Information Security Manager
Resume:
SENIOR IT HEAD & MANAGEMENT PROFESSIONAL
Accomplished and knowledgeable IT professional with progressive experience in information technology project management, implementation of technologies and enterprise systems. Versed in coordinating multiple projects, managing large IT/technical teams, infrastructure set-up, project budgeting and planning, improving operational processes, ERP implementation, information security and technology service procurement.
Extensive experience supporting IT services across the fields of Oil & gas, Chemicals, Asphalt, construction & real estate, manufacturing, finance, hotels & hospitality, hospital, Tyres, logistics, automobiles & transport, retail & FMCG.
Management Highlights and Competencies
IT project management (13+ years)
Outline the goals for research and development.
IT Asset Management tools & deploy all technological services.
Financial planning & execution
Program management & service
Application, Data, IOS, Hosting
Demand Management, Agile/SDLC
ERP Full Cycle & Network / Security planning and implementation
Audits and compliance
IT policies, governance practices and training end-users
Servers, storage and database
Use-Analytical & Collaboration skills
Client Demand, de- risk, risk
Gateway, Access System, Disaster recovery management
Vendor management / Data center, sys architectural design management
Leadership and team building skills
Strong analytical, organizational and communications skills
Experience and Performance Highlights
Prashmi Solutions Private Limited December 2016 – Present
CTO - InfoSec Consultant
Provide IT support to clients across different business segments (Banking, Hospital, Real-estate, Clinic firms)
Provide IT Audit, Compliance and Assurance reviews, ISO27001 Framework, IT Risk, Forensic support, Cyber Security, Project & Program and IT operations risks.
Provide Advisory and Professional Services to the client, eg Digital Transformation, Modernize IT & move to cloud
Provide consulting services for IT infrastructure set-up, AI, BI, IT Security, ERP implementation, web sites, multimedia, server management, write technical documents. etc
Provide consultancy services, Business Policy, contracting, delivery project plans, development etc
BinOmran Trading and Contracting October 2014 – April 2016
Group IT Manager Reporting to: CEO
Responsible for the achievement/demonstrate of IT mission, goals, financial objectives digital transformation & budget. Evaluate and report progress to the Executive Director, CEO
Manage complex transformation plans across internal and external teams, delivering expected results, while leading the
identification and mitigation of business and technical risks
Facilitate an information security governance structure through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board.
Work with the vendor management office to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations.
Create and manage a targeted information security awareness training program for all employees, contractors and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences.
Provide clear risk mitigating directives for projects with components in IT, including the mandatory application of controls.
Lead the security program to mobilize employees in all locations.
Lead the Its department & information security function across the company to ensure consistent and high-quality information security management in support of the business goals.
Determine the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of nondigital risk areas.
Manage the budget for the information security function & Develop an information security vision and strategy.
Provide / plan Comprehensive security such as, IT Risk, users, portal, webservices / Cloud etc
Work effectively with business units to facilitate information security risk assessment and risk management processes, and empower them to own and accept the level of risk they deem appropriate for their specific risk appetite.
Develop and maintain a document procedure / framework of continuously up-to-date information security policies, standards and guidelines. Oversee the approval and publication of these information security policies and practices.
Create the necessary internal networks among the information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure alignment as required.
Create a risk-based process for the assessment and mitigation of any information security risk in your ecosystem consisting of supply chain partners, vendors, consumers and any other third parties.
Work with the compliance staff to ensure that all information owned, collected or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as data privacy.
Ensure that data privacy requirements are included where applicable and appropriately implemented.
Manage and contain information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company's reputation.
Coordinate / provide economic best service to JV partners and same update to board and IT developments
Handle diverse situations, multiple projects, rapidly changing priorities, and leading junior developers
Lead a team for IT (ERP + Mobile App + Software developers + Infrastructure team), ERP Implementation
Remote Infrastructure management of Hardware, Servers, VPN, security located at external Data center / site
Oracle SQL, Integrity, Server Management/Backup, Production / Material Planning, ERP Reporting
O365 user creation, security updates are active. Renewals license, certificates & Payment of Bills on time.
Plan, manage and monitor:
oProcurement, maintenance, operations and upgrades of IT assets across the company and its branches
oLAN & WAN network / cyber security and requirements at the corporate level
oCorporate servers, manage help desk operations and Backing up of all servers, AD, backup -DR, network, security, report, data, performance, availability, reliability, security specifically IPS/IDS product-DDoS, networking etc.
oWorking knowledge of AWS / Azure Services IaaS, PaaS, and SaaS and coming trends in the Cloud space
oVideo conferencing link between the various group Project locations, Provide Training, review plans
oManage / Implement IoT in organization.
Hamdan Trading Group, Oman September 2010 – September 2014
Group IT Manager - Security – Operations Reporting to: MD
Manage IT function for the Hamdan group of companies: Finance & money exchange, logistics, Mining, Hospital, Transport, Tyers & Automobiles, Construction & Real estate, Travel & Tourism, logistics, Plaza Hotel, Insurance, and FMCG etc.
Work closely with the CEO and other team members (Software Development, infrastructure, and vendors) to plan technology initiatives and provide routine reporting of the progress and KPIs.
Prepare SOC 2 (Service Organization Controls) and ISMS compliance for HTG Group
implemented IAM solutions Okta, also do review, analyze and maintain processes.
Lead the technology infrastructure strategy and execution for the enterprise. Planning, project management and implementation leadership, identifying opportunities for automation, cost savings, and service quality improvement.
Ensure that IT policies and procedures comply with CBO (Central bank of Oman) rules and regulations
Design, Develop Portfolio & implement Demand Management, Marketing’s Future State Technology Ecosystem
Designing and documenting security administration policies and procedures for the production environment.
Design technical security including table, report, programs and interface security for the production environment
Drove innovation engineering, development, & daily operations of business-to-consumer
Ensure risk & control, disaster recovery systems are in place for all the business-critical applications
Money Exchange Security & payment Gateways: (Credit / Debit Card / Money / online Transactions)
Coordinate internal and external reporting requirements for IT Security relative items
Development of enterprise standards and technology architecture and the IT operations governance process
Conduct product and vendor evaluations ensuring best in class technologies and partners
Application (banking) Service Coordinator, and make sure that all system license is updated
Prioritize security coverage to ensure that important data receives the highest levels of protection
Implemented SAP ERP for all profit centre & modules – like like HR, Payroll, Finance, Tax, Procurement, Treasury, IT, Intimations, Project Management, Legal, Distribution, Supply Chain / Logistics, Materials Management.
Leading practices as it relates to SAP Hana admin, Security, & provide recommendations to clients on security role.
Created a Centre of Excellence for User Experience and 360 Degree Customer Touch-point analysis
0
Hamdan Exchange
Security – Operations core responsibilities
Measure, manage & report – availability, performance, capacity, risks, infrastructure & SLAs from business perspective
Manage payment gateway, digital payment, integrate exchange 3rd party payment gateways
Data Privacy control assessments, A. Review control environment of clients to find gaps policies processes and procedures in alignment to requirements of various laws like: GDPR, Data privacy laws
Develop effective solution, definition and management of UAT, Perform change management
Configuration management & period reviews to ensure optimum security, availability, performance and capacity
Manage corporate network infrastructure (firewall, switches, load balancers, updates/ security patch etc.)
Overall technology evaluation and selection to meet the agreed upon security architecture plan
Ensure latest stable version of the solution, hardening, latest security patches, backups & retention as required.
Implementing cyber security, soc management programs. Covering, Training, Governance, Risk and Compliance. (Manage, prevention, Detect, respond)
Monitor and manage the detection, containment, remediation and reporting of Information Security threats across the IT network
Cyber Threat Intelligence: Collecting sources of intelligence (adversary behaviors, active incidents, events, etc.)
Manage and conduct network forensics for proactive investigation.
QATAR ENGINEERING AND CONSTRUCTIONS W.L.L April 2008 - August 2010
Site IT Project Manager & IT Procurement Manager Reporting: CTO
Assist IT department for $230 Million Dolphin Project, $120 Million Qatar Oil & Gas project & several Oryx projects (Gasal, RasGas Project etc.)
Responsible for provision of IT infrastructure including desktop applications, LAN / WAN & telecommunications
IT Project Planning & Coordination with Project Management Consultants/ Contractors
Follow up department requirements of materials and equipment in coordination with Purchasing Unit
Provide / manage / coordinate with IS service provider RF, MPLS, VPN, EDI, ADSL, Internet and many other sophisticated technologies as well configuration for networking, LAN, WAN, Firewall, VPN, VMware, Dynamic DNS, DHCP, FTP, Windows, Exchange, SAN/NAS, CCTV
Cross check project requirement, quality, service, warranty, and IT technical specification
Monitor the 0end-to-end procurement process on daily basis
Coordinate internal resources and third parties/vendors for the flawless execution of projects
Ensure to have a Master Agreement, Contract, SLA, Escalation all major IT Vendors in place.
Manage biometric, payment processes, payment id cards, payment processing
Adherence to procurement process - Verification of invoices before payment globally
Review, in conjunction with the Quality Assurance Manager, Project plans and monitor delivery of contracted IT services executed by external vendor, to ensure that the projects meet the required quality and standards set by the Group.
Lead knowledge sharing sessions across projects including end of stage lessons learned.
MRS FASHIONS, (MUST GROUP), Bahrain, Egypt, Bangladesh, Hong Kong October 2006 - March 2008
MIS Manager/Procurement Manager Reporting: CTO & CEO
Manage IT GPRO Garment Track- Application / Data Center / Networking and Security
Outline a formal planning process, and lead an IT team to manage operations in multiple locations
Coordinate projects from development through implementation and work with vendors and consultants
Management of IT Infrastructure, hardware & software troubleshooting, user training, security assignments, mail server management & work closely with IT groups across overseas offices
System management (Driving ERP, (Fast react, HRMS, ERP), DTS (Direct to store) modules) & Retail, GPRO,
Implementation / Rollout Support & Development of Customized MODs (database objects, analysis, Webhosting, Web applications design, development, maintenance and support of software applications)
Develop a high-performance team through ongoing coaching and constructive feedback.
Estimate IT requirements for factory and implement cost control measures
PRIOR EXPERIENCE
Rishabh Metals & Chemicals Pvt. Ltd. India, June 1999 - Oct 2006 [Commsys Manager – IT Manager]
Mumbai University – Mumbai, India, Sept. 1997- May 1999 [Hardware-Network Engineer]
Education, Certifications & Trainings
Education
MBA-IT National College –Mumbai
B. Com, Shivaji University, India
DMS (Diploma in Management Studies), University of Mumbai, India
“CIC” (Certificate In Computing), IGNOU University
Certifications
ITIL V3 (Information Technology Infrastructure Library)
CLP (Certified Lotus Domino Professional)
MCSE (Microsoft Certified Systems Engineer)
CCNA (Cisco Certified Network Associates)
100w & 200w – OPSEC OPS Security for control systems US
Certified Ethical Hacker (CEH V6)
Trainings
SAP Training and implementation cycle for all module
Oracle Training and implementation cycle for all module
MS Dynamic Training and implementation cycle for all module
Open source ERP implementation
CIISA (Certified Internal Information Security Auditor)
CISSP (Certified Information Systems Security Professional)
Python in Networking
GCP Training completed
SAM – Software Assets Manager
ISMS & ISO27001: Risk management & Information Security System & Auditing
Waterfall & Agile Management
DRP – Disaster Recovery Pl
SalesForce ADM201, Seeds InfoTech
E-Commerce 2000
PMP & SDN
Skills
Database
Oracle / SQL, dBase, Paradox, Hadoop SAAS, Aster, MS-Access, Data Migration
ERP / CRM Platform
CRM, SAP, Oracle Fusion / 9i, MS Dynamic, Salesforce, SaaS, Microsoft 365 CRM, Dynamics AX ERP system, Fastreact, GPRO, ADempeire (open source) Adler, Tally-ERP, Cloud service Manager, MS tech stack, SaaS, PaaS and Caas.
Firewall - Security
Cyber Security, SailPoint, RSA, Okta, Cisco, Gate Protect, SonicWall, Juniper, Checkpoint, Palo Alto, MacAfee Firewall, SOPHOSE, WebSence, Watch Guard, Check Point, Splunk, ArcSight, PCI DSS, DDOS, SIEM, Data Protection, Compliance / UTM, Kaspersky, Symantec, Cloud Security
Forensic tools
Encase, FTK, Cylance, Silence TV,
Network & Communication
IIS, IP, DNS, ISP, Ports, IPSEC, BGP, OSPF, 802.11) MPLS, LAN, WAN, Wifi, RF, VPN, ADSL, Cisco-IP, Avaya, Nortel, EPBX system
Finance / Exchange Security
Payment Gateway, Digital Banking Tech sys, Mobile payment notification
Mail System
Office365 / M365, Exchange, Lotus Domino, Postmaster, Blackberry Enterprise Servers
Server Vendors
HP, IBM, Acer, Asus, Dell EMC, Fujitsu,
Servers & Operating systems
Win2k3-8-12, (AD-ADFS-MFA), Azure, WebSphere, Stacks & Virtual Servers, Win10, XP, Dos, Linux
Software Tools
SharePoint, Hyper-V, VMWare, Sun-Solaris, Citrix, HIS, HMS
Programming languages
C++, Java, J2EE stack, Apex: 7.0 SQL Server- Oracle R10 /JD Edwards, Python & Android
Argus v6, MS Access, PLSQL/SQL, RDBMS, Foxpro, Dbase
Project Management
Qlik View, MS-Project, Primavera, ICAPS, Crystal report
Web Services/ tools
HTML, DHTML, HTTP, HTTPS, React, JScript, VBScript, ASP, XML, Flash, Dreamweaver, Photoshop, Apache, Tomcat
Storage & Other Tools
Fastreact, Mining tools, API Tools, MIS systems – BO, AI, IBM, HP, SAN, NAS, Tape Backup tools, MS Power BI tools, PREMIA - Insurance Management CRM, CAD tool, JMAF for mac, R & X-Ways, CCTV, Access Control, GPS Management system, RF lD, Scada, Print Servers.
Personal Details
DOB : 14-08-1975
Languages Known : English, Hindi, and Marathi
Driving License : Oman, Qatar, Bahrain, (GCC), Papua New Guinea, India
AKASH SHARMA
Email: ************@*****.*** Current location: Bangalore / Mumbai, India
Contact number: +91-773******* LinkedIn: https://www.linkedin.com/in/aakashking
Contact this candidate