Security Manager, project/ program manager
Resume:
S.G. SETHURAMAN
Email: adb7kn@r.postjobfree.com Mobile: (91) -979******* / 996-***-****
Experienced Program Leader with a demonstrated history of setting up new teams, governance and process. Overall 15+ year of experience, skilled in IT Infrastructure, Networking, Cyber Security, Cloud Transformation, Service Transition, Merger & Acquisition. Strong Program, project Management and Service Delivery professional with Master of Science in Management of Information Systems focused in Information System Security from University of Glasgow Caledonian, UK
CORE COMPETENCIES
Program, Project Management
Account & Service Transition
M&A Integration
New Vertical Setup
Digital Transformation
Cybersecurity Transformation
Cloud Transformation
Datacentre Consolidation, Transformation
Disaster Recovery
Networking
SDLC, Secure SDLC
Data Security
Security Policy, Standard creation and Exception Management
Vulnerability Management
Cybersecurity Governance, Risk & Compliance (GRC)
EDUCATION & CERTIFICATIONS
POST GRADUATE
Masters In Management of Information Systems,
University of Glasgow Caledonian, Scotland, U.K
UNDER GRADUATE
Engineering in Electrical & Electronics, University of Bangalore, India
CERTIFICATIONS
Prince2 Practitioner
CEH
CHFI
ISMS ISO 27001
ITIL V3 Foundation
IBM Certified Solution Architect- Cloud Computing Infrastructure v1
IBM Certified Solution Advisor - Cloud Computing Architecture v4
Certified Lead Implementer Professional for BS10012:2017 Personal Information Management System including General Data Protection Regulations (GDPR)
SIGNIFICANT ACCOMPLISHMENTS & AWARDS
ACADEMIC ACCOMPLISHMENTS
Research on Computer Security innovation process – “A study on Hackers of different Shades and IT Professional towards Computer security innovation Process”, part of my Master’s thesis in Scotland, UK.
PROFESSIONAL ACCOMPLISHMENTS
Successfully setup new Program Management Office including Project Management framework process and tools for Cognizant Corporate Security.
Successfully setup the team, process and tools for Cyber Security Governance, Corporate Security.
Successfully setup Project Management framework process and tools for clients / accounts in IBM which has seen significant growth and increased the delivery scope of PMO services in other Portfolios and Business units and that PMO is sought out for consultation by the business regarding their issues, challenges and approach for PM Services.
Successfully setup the team & process for Security Operations Centre pertaining to Business Processing Industry
Improvised CSAT of all Accounts led during my professional career.
PROFESSIONAL AWARDS
IBM INDIA
Awarded IBMs prestigious “Hall of Fame” for excellence in Program Management and
Improvising the Program Delivery.
Wipro Infotech
Awarded for implementing end to end ITIL process for WIPRO – GENPACT SOC.
Ramco Systems
Awarded for enabling Information Security Services Division of Ramco Systems in obtaining ISO – 9001 Certification for their first time.
CLIENT DOMAINS HANDLED
Indian Government, Corporate, Pharmaceuticals, BFSI, Manufacturing, Automotive, Logistics, Heavy metal
& oil Refinery and Business Processing
TECHNOLOGY COMPETENCIES
Hands on experience in deploying, configuring and support of Networking and Security products for clients – Routers, Core switches, UTMs, Firewall, IPS, IDS, HIPS, Enterprise AV, DLP solutions, EDR solutions, Email Security Gateway solutions, URL & content filtering and perform VAPT, SAST, DAST.
IT INFRASTRUCTURE
Cloud Transformation (AWS & Azure),
Datacentre Consolidation, Transformation, Migration
Tech Refresh - Server & Firewall
High Availability
Disaster Recovery
Stratus ftServer
IBM P-Series
IT APPLICATION
Development environment – VB .NET, ASP.NET, Java
Web Content Management – Drupal - Acquia, wordpress.com; PHP, HTML, jQuery
Application development and releases
NETWORKING &
CYBER SECURITY
Networking: CISCO Routers, Core Switch and F5 Load Balancer
Firewall: Checkpoint, Pal Alto, Cisco PIX
Unified Threat Management (UTM): Fortinet, WatchGuard
Web Application Firewall (WAF): F5 silverline
Email Security Gateways: Sophos, Forcepoint
Vulnerability Management & VA/PT: QualysGuard, Metasploit, Nessus, Nmap, Wireshark
SAST: Checkmarx, Fortify; DAST: Burpsuite, Acunetix
NW Security:
IDS - SNORT
IPS - ISS-Proventia, TM TippingPoint
Proxy - Zscaler
Content Filtering: Websense
Endpoint Security:
EDR - Cisco AMP
DLP – Forecepoint
AV - Symantec, McAfee, TrendMicro Office scan - HIPS
Rights Management – AIP (Azure Information Management)
Privileged Access Management – CyberArk, Avecto Defendpoint, IBM ISAM
Privileged Identity Management: IBM ISIM. SIGI
Device Management: Jamf, InTune
GRC (Governance, Risk & Compliance) – MetricStream
Others
Conceptual Knowledge on Artificial Intelligence and Machine Learning.
PROFESIONAL EXPERIENCE
Cognizant Technology Solutions Dec 2016 - Present
Senior Program Manager, responsible to oversee and manage all programs pertaining to Cyber Security, Security Audits, IT Infrastructure and Cloud Migrations (Azure & AWS), M&A Integration, Transition & Transformation
Roles & Responsibilities:
Manage and oversee all programs delivered out of Corporate Security & IT PMO and Lead a team of Project, Program managers delivering Cyber, IT Infrastructure, Cloud Migration and M&A Integration, Transition & Transformation Projects.
Chair the Program Status Review meeting with the team, review the Program triple constraints (scope, time & cost) and recommend solutions (both technical & biz process approach) to unblock any roadblocks to meet the Program deadline and objectives.
Responsible for the PMO growth and increase the delivery scope of PMO services to other portfolios and Business.
Create a highly technical, collaborative environment within the team and as well with business so that PMO is sought out for consultation by the business regarding their issues, challenges and approach for PM Services.
Establish Process improvement plans for the Portfolio and leverage defect logging for continual improvement and efficient Project delivery.
Report Program status to CSO, CISO and CIO incorporating RAG, Budget, Risk, issues, dependencies along with go to green plan for Red and Amber Programs.
Actively contribute to the PM Community through running learning sessions and providing thought leadership.
End to End program management of Cyber Security, IT Infrastructure and Cloud Migration programs that includes phases from requirements gathering, feasibility study, proof of concept, procurement, development, installation, configuration and handover to operations. Supported by following documentations during respective phases.
Create business case, program charter, scope document, program plan with work breakdown structure, program risk impact determination and readiness, stakeholder analysis and communication plan, program risks and issue log, budget report, change control doc, performance metrics, service transition doc, closure report and lessons learnt.
As M&A Transition, Transformation and Integration manager, evaluate service capabilities and risk profiles before deployment of new or changed services. Manage risks relating to new, changed or retired services.
Ensure services can be managed, operated and supported in accordance with constraints specified during the service design stage of the service lifecycle and within the agreed SLA & OLAs.
Plan and manage the complexity associated with changes to services and service management processes. Manage changes to existing services, e.g. expansion, reduction, change of supplier, acquisition or disposal of sections of user base or suppliers, change of requirements or skills availability.
Liaise with multiple teams/stakeholders within Cyber teams, Account Management teams and Legal, Privacy, Compliance, Audit, Networking, IT & Application teams, ensuring Change Management process is adhered for successful implementation of projects.
Leverage Program/project management framework, methodologies (Agile, waterfall & hybrid), tools, process and templates during all phases of program.
Key Programs managed:
Transition and Integration of process & services from Cognizant’s M&A strategy. Successfully transitioned the process, services, compliance and Integrated large IT Infrastructure, Cyber Security requirements to meet Cognizant’s policies, standards, regulatory and compliance requirements. I have transitioned & integrated business from Healthcare and Digital Engineering domains.
Program manage migration of applications to Cloud Azure, AWS and Cognizant Private Cloud. This included feasibility study, creation of migration Architecture & Strategy, level of Cloud integration, Cloud agnostic approach, Security pre-requisites (SAST, DAST & Risk Assessment), Cloud KPIs, Performance baseline, prioritize migration components, refactoring, create data migration plan and production roll out plans, review application functionality & performance post migration.
Program managed the Implementation of end-to-end Disaster Recovery program for Cognizant Corporate that included IT infra, IT Security and Critical Applications with Minimum RTO & RPO; And also a key member in the annual DR exercise.
Global Risk Register program (IT & Corporate Security) as part of internal & third party Risk Assessment, Vulnerability Assessment / Penetration Testing. Liaised with vendors & all towers across Cognizant global and ensured each risk items are mitigated, compensatory controls are deployed, validated and signed-off. Given the criticality, I had reported the program status directly to the CSO & CIO weekly.
Developed and implemented Cognizant’s strategic Enterprise Vulnerability Management Program. 90% vulnerabilities in external & internal IPs that were scanned by QualysGuard ranging from severity low to High were remediated and transitioned to BAU. Given the criticality, I had reported the program status directly to the CSO & CIO weekly.
Program manage End to End GDPR implementation for Cognizant Corporate ensuring procurement, implementation of products and security controls to mitigate all the open items to comply with the GDPR Articles. Given the criticality, I had reported the program status directly to the CSO & CIO bi weekly.
Developed and implemented a program to create New / Refresh Existing Security policies, Standards, Procedures and Guidelines. These include org wide & region wise policies that are in-line with Cognizant‘s Information security Strategy and Risk Appetite.
Run Cyber Security workshops and awareness campaigns across organization as programs to ensure all employees are made aware of Cyber security threats and respective best practices to prevent, report, mitigate Cyber incidents and track respective compliance and effectiveness of workshops.
Development of Org mandatory course, Acceptable Use Policy (AUP). The objective was to meet compliance needs and create an interactive and ease of understanding of course contents that reflects Cognizant‘s security policies and security posture. SumTotal was used as Learning Management System (LMS) and designed using HTML v5, SCORM ver 2004. This program was highly recognized by CSO.
End to End Implementation (from POC to deploy) of following Security tools / products globally across Cognizant & Clients
GRC (Governance, Risk & Compliance) tool: MetricStream
Physical Security. Access control solution: Lenel OnGuard
Crisis management solution: SWN
IAM (Identity & Access Management) solution: IBM – ISIM, SIGI.
PAM (Privileged Access Management) solution: CyberArk & Avecto Defendpoint
EDR (Endpoint Detection & Response) solution: CISCO AMP (Advanced Malware protection)
DLP (Data loss prevention) solution: Forcepoint. Proxy: Zscaler
IPS (Intrusion Prevention System): ISS-Proventia,
Rights Management: AIP (Azure Information Management)
Device Management: Jamf, InTune; WAF (Web Application Firewall): F5 Silverline
Dell International Services India Pvt Ltd Nov 2015 to Oct 2016
Senior Advisory Program Manager, responsible to oversee and manage all Datacentre migration, consolidation and transformation programs for BFSI client, Citibank
Roles & Responsibilities:
Lead and mentor a Global team of Program managers and also manage Programs & Projects pertaining to Datacentre Migration, Consolidation and Transformation.
Actively involve with various teams and also provide technical expertise, strategy planning, aligning with the objectives of DC Migration, Consolidation and Transformation. This includes feasibility study, partner/vendor engagement, assessing the existing environment and designing of new environment, documenting migration strategy, creating transformation architecture, security pre-requisites, prioritizing migration components, refactoring, creating data migration plan and cut-over plans, capturing KPIs and performance baseline data of Infrastructure, applications and middleware components, review success criteria post activities and seek sign-off from various teams and Executive committee.
Report the Portfolio status to CTO, Citibank incorporating RAG, Risk, issues, dependencies along with go to green plan for Red and Amber Programs.
Track Risks & Issues, and continuously monitor the project triple constraints (scope, time & cost) to ensure quality delivery.
Key Programs managed:
Primary Datacentre consolidation & transformation with program objective to reduce 30% footprint and change in architecture.
Migration of critical applications from 3 DCs spread across Asia to Primary DC in Singapore along with Disaster recovery setup with minimum RTO & RPO.
Program manage Firewall refresh (checkpoint, Palo Alto, CISCO Pix) and P2V / Virtualization as part of DC Consolidation strategy.
Program manage implementation of New IT Infra & Security devices as part of DC Consolidation and Transformation Strategy. Implementation of ATM infrastructure, fault tolerant systems, Stratus ftServer.
and integration with ATM Management systems application.
Program managed the development and deployment of ATM management system application. This application was developed in house using Java under V-SDLC model that demanded highly accurate product testing given the sensitivity of the application.
Digital Transformation projects include (i) integration of analytics into wealth management portfolio and (ii) Card less Cash transaction in ATMs
IBM India Pvt Ltd June 2007 to Oct 2015
Portfolio Manager and Service Delivery Lead for Europe based Accounts Sep 2011 to Oct 2015
Portfolio Manager for Europe based Accounts, domains - Manufacturing, Automotive and Logistics responsible for Program Delivery and Service Delivery.
Lead and mentor a team of Program and Project Managers, specialists managing IT Infrastructure and Cyber Security projects.
Responsible for the PMO growth and increase the delivery scope of PMO services to other portfolios and Business.
Prepare Service Model & Service Introduction documents and oversee, drive establishment of SLA/OLA agreements.
Engage in strategic decision-making and continually improvise strategies, services and implement governance, management systems to effectively manage the overall delivery of Portfolio of Accounts and maintain a healthy CSAT.
Continually improvise strategies, services and implement governance, management systems to effectively manage the overall Service and Project delivery of Accounts.
Review key metrics with IBM and client Executive Committee - RAG status of all Programs & Service delivery under Portfolio of Accounts, Risk & Issue log, SLA & OLA of Security Incidents and compliance.
Responsible for customer satisfaction and establish Process & Service improvement plans for PMO and Service delivery.
Program manage complex Cyber Security and IT Infrastructure programs.
Project Manager, Transition Manager - Europe based Accounts June 2007 to Aug 2011
End to End Project Management of Cyber Security & IT infrastructure projects for Pharmaceutical client based in Europe.
Lead and mentor a team of Project Managers managing Cyber Security and IT infrastructure projects
Transition Manager: End to End Transition of Services to and from other service providers.
Implement robust framework for evaluating service capabilities and risk profiles before deployment of new or changed services. Manage risks relating to new, changed or retired services.
Ensure services can be managed, operated and supported in accordance with constraints specified during the service design stage of the service lifecycle.
Plan and manage the complexity associated with changes to services and service management processes. Manage changes to existing services, e.g. expansion, reduction, change of supplier, acquisition or disposal of sections of user base or suppliers, change of requirements or skills availability.
Decommissioning and discontinuation of services, applications or other service components
Successfully deploy service releases into supported environments by closely tracking the Knowledge Transfer of transition phase.
Key Programs managed:
Implementation of end-to-end Disaster Recovery program for logistics client that included IT infra, IT Security and Critical Applications with Minimum RTO & RPO.
End to End Transition of project & service delivery from onshore to off shore for Pharma, manufacturing and logistics client.
Software License Management (SWLM) global corporate program with an objective to achieve 92% software compliance across organization.
Datacentre consolidation including data migration to IBMs latest P-Series for Pharma client.
Tech Refresh of 750+ Servers and perimeter Firewalls.
Deployment of IBM products for clients; Tivoli products, Proventia IPS, PIM solutions, BigFix patch mgmt. Solution.
Deployment of SAP HANA including global template roll out.
Development of Intranet website using Drupal 7 that integrates with LDAP Server for user management and authentication with ACLs implemented. Learning Management System was also integrated using Drupal 7, Opigno LMS module, MySQL, jQuery, PHP.
Project managed the build, Integration and release of several in-house Applications and IT Infrastructure technologies for Pharma, Manufacturing Automotive and Logistics industry.
Prudente Solutions March 2007 to June 2007
Senior Manager - IT Security
Cyber Security SME for enterprise clients and end to end project management delivering Cyber Security projects.
Manage team of Security engineers supporting for enterprise customers.
Assess client NW and provide NW Security solutions and Security controls to mitigate the Risks.
Handling technical escalations and hands on implementation of complex Network & Security technologies.
Wipro Infotech Oct 2006 to March 2007
Senior Engineer - Security Management, SOC Lead for Client, Genpact
NW Security Solution Architect and 24x7 SOC team lead managing Security Operations for clients of Genpact
Manage team of network security engineers supporting real time security incident management
Handling technical escalations and implementation of complex network & security technologies
Ramco Systems Sep 2005 to Sep 2006
Technical Consultant, Project Manager for Cyber Security division
Responsible for developing Cyber Security solutions for clients and hands on deployment, configuration, testing and go-live of Cyber Security products.
Conduct VAPT for clients.
Plan and implement projects pertaining to Network and Cyber Security.
Unidart Technologies Feb 2004 to Aug 2005
Security Analyst
Solution design and hands on deployment and configuration of IT Security products as per client requirements. Convert the requirements to projects and implement them.
Pre-sales consultant.
Contact this candidate