An information security professional with * years of working experience with major bank and retail company; MS in Information Security, PCI ISA, CISM, and LPT (CEH and ECSA); specializes in security tools, technologies and best practices with focus on compliance, user awareness and technology risk. WORK EXPERIENCE

Core.ES – National Bank of Kuwait Kuwait

National Bank of Kuwait is one of the largest banks in the region and the first shareholding company in Kuwait and the Persian Gulf region with a total market capitalization of KD 4.2 billion. Position: Senior Specialist Compliance and user awareness (June ’16 – Present) Responsibilities:

Manage compliance group wide including PCI DSS (Payment Card Industry Data Security Standard) and other regulatory compliances and in International Banking locations

Manage PCI PIN Security (Visa PIN Security) compliance for bank

Planning and implementation of information security awareness program for users and customers across bank and International Banking locations.

Providing inputs for risk assessments of various IT teams and applications.

Maintaining and updating all security policies and procedures as required for compliance requirements

Coordinate with various team leads to maintain compliance in upcoming and existing applications.

M. H. ALSHAYA CO. WLL. Kuwait

M. H. Alshaya Co. is one of the most dynamic and successful retailers in the region with more than 2800 stores, Alshaya Retail franchises some of the world's best known brands such as Mothercare, Starbucks, H&M, Debenhams, P.F. Chang's, The Cheesecake Factory, Victoria's Secret, Pottery Barn and KidZania. Position: Supervisor Information Security (January ’14 – May ‘16) Responsibilities:

Manage PCI DSS (Payment Card Industry Data Security Standard) compliance of eCommerce websites and stores across MENA region

Coordinate with various team leads to conduct risk assessments in upcoming and existing applications and present findings to senior management

Manage ISMS compliance (ISO27001) across IT

Lead mobile application penetration testing

Established and manage a team for vulnerability assessment and penetration testing in India and Kuwait

Conduct organization wide training and awareness for ISMS, PCI DSS and general security practices

Planned and led migration from ISO 27001:2005 to ISO 27001:2013. Position: Officer Information Security (25th Aug ’11 – December 2013) Responsibilities:

Formulated guidelines and established procedures for conducting vulnerability assessments and penetration testing

MANISH SACHAN

Phone: +965-***-**-***

adah32@r.postjobfree.com

Conducted vulnerability assessments and penetration testing and coordinated with various teams to close the gaps and vulnerabilities

Conduct PCI DSS compliance review of stores

Execute Risk Assessments and work with various teams to mitigate the risks

Conduct periodic ISMS compliance (ISO27001) review

Managed day-to-day incident response and investigation. TECHNOLOGY SKILL-SET

Security Tools: Nexpose, Nessus, W3AF, OWASP ZAP, Metasploit Framework, Nmap, SQL injection tools like SQL map, BSQL injection, Burp Proxy, Wireshark, Kali Linux

Platforms: Linux based, Mac OS and Microsoft Windows

Programming skills: C++, J2SE, VB, Python, Shell scripting, Ruby on Rails. INTERNSHIP

INDIAN INSTITUTE OF SCIENCE (May ’10 –July ’10) Bangalore, India Project: Studying & Addressing the Security Issues in E-Tendering System Description: Created a framework for the development of an E-Tendering system application that is user friendly, robust, transparent and secure, and practical and economically feasible to implement. EDUCATION/CERTIFICATIONS

November 2017 Key Management Training as per PCI PIN standard April 2015 Payment Card Industry – Internal Security Assessor January 2014 Certified Information Security Manager (Exam qualified) - ISACA July 2013 Licensed Penetration Tester (license No: MS13-42) - EC- Council August 2012 Certified Ethical Hacker & EC-Certified Security Analyst - EC- Council 2009-2011 Master of Science – Cyber Laws and Information Security Indian Institute of Information Technology, Allahabad 2005 – 2009 Bachelor of Technology -- Computer Science and Engineering Uttar Pradesh Technical University, Lucknow

PUBLICATIONS

Performance Analysis of Enhanced Mobility Model in Cloud Computing Description: Proposed a model to enhance the mobility services in Cloud by utilizing the concept of HMIPv6 in coexistent network and produce a performance analysis of the existing models with the proposed model. The proposed model reduces the burden on existing IPv4 addresses and enhances mobility as a service in Cloud Computing.

Published in: IEEE link to paper.

Contact this candidate