Information Security Program Manager
Resume:
MANI K GAURI
Amherst, New York 512-***-**** ************@*****.*** linkedin.com/in/mgauri/
Senior Information Security Professional
An innovative IT practitioner with extensive experience in cybersecurity and IT, driving secure digital transformations and enabling organizations to achieve digital effectiveness and efficiency. Expert in evaluating security controls, and articulating gaps in all domains of information security. Known for developing and translating information security risk models into practical solutions that are easy to adhere to, ensuring the protection of critical assets. Proven track record of recruiting, building, and mentoring high-performance teams, fostering engagement, goal setting, and providing comprehensive training to drive success.
Created strategic plan for 1.2 million users at Arvest Bank for authentication and authorization of banks 60 plus products. This helped the bank move forward with a single identity product with latest technologies.
Streamlined operations by integrating separated site security and application security teams into a unified third-party risk assessment team by redefining the control set and optimizing processes, resulting in significantly improved assessment turnaround time from 2 months to 2 weeks with a 60% increase in the number of assessments conducted. PROFESSIONAL SKILLS
Program Management
Cybersecurity
Strategic Planning
Risk Management
Vendor Relations
Policy/Standards
Governance & Compliance
Ethics & Integrity
Collaboration
Communication
Team Development
Conflict Resolution
PROFESSIONAL EXPERIENCE
PRINCIPAL IT SECURITY CONSULTANT Cyspire Professionals May 2020–Present Scope: Provide information security consulting services.
Introduced a holistic look at IT systems to analyze sensitive data flow and improve security functions using risk parameters.
Proposed and implemented ISO 27000-2013 as a standard with international recognition to enable clients to meet hosting requirements for international clients, ensuring data security and compliance, resulting in a robust process that can be certified in the future, providing a strong foundation for clients’ compliance efforts.
Assessed and consolidated two disparate identity management systems for healthcare clients, implementing a unified identity system and enabling two-factor authentication on critical systems, addressing identity management gaps, and streamlined system enhancing security and facilitating multi-level authentication for improved protection. SR MANAGER, CONTENT SECURITY TWDC May 2021–June 2023 Scope: Managed and coordinated information security control framework, incident response, assessments, and consulting for internal and external teams within the CS group.
Implemented CS Group information security control framework, ensuring consistent assessments across all vendors and studio technology teams.
Advised and consulted with studio partners on implementing effective controls recommended by GIS, contributing to organization-wide enhanced security practices.
Streamlined incident response process for the content security team, enhancing their ability to effectively manage and mitigate security incidents.
Mani Gauri Page 2-512-***-**** ************@*****.*** DIRECTOR, CYBERSECURITY OPERATIONS Arvest Bank Group May 2019–March 2020 Scope: Spearheaded change management, asset management, logging, monitoring, IT exception process, and IT risk process to enhance bank-wide information security. Enabled adoption of advanced security technology through proof-of-concept evaluations and facilitated compliance with PCI and FFIEC standards while resolving audit issues.
Initiated a project to standardize operating system image across banking pillars, reducing the number of supported OS images from various teams to three, which decreased security vulnerabilities by 40% organization wide.
Contributed to establishing the bank's security organization by assisting in developing the Information Security Program Charter and Policy/Standards framework, resulting in the closure of audit gaps identified by FDIC. SENIOR INFORMATION SECURITY EXPERT Walmart January 2017–April 2019 Scope: Enabled information security risk and compliance across strategic technology projects. Collaborated with business units to understand objectives and consult on security and compliance by design solutions example workday and people analytics projects.
Implemented conditional approval process that transformed security risk and compliance review practice for Walmart and Sam's Club businesses, reducing average time for risk review and approvals by over 60%.
Collaborated with Privacy and Legal teams to comply with GDPR for ASDA (Walmart's UK division) by effectively tracking and maintaining appropriate controls through the tool. ASSOCIATE DIRECTOR, INFORMATION SECURITY Syracuse University May 2011–December 2016 Scope: Actively defended the university from all types (including state-sponsored) of cyber-attacks. Directed introduction of new tools, processes, and best practices to identify, protect, detect, respond, and recover across the enterprise.
Updated the university's information security policy and standards in collaboration with senior technology leadership, ensuring compliance with industry best practices and regulatory requirements.
Implemented strategies to mitigate identified risks, reducing the attack surface and implementing a comprehensive incident response plan for effective handling of security incidents.
Led "Secure'Cuse" security campaign at the university, promoting awareness and best practices among the community.
Participated in InfoSec Community, engaging with organizations like REN-ISAC and HEISC, and shared expertise as a panelist at Educause Security Professional Conference 2014 on managing BYOD in the university setting. ADDITIONAL PROFESSIONAL EXPERIENCE
IT SECURITY ANALYST, PROJECT MANAGER JP Morgan Chase Bank EDUCATION & CERTIFICATIONS
Master of Science - Information Management Syracuse University, New York Electronics Engineering DITT, Delhi, India
CISSP (ID - 439281)
GIAC WAPT (ID - 3624)
Cisco Certified Network Associate (ID - SP2931634)
Contact this candidate