Over 6 Years of experience in Information Security, Endpoint System Security and IT Risk & Compliance Management. Extensive knowledge in the areas of Vulnerability Management and compliance scanning tools in addition to identifying risk, remediation and recommending security improvements.
Expertise in Dataand Endpoint Security with deep Knowledge of Data Loss Prevention (Force Point & Proofpoint), IDS/IPS technologies (TrendMicro), Compliance & Endpoint Security (Symantec Tools, Bit locker, Force Point) and SIEM (Splunk, ArcSight. QRadar) with recommended information assurance policies and standards.
Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks.
Performed Risk Assessment, Gap analysis & created a Risk Mitigation plan and Assisted the GRC team in integrating regulatory compliance requirements (e.g., PCI, NIST, CIS) into the organizational security roadmap.
Experience with VM identification, analysis, and metrics, as well as processes enabling proper Governance, Risk and Compliance (GRC)
Proficient in understanding the DLP policies, Due Diligence Questionnaire (DDQs) and System Organizational Control (SoC)
Excellent knowledge of FISMA, HIPAA and NIST, GDPR, PIPEDA, PIA Compliance usage, rules and regulations
Deep technical skills, knowledge of network protocols and network communication principles, and understanding of vulnerabilities and remediation techniques.
Knowledge of risk, compliance & Vulnerability Assessment using Qualys, Uptycs, Demisto, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
In-depth experience with internal, external, network & application vulnerability assessments utilizing Qualys Guard and FireEye
Strong experience in all phases of the Software Development Lifecycle (SDLC) using Waterfall, Agile/Scrum, and Software Testing Life Cycle (STLC).
Hands-on gathering requirements and creating Business Requirement Documents, Functional Requirements, User Requirement Specifications and Content Management Systems documents.
Experienced in conducting Cost-benefit analysis, ROI analysis, SWOT analysis, and User Acceptance Testing (UAT).
Proficient in creating (Unified Modeling Language) UML Diagrams, ER Diagrams, and Web Page Mock-Ups using Rational Rose and MS Visio.
Hands-on with business process analysis, process improvement, strategic planning, assessing business needs and implementing optimal solutions.
Analytical, methodical and resourceful approach to Problem Solving, Root-Cause Analysis, Conflict Resolution, Negotiation Strategies and providing corrective actions to meet business requirements.
Clarified client requirements, business needs, and project objectives, via client meetings, and brainstorming sessions in collaboration with all stakeholders.
Supporting Project Delivery Manager in Preparing Global Reports for multiple projects – Project-wise, Monthly-wise, and Resource-wise.
Experience
Over 6 Years of experience in Information Security, Endpoint System Security and IT Risk & Compliance Management. Extensive knowledge in the areas of Vulnerability Management and compliance scanning tools in addition to identifying risk, remediation and recommending security improvements.
Expertise in Dataand Endpoint Security with deep Knowledge of Data Loss Prevention (Force Point & Proofpoint), IDS/IPS technologies (TrendMicro), Compliance & Endpoint Security (Symantec Tools, Bit locker, Force Point) and SIEM (Splunk, ArcSight. QRadar) with recommended information assurance policies and standards.
Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks.
Performed Risk Assessment, Gap analysis & created a Risk Mitigation plan and Assisted the GRC team in integrating regulatory compliance requirements (e.g., PCI, NIST, CIS) into the organizational security roadmap.
Experience with VM identification, analysis, and metrics, as well as processes enabling proper Governance, Risk and Compliance (GRC)
Proficient in understanding the DLP policies, Due Diligence Questionnaire (DDQs) and System Organizational Control (SoC)
Excellent knowledge of FISMA, HIPAA and NIST, GDPR, PIPEDA, PIA Compliance usage, rules and regulations
Deep technical skills, knowledge of network protocols and network communication principles, and understanding of vulnerabilities and remediation techniques.
Knowledge of risk, compliance & Vulnerability Assessment using Qualys, Uptycs, Demisto, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
In-depth experience with internal, external, network & application vulnerability assessments utilizing Qualys Guard and FireEye
Strong experience in all phases of the Software Development Lifecycle (SDLC) using Waterfall, Agile/Scrum, and Software Testing Life Cycle (STLC).
Hands-on gathering requirements and creating Business Requirement Documents, Functional Requirements, User Requirement Specifications and Content Management Systems documents.
Experienced in conducting Cost-benefit analysis, ROI analysis, SWOT analysis, and User Acceptance Testing (UAT).
Proficient in creating (Unified Modeling Language) UML Diagrams, ER Diagrams, and Web Page Mock-Ups using Rational Rose and MS Visio.
Hands-on with business process analysis, process improvement, strategic planning, assessing business needs and implementing optimal solutions.
Analytical, methodical and resourceful approach to Problem Solving, Root-Cause Analysis, Conflict Resolution, Negotiation Strategies and providing corrective actions to meet business requirements.
Clarified client requirements, business needs, and project objectives, via client meetings, and brainstorming sessions in collaboration with all stakeholders.
Supporting Project Delivery Manager in Preparing Global Reports for multiple projects – Project-wise, Monthly-wise, and Resource-wise.
