirements,

and aligns with the risk posture of the enterprise.

Work with management at all levels of the business to "sell" the concept of identifying and managing risk and develop a culture of control.

Manage and continuously improve organizational information security compliance through effective processes, controls, and assessments.

Provides rapid assessments of potentially imminent security situations, sensitive developments and complex threat issues.

Ensure clear and timely notification to executive management on key issues and control measures thereof.

Notable Credits:

Bootstrapped Independent Audits and Assurance practice.

Championed Data Privacy initiatives, software resiliency and early engagement across business.

Rationalized Vulnerability Assessment and Penetration testing process to meet its objectives.

Initiated secure SDLC practices for applications developed and hosted in SGS network.

Created framework and initiated vendor management process in line with Cobit 5 standard.

Steered the initiative for documenting and communicating the current InfoSec risk through a customized risk framework.

Infosys Ltd., Bangalore, Lead Manager Information Security Jan’06 –Aug ‘12

Accountabilities:

Carry out comprehensive analysis of security requirements, based on changing business and operational environment in order to provide

inputs for strategy formulation for privacy and data protection.

Spearheading the information security process audit wing that takes care of delivery accounts audits, development center audits, SOX

ITGC audits, ISAE 3402 audits and other critical process audits.

Define strategy based on organizational requirements for strengthening and sustaining compliance to regulations and customer

expectations on privacy, Data Protection and Data governance across customer accounts /portfolios and across enterprise.

Confirm, advice, and elaborate on Enterprise Risk Management assessments that touch on areas relevant to information security and

business continuity.

Notable Credits:

Significantly involved in planning, directing and interfacing the strategic activities related to Information Security Audit & Risk Management

for customers outsourcing IT / ITES projects to offshore.

Pivotal role in program management attaining uniformity of information security practices followed across multiple locations.

Efficiently and effectively conceived and executed projects for development and implementation of several automated preventive and

detective controls that will enable customer to meet the regulatory requirements.

Steered efforts in developing the business case and got approval for adding more resources in terms of personals and tools for managing

and executing Information Security audit related activities.

Carried out the security risk assessments to assess the integrity of network infrastructure, projects, applications and processes.

Holds the credit of designing and implementing a Security Event Management Program including IT/IS incidents to gather, store, correlate,

analyze and respond to security data from logs & incident reports.

Diligently performed regular scans and security assessments of the infrastructure with IT and document findings in a complete

comprehensive report that includes technical and non technical findings and recommendations.

Rendered advices to the Senior Management regarding security exposures and strategies to mitigate risk.

Price Waterhouse Coopers, Delhi, Deputy Manager Systems & Process Assurance Apr’05 – Dec’05

Accountabilities:

Executed the Internal Controls evaluation and oversaw the Information Security / System Audits for clients.

Supervised a team of three Information Security auditors and involved in the application control reviews for clients along with Information

Security requirement of software procured & developed in house by clients.

Handled the information security risk assessment & gap analysis along with the development and clearance of IT Audit Reports also

involved in serving all assurance clients.

Rendered service support to the Financial Audit Team to understand, assess and test the client business processes, the supporting

technologies, systems & related controls.

Specialized in Application, RDBMS and Operating systems controls.

Federal Bank, Cochin Manager Systems

Jun’00 – Apr’05

Accountabilities:

Involved in assisting, reviewing, developing, testing and implementation of security plans, products and control techniques.

Functioned along with the business units on new projects, assessed security ramifications and provided consultation during the project

development phase to enable business requirements.

Executed Information Technology (IT) audits to determine propriety and efficiency of control structure and operated processes, including

recommendations for improvement in processes and controls.

Pivotal role in Developing the Database Security System for TBA & reviewing of application and database security for various application

used by bank.

PRECEDING EXPERIENCE

Cochin International Airport Ltd., Cochin Executive IT

Jul’99 – Jun’00

Cordiant, Cochin Software Engineer

Sep’98 – Jul’99

PROFESSIONAL ENHANCEMENTS

Certifications:

Certified Information System Auditor (CISA) from Information Systems Audit and Control Association.

Certified Information Security Manager (CISM) from Information Systems Audit and Control Association.

Project Management Professional (PMP) from Project Management Institute.

Certified Information Systems Security Professional (CISSP) from ISC2.

Certified Secure Software Lifecycle Professional (CSSLP) from ISC2.

Certified in Risk and Information Systems Control (CRISC) from Information Systems Audit and Control Association.

ACADEMICS

Masters in Computer Applications from University campus, University of Calicut in 1998. Secured 73%.

B.Sc. (Physics) from Govt. Victoria College, Palakkad, Kerala, University of Calicut in 1994. Secured 70%.

PERSONAL DETAILS

Date of Birth : 24th May, 1974

Present Address :

‘Vrindavan’, Karingamthuruthu, Kongorpilly, P.O.,Cochin, Ernakulam Dist., Kerala 683525, India

Contact this candidate