Information Security Manager
Resume:
Major Certifications Profile Summary
• Advanced Cloud Security
Auditing for CSA STAR
Certification
• Six Sigma Green Belt
• Six Sigma Black Belt
• ISO 27001 IRCA Certified Lead
Auditor
• IRCA Certified ISO/IEC
20000:2005 Lead Auditor
Certification
• Certified Internal Auditor (ISO
9001:2000)
• ITIL v3 – Foundation
• Microsoft Certified Professional
– (Windows 2000)
• Certified Novell Engineer
19+ years of experience in IT Operations, IT Service Management, Project Management, Information Security, IT Audit, Processes, Compliance and IT Training.
• Defining Information Security controls and implementing them via ISMS (ISO 27001, NIST, SANS, PCI DSS).
• Defining and implementing enterprise-wide SAP Security Controls via SOX.
• Define policies and procedures related to information security & logical access, documenting them and implementing it globally.
• Expertise in planning & building IT Infrastructure at the enterprise scale involving selection of appropriate technology & products, finalizing the Service Level Agreements, outsourcing tasks and directing timely completion of projects.
• Proficient in implementing IT Service Management processes with respect to ITIL practice.
• Handling internal and external Information Security audits.
• Experience in Management Reporting/Dashboard designing.
• SAP & IDM User & Role management. Introducing compliance in SAP logical Access.
• Experienced in monitoring and analyzing the existing weakness of a SAP system via Akquinet SAST GRC tool and acting to mitigate them.
• Experienced in IT training.
Professional Experience
Organization Duration Designation Area of Work
The GPT
Group
Jun’19
Deputy General
Manager - IT
• Setting up IT policy and establishing them by via compliant IT services management framework. This includes establishing cyber security framework/policies
• Management & maintenance of all security devices (Firewall, F5 Big IP, etc )
• Implementing of new technology via frugal technology innovation methodology.
• Negotiating contracts with IT vendors/service providers/business partner.
• Managing budgets and processes to eliminate or reduce costs via new cost effective technology.
• Implementing IT compliant controls (NABH) in the hospital CARES
Apr’18 –
May‘19
Senior
Consultant
• Risk Analysis.
• Define and implement the Information Security Management System.
• Train and build competencies for the Roles.
• System maintenance and monitoring.
• Audit
The Linde
Group
Nov'07 –
Mar’18
QA Security
Technical
Manager
• Responsible for service delivery and operational activity in the area of SAP authorization & Role management for all SAP modules.
• Owner of the Incident, Change and Escalation processes, ensuring high levels of performance in these processes, accurate reporting and establishing service improvement activities when required.
• Understanding the business requirement and implementing the compliant solution..
• Process definition, documentation and process establishment related to SAP access management and ensuring that the processes are followed.
• Defined and implemented effective process for optimal usage of SAP licenses.
• Preparation of management reporting and dashboards. SINCHAN BANERJEE, MBA, LA 27001, ITIL, 6 Sigma Black Belt.
IT Operations Management, IT Service Management,
Project Management, Information Security,
Compliance, Audit and IT Training
addsft@r.postjobfree.com 983*******
Manager -
Application
Security
• Single point of contact for service delivery in the area of SAP Security for all SAP modules.
• Operated as a global lead for the measurement and monitoring of SAP license usage.
• Handled security audits (Internal/External) for the organization single-handedly and ensured successful accomplishment of the same without any nonconformity.
• Addressed multiple complex situation to increase the efficiency of SAP Security Operations by 100% and aligned IT more tightly with the business by defining dashboards and data analysis for the board-level executives.
• Mentored & motivated the team and helped in promoting over 40% team members to higher-level opportunities through consistent career development leadership.
• Conducting SAP Security gap analysis and addressing them towards closure.
• Selecting and implementing suitable technology to streamline all internal operations and help optimize their strategic benefits
• Addressing the gaps found during vulnerability assessment and penetration testing and fixing them within a defined timeline.
ITC Infotech
India Ltd. (ITD
Division)
Sep’06–
Oct’07
Incident
Manager
• Managed a number of key functions within the ITD department (Service Desk & Infrastructure Support) that enabled the delivery of a high quality service to end users, and ensured Service Support and Service Delivery processes are in place to meet business requirements.
• Defined infrastructure operational support processes, enabled innovation & leveraged IT trends to create business values in alignment with the organization’s requirements and expectations.
• Handled internal/external IT audits which yielded no major/minor non-conformance.
• Finalized large-scale vendor agreements for various software & hardware support.
• Ensured efficient and effective management of resources. Ushacomm
India Pvt. Ltd.
Feb’05–
Sep’06
Manager, IS
• Managed all IT related infrastructure and service delivery processes including Servers (Windows/Unix), Mailing System, VPN, Firewall, Network Intranet and Anti-Virus.
• Defined policy/procedures in the area of operational support (Incident, Problem & Change Management).
• Defined budgets and expenditure forecasts for hard & soft resources.
• Developed the DR/BCP structure (Service Continuity Management).
• Ensured efficient and effective management of resources Wisetech
Solutions Pvt.
Ltd.
Mar’02–
Jan’05
Consultant
• Managed various diversified complex turnkey projects (IS Infrastructure) successfully.
Standard
Chartered
Bank
Feb’00–
Jan’02
IT Officer, East
• Ensured efficient and effective IT operations daily i.e. IT infrastructure operational support including Desktops, Servers, Routers, Networks and Backup.
• Handled internal/external IT audit successfully.
• Vendor Management including selection/evaluation of their performance and suggesting/defining processes for better operational support within the defined SLA.
• Implemented change successfully as a result of mergers, consolidations during the merger of Standard Chartered Bank and ANZ Grindlays Bank.
• ATM operational support including software upgrades and ATM mergers.
• Service Continuity Management Defined & tested BCP and DRP successfully for all the branches in eastern region.
Aptech Ltd.
Sep’98–
Jan’00
Regional
Technical Head
• Managed a team of over 20 technical experts for providing corporate/ career training.
• Liaised with business partners (Franchisee Centres), providing technical training/guidance and auditing the centre.
Tata Infotech
Ltd.
Apr’95–
Aug’98
Coordinator,
Technology
• Provided trainings in the area of Novel Netware leading to the CNE certification.
• Led a team of 15 plus trainers for technical training on career/specialized subjects. DataproInfowo
rld Ltd.
Apr’93–
Mar’95
Technical Head
• Delivered technical lectures in the area of Unix, C and Oracle to the students
/corporate clients
Computer
Point
Feb’93–
Apr’94
Faculty • Delivered technical lectures in the area of Unix. Academia
• MBA (Information Technology and Production & Operations Management) from Amity University in 2012.
• Diploma in Quality Assurance & ISO 9000 from National Institute of Labor Education & Management
(NILEM) in 2006.
• Communication and Interpersonal Relationship for Effective Management from XLRI, Jamshedpur in 2002.
• Hons. Diploma in System Management from National Institute of Information Technology (NIIT), Kolkata in 1993.
• B.Sc. from University of Calcutta in 1991.
Personal
Details
• Nationality: Indian
• Languages Known: English, German, Bengali & Hindi.
• Residential Address : West Bengal, India
Contact this candidate