AMANDEEP

Mobile: 872-***-****, 947-***-****

E-Mail: acszl9@r.postjobfree.com

ASSISTANT MANAGER: Nearly 10 years of experience

Information Security IT Governance Risk & Compliance Network Security IT Projects Auditing

“Top industry ranked global Information Security professional who conceives, implements and leads technology solutions that protect corporate assets, increase organizational capability and advance productivity of companies”

“PMP Professional/ ISO 27001:2013 LI / ISO 31000 RISM /COBIT 5 / CISA / CompTIA SECURITY PLUS / MCITP /CISCO Certified / Information Technology Infrastructure Library; with deep understanding of business goals / drivers and how to apply technology to achieve & support them”

Location Preference: Open to Relocate Anywhere

Insightful experience in technical activities including scoping, planning and risk management. A recognized contributor to the industry as an organizer, presenter & speaker seeking meaningful position in information technology management, auditing, infrastructure security, operations and information security & Consulting Technologies.

PROFILE SUMMARY

Senior Technology Professional offering rich experience in Information Security, Risk Assessment, IT Governance and Compliance & Network Security, Projects & Operations Management. Demonstrated abilities in developing information security frameworks, conceptualising information security policies and ensuring compliance with security standards and procedures. Successful in management of entire compliance and security policy management. Strong acumen in achieving a secure, reliable, and centralized IT environment that will help better balance organization’s needs for security and functionality. Proficient in understanding business process, mapping information systems policies, processes and rules for IT Resources Management. Diligent in conducting Compliance Audits, implementing Business Continuity & Disaster Recovery Plans, handling Risk Management, laying down Policies, Procedures, Standards & Guidelines, and managing Change Management, IT Budgeting and Recruitment. Conversant with Firewall, IPS, IDS, Wireless security, Arcsight, Checkpoints, ASA, VMware.

IT/ Enterprise Governance Risk Management Compliance Management

Policies Management Information Security Management Project Management

Audits & Network Security Cloud Security Data Loss Prevention

Industry Regulation PCI DSS Business Continuity Planning Change Management

Network & Security Compliance Disaster Recovery Management Web Application Security

Infrastructure Management Operational & Capital Budget Management Vulnerability Management

Wireless Security Firewall, IPS, IDS, ARCSIGHT User Training

ISO 27001:2013 ISO 31000 ERP & Process Management SAP Auditing Data Center Cyber Security

Project Management Log Management/SIEM

Skilled in conducting in-depth reviews & selecting appropriate risk mitigation strategies, enhancing operational effectiveness of IT with understanding; skilled in establishing IT Governance functions (strategies, information security architecture & other technology directions). Proven expertise in providing audit support, access control & compliance assessment for evaluating the effectiveness of controls with applicable laws & regulations. Achievement oriented professional with excellent people management skills and an ability to manage change with ease, efficient in establishing assessment frameworks to mitigate complex risks at strategic, functional & operational levels. Significant experience in mapping business requirements, designing customized solutions with strong analytical skills and ability to analyze business practices and define optimal procedures.

Expertise entails:

Productive: MS-OFFICE, VISIO, Reporting, MS Excel, GRC Archer

Design: Photoshop, InDesign, Illustrator, Mind Map, PowerPoint

Operating System: Windows 8, Windows 10, Linux, Window Server 2012, Mac OS

MS-PROJECT 2013, 2010 (Project Management & Execute Plan)

Penetration: Backtrack, kali Linux, Metasploit, Wireshark

Aconex (Online Document Management System) Expertize

Web Design (HTML, CSS, JAVASCRIPT, PHP, MYSQL, Ajax)

Scripting: ACL, PowerShell, Java Script, Python

Firewall: Sonic Wall, Fort iGATE, Check Point, Palo Alto, Cisco ASA, Juniper

WORK EXPERIENCE

Since Feb’08 OSCO. LLC, Oman

As Assistant Manager-Network Security Management

Role:

Developing a framework for IT Governance, studying the business goals & aligning it with IT, planning and securing IT investments and facilitating decision making process for project sponsors

Architecting security solutions, project management for internal security projects, risk assessments, facing external audits and assisting audit department to close the observations, and formulation of security policy, procedures, baselines and guidelines based on standards; enforcing the compliance with International Standards such as ISO 27001

Leading efforts in performing general controls oversight, reviewing compliance with internal audit controls and professional standards, liaising between in-house managers/IT department and external operational auditors, performing risk assessment and determining business critical processes, data security designation/classification studies and providing internal audit services for data classification of information assets

Completing IT Security Risk based Control Self-Assessment by mapping inherent risks, assessing controls and defining action plans for identified issues to support overall risk and control agenda for the firm

Supporting no. of risk management programs to enhance risk posture of business by protecting information assets, satisfying regulatory obligations and minimizing potential legal and liability exposure

Analyze BCP/DRP process and minimize the loss due to interruption of services.

Managing day-to-day operational risk management activities such as risk and controls assessments, incident capture and analysis, and scenario analysis and planning Working collaboratively with the Enterprise Risk Management team, other risk & control functions, as well as business line management

Improve external audit results through shape key process improvements. Invent security awareness program and delivered training to headquarter and branch office employees. Heading up IT operations & In charge of Implementation of ISO 27001 successfully.

Oversee network designing & implementation. Wireless network security management. Contributor to manage core business IT infrastructure, ERP. Successful record to handle backup process, vendor management, imposing security policies

Reduced operation cost remarkable & Benefit realization by implementing good practices. Handle IT security project successfully within the schedule and budget align with the customer expectation. Creating & implementing the security policy aligned with organization strategic goal. Implementation & operation of DLP & SIEM (arch sight)

Firewall configuration & Management. Carry out Network design, implementation, and documentation for many projects.

Improve internal audit process & Perform Risk management. Heading up IT operations.

In charging the Implementation of ISO 27001 successfully.

Oversee network designing & implementation. Wireless network security management. Successful record to handle backup process, vendor management, imposing security policies.

Contributor to manage core business IT infrastructure, ERP. Alignment of IT with business needs. Contributor to implementation of ERP and business process regeneration. Reduced operation cost remarkable & Benefit realization by implementing good practices

Handle IT security project successfully within the schedule and budget align with the customer expectation

Creating & implementing the security policy aligned with organization strategic goal.

Implementation & operation knowledge of DLP & SIEM (arch sight).

Having exposure of SAP Audits, Cloud Security, Network management and design, System Administration, Infrastructure management

PREVIOUS EXPERIENCE

Oct’06 to Jul’07 Secure Net, Chandigarh as System Admin

Feb’05 to Mar’06 Maxi Can InfoTech (Wipro Authorized), Jalandhar as System Engineer

PROFESSIONAL ENHANCEMENTS

Certifications:

Project Management Professional (PMP: 1838515)

COBIT 5 Foundation (031*****-**-KCEV)

BSI Certified ISO 31000 Lead Implementer

BSI Certified ISO 27001:2013 Lead Implementer

Certified Information System Auditor (CISA:15122177)

CompTIA Security Plus

Information Technology Infrastructure Library (ITIL)

Microsoft Certified Information Technology Specialist (MCITP)

Microsoft Certified Technical Solution Expert (MCTS)

Microsoft Certified System Engineer (MCSE)

Trainings:

COBIT 5 FOUNDATION

ISO 27001 Training (BSI)

Project Management Professional (35 PDU ) Training

Cisco Certified Network Professional & Associate (Switching)

Aconex Online Document Management

IT Auditing (ISACA Local Chapter)

EDUCATION

Post-Graduation MBA (IT) from Sikkim Manipal University, SM University, India in 2014

B.Tech. (Computer Science) from Beant College of Eng. & Tech., Gurdaspur, Punjab Technical University in 2006

Other Credentials:

Certified User of Aconex online Project Management System

Inspired For:

CISSP

CISM

MEMBERSHIPS

ISACA Membership

PMI Membership

ISACA Local Chapter Muscat Membership

PERSONAL DETAILS

Date of Birth: 22nd February 1982 Driving License: Indian, Oman

Languages Known: English, Hindi, Punjabi and Arabic Marital Status: Married

Present Address: Gurgaon Driving License: Indian, Oman

Contact this candidate