SUJITH KAIPPANCHERY CHOLAYIL
visa : L*S( EAD)
EDUCATION & Certifications
Bachelor of science, University of Calicut 1998-2002
Successfully Completed PMP Training from NTUC, Singapore
Successfully completed PGDCA from Chinmaya Mission College, Thrissur
Successfully completed DNIIT from NIIT, Thrissur, and Bangalore
Professional Experience
TECHNICAL SPECIALIST, Information security 2020 APR to Current
Singapore Stock Exchange, Singapore
Successfully handling entire Vulnerability Management and assessments of the client, Singapore Stock Exchange.
Managing the entire VMS team.
Decoding the Latest Cyber Threats and Vulnerability, informing the team with mitigation measures to safeguard organization Assets against any cyber security threats.
Currently building and managing the areas of security assessment, vulnerability management, risk-based threat analysis and responsible for managing the end-to-end vulnerability management workflow
Accomplishing the Scans and identifying vulnerabilities associated with Singapore Stock Exchange assets connected to the network on Monthly basis.
Being in Security Engineering team, Improved the process of in the identification, design and implementation of new tools as requirements arise, consolidating and rationalizing the various vulnerability data from different scanning tools to provide meaningful information for metrics that help prioritize and drive remediation activities.
Management of Security Tools such as NIPS, SIEM, WAF, Proxy, Data, Endpoint Security, etc
Liaising with internal stakeholders and senior leadership
Assisting for handling compliance meeting.
Experienced in setting up an off-shore development Centre at India.
Team Lead/Project Management.
Head of Engineering & Technology may 2015 to apr 2020
Panzer Technology Pte Ltd & Sister Companies, Singapore
Security Assessment and Vulnerability management
Risk-based threat analysis
IT Head – Managed the enire IT Infra and Engineering Team.
Established the new audit policies for Security hardening based upon CIS benchmark.
Senior web developer sep 2011 to apr 2015
ClickTRUE Pte Ltd, Singapore
Creating Project plans for development of web portals by understanding the client business needs and end user interests.
Develop Websites using Popular CMS & MVC
technical lead mar 2011 to jul 2011
Paramount Tech Labs, Bangalore, India
Creating Project plans for development of web portals by understanding the client business needs and end user interests.
Develop Websites using Popular CMS & MVC
senior software engineer may 2008 to feb 2011
Wortal Technologies Pvt Ltd, Bangalore, India
Responsible for lead a team as well as development(LAMP). Project includes Cassandra, Sphinx, drupal and some latest javascript libraries like Jquery, DOJO, prot ype.js etc. Reporting to Manager
web developer may 2007 to apr 2008
Calypso Technologies Pvt Ltd, Mumbai, India
Responsable for developing in-house application using LAMP technology. Reporting to Manager
senior software engineer sep 2006 to may 2007
Software Developer India, Mumbai, India
Responsible for developing websites. Reporting to Manager.
web developer jan 2005 to apr 2006
Softeweb Thrissur kerala, Thrissur, India
Responsible for developing websites. Reporting to Manager
web developer jan 2002 to nov 2004
Digital Computers irinjalakuda, Thrissur, India
Responsible for developing websites. Reporting to Manager
Business, Leadership, Security, technical and management Skills
Leadership Skills: Speaking to Board of Directors, Active Listening, feedback, creating sustainable security programs, presentations, soft skills, cultural intelligence, team building, coaching, mentoring, delegation, prioritization, metrics etc.
Vulnerability Management: CVE/CWE, Tenable SC, Tenable IO,s Nessus.
Vulnerability Assessment
Email Security: Symantec Gateway (SMG), Proofpoint.
Languages - PHP, HTML, Javascript
Database : MySQL, NoSQL (Cassandra)
Compliance. : NIST,COBIT,PCI DSS
Data Loss Prevention: Symantec DLP
Network Monitoring Tools: Dartktrace, Gigamon
Endpoint Protection Platform / Next Generation Antivirus / EDR / MDR: Symantec Endpoint Protection (SEP) / CrowdStrike.
Security Information Event Management (SIEM): Symantec SIEM
Network Security Architecture: Web Application Firewalls .
Web / DNS Proxy: WSS
NIPS: Symantec NSM
Change Management: ServiceNow, Jira, best practices, process integration, relation to configuration management, etc.
Hardening: CIS (level 1 and 2), for almost all systems, databases, network, OS. Concepts such as configuration drift, change management, risk acceptance, etc. as functionally applied to IT and Security programs including CVE, CWE, & exception management, risk management.
Privileged Access Management (PAM): Remedy.