JATINDER S. OBEROI
acu5b4@r.postjobfree.com
PROFESSIONAL SYNOPSIS
I am a disciplined and self-motivated professional with more than 20 years of experience in Information
Technology. In my current role, I worked on many assignments including PCI assessments, architecture
reviews, and security policy development. I analyze information systems always finding ways to create value
for organisations. I have worked in multi-cultural/trans-national settings from being a programmer to a
profit center manager. I was once a Microsoft Certified Systems Engineer as well as a VMware Certified
Professional
I am known for my excellent communication & interpersonal skills and have made good use of these in my
current role working with Datacom Systems Limited as Security Consultant.
PROFESSIONAL QUALIFICATIONS & CERTIFICATIONS
SANS GIAC Penetration Tester (GPEN)
Certified Cloud Security Professional (CCSP) from (ISC).
Certified Information Systems Security Professional (CISSP) from (ISC).
Certified Information Security Manager (CISM) from ISACA.
Certified Internal Information Security Auditor ( CIISA) from Min. of IT, Govt of India.
Master of Business Administration (MBA) with specialization in Operations Management
Bachelor of Science (B.Sc.) Maths from M D University, India.
CONFERENCES/TRAINING
2010-2015 Kiwicon
2009-2013 Microsoft TechEd
2013 ITIL and Problem Management
2012 SANS Network Penetration Testing and Ethical Hacking (Sydney)
2012 CPR/First-Aid Training (Auckland)
2011 RSA enVision SIEM Solution Design and Management
2010 McAfee Intrusion Detection/Prevention training (Auckland)
2007 Performance Management Programme (New Delhi)
2006 Communication Skills and Emotional Intelligence (New Delhi)
2006 Regional IT Professional Conference (Singapore)
2005 Windows Server 2003 Infrastructure Renewal Project (Ottawa)
2003 HP Server Hardware Training by HP Canada (Ottawa)
PROFESSIONAL MEMBERSHIPS
(ISC)2
ISACA
Computer Society of India (life member)
ORGANISATIONAL EXPERIENCE
Datacom Systems Limited, Auckland
Sr. Security Consultant June 2010 till date
Responsibilities include:
Development of enterprise information security standards, processes and procedures for customers and
ensuring those are understood and implemented well.
Information system audits to ensure secure design practices.
Risk Assessments
System architecture reviews.
PCI audits and remediation plans.
Firewall Auditing for adherence to enterprise architecture and security standards.
Integrate information security requirements into contracts and activities of third parties to maintain the
organizations security baseline.
Plan, design and implement security projects.
Baseline assessment, vulnerability scanning, reporting for customers and remediation engagements.
Datacom Systems Limited, Auckland
Team Leader/Senior Engineer - Aug 2008 to June 2010
Responsibilities included:
Leading a capable team of 6 system engineers for various clients throughout New Zealand and
Australia.
Establish and maintain incident escalation and notification processes to ensure that the appropriate
stakeholders are involved in incident response management.
Secure remote access setup for customers.
Implementation of access control systems for Windows infrastructure.
Designing backup strategy & ensuring scheduled / unscheduled backups as per the backup plan.
Monitor and periodically report program management and operational metrics to evaluate the
effectiveness and efficiency of the infrastructure.
Provide local and remote problem resolution and technical support on infrastructure and security issues.
Canadian High Commission, New Delhi, India
IT Professional - Nov 2002 to Jul 2008
Responsibilities included:
Infrastructure Management
Coordination with department managers for Information Management projects and implementing
security measures in alignment with business objectives.
Management of mission Intranet and setting up access levels according to security clearance.
Vulnerability assessment and system upgrades.
Backup system design.
Developing long-term partnerships with suppliers & vendors; managing day-to-day supplier performance
to ensure meeting of service, cost, delivery and quality norms.
USAID, American Embassy, New Delhi, India
System Administrator: Aug 2001 to Oct 2002
Responsibilities included:
Vulnerability assessment and system upgrades.
Setup and manage Intrusion Detection System (IDS). Recommend improvements in IDS policies.
Provide local and remote problem resolution and technical support on all issues (network, Internet,
software/hardware installs/upgrades) to missions in the region.
Test and install security patches, maintain and upgrade hardware and software, monitor systems and
logs, backup and recovery of information.
Implementation of project plans within budget and deadlines.
Paharpur Business Centre, New Delhi, India
Sr. Executive (ISP): Aug 2000 - Aug 2001
Profit Centre Management - set up of ISP business from scratch.
Schenck Avery Limited, New Delhi, India
Systems Executive- Nov 1999 to Aug 2000
Infrastructure Systems Management
Free-lancing in India and the Netherlands
Consultant- Sep 1998 to Nov 1999
Research Project, New Delhi, India
IT Specialist - Sep 1995 to Sep 1998
System Administration and Programming.
SKILL SET
Practices/standards:
PCI-DSS, NIST, COBIT, ITIL, ISO2700X
Tools:
Nessus, Qualys, Nexpose, MetaSploit, GFI, KALI/BackTrack, Burp Suite, Wireshark, MBSA, Nipper Studio,
Firewall Analysis Tools
Operating Systems:
Different versions of Windows, DOS, *NIX
Technologies:
Security Information and Event Management (SIEM), Firewall and IDS/IPS, Cryptography etc.