Highlights:• 10+ years of IT experience in the area of Information Security Consulting, Information Risk Advisory services, Technology Consulting, Network Security, IT Risk assessments, Security technologies, SIEM Consulting, implementation, Presales as well as Network administration and Server Administration. • Hands-on experience with SIEM Consulting, pre-sales, implementation, Log monitoring, Incident analysis (HP-ArcSight, RSA-SA, Archer, DLP, Envision, Trustwave, & IBM QRadar Solutions). • Working knowledge of performing, Risk Assessments, GAP assessments Technology Assessments as per ISO 27001:2013 / COBIT5 framework. • Well Versed with Application Security, Endpoint Security and Vulnerability Assessment, VM Tools and Penetration Testing and SOC operations. • Configuration, Installation and administration of Security technologies of Cisco ASA, Check Point, Stonesoft, Fortigate, SonicWall firewalls, including Trustwave SIEM, ArcSight ESM, Logger, Web, IPS, IDS, VPN, and Server2k8. • Good knowledge and experience in configuring and monitoring LAN, WAN, TCP/IP, UDP, HTTP, and Routing Protocols: RIP, IGRP, EIGRP, and OSPF, Frame Relay, Cisco Routing / Switching concepts. • Experience in Installation, administration & configuration of Domain Controllers, Active Directory, IIS, DNS & DHCP. • Experienced in working on Telecom Systems, i.e. Nortel PBX Option 11C, 81C telecom systems, Nortel CallPilot Application Builder, Symposium SCCS. • Team-oriented and a fast learner with excellent operational judgment with network, management troubleshooting skills, excellent verbal, written and communication skills.

Skills:CEH, Network Security, DNS & DHCP, MCITP Server, IP service Engineering, CISM, Information Security Risk Consulting, IT Audits and Assessments, SIEM, SOC, GRC Consulting

Goal:An Experienced Information Security professional seeking a challenging position for Information Security Manager / Project Manager in a growing company where my skills and experience be best utilized in achieving the goals and objectives of an Organization.

Membership:ISACA (CISM), HP ExpertOne, ISSA, ISC2, & Others

Certification:• CISM –Certified Information Security Manager (ISACA) (Dec 2014) • HP ExpertOne - AESA (ArcSight Enterprise Security Analyst) -HP0-M54 (PL72260312). • C|EHv7 Certification (EC Council-ECC60807569413) • COBIT5 Certification (APMG). • CCNA Certification, R&S and Security (Cisco ID: CSCO11719755). • CCNP Security (642-618, IOS firewall). • ITIL v3 Foundation Certification (EXIN). • Pursuing CISA and CISSP Certifications.

Information Security Project Manager 06/2014 - current
Al Ghunaim IT, Dammam, Eastern province Saudi Arabia
Industry: Oil & Gas
(Information Security Project Manager) Dammam, Saudi Arabia May 2014-Present ??Client YASREF (Saudi Aramco JV Oil & Gas Refinery) Yanbu.
Information Security Risk Advisory (Audits, Risk Advisory) • Managing Information Security projects for ISO 27001, IT Security, Application Security and Technology Assessments. • IT General Controls and IT Process Reviews for overall IT Processes and Risk assessments. • IT Controls Framework Design and Risk Control Matrix for Risk identification / mitigation reviews. • Part of the IT Governance, Risk, and Compliance & Information Protection Project committed to assist end to end ISMS Implementation for YASREF. • Planning for rollout of strategic initiatives including Cyber Threat Protection, IP (Intellectual Property) Protection, Data Loss Prevention, Bring Your Own Device (BYOD), various Cloud and Enterprise Mobile Services. • Acting as internal information security consultant to the organization. Advise the organization with current best-practices about information security technologies and related regulatory compliance. • Preparing Scope of work, evaluating RFP response and Technical Advisory for implementation of ISO 27001 Framework and Technology Solutions to be implemented in the organization. • Performing IT Security Assessments / Internal Technology Assessment / Risk Assessments / Risk treatment plan, Business Continuity Planning and Configuration reviews. • Reviewing and Creating ISO Technical Policies as per ISO 27001:2013 standards. • Conducting IT Security Audits and Internal Audits. Information Security Consulting (SOC, SIEM, GRC) • Managing, Planning and administration of SOC operations for Yasref administration with implementation, monitoring, policies and procedures. • Planning and designing of Security Incident Management Process and Security Incident Response Plan. • Configuration, Implementation and tuning of ArcSight SIEM (Phased out). • Oversight of Implementation for RSA Security Analytics, RSA Archer, RSA DLP (Endpoint) and HPSM. • Planning and implementing Security Architecture including Cyber Security and Network Security, Incident Management, administration of Stonesoft Firewall and IPS, HP Service Management for YASREF. • Designing and Evaluating planned integration of Security tools i.e., Bluecoat proxy, FireEye, RSA ECAT, McAfee HIPS, Prolexic, IronPort Solution, Vulnerability Scanners, Web Application Firewalls and other Security Solutions.--
Information Security Consultant 11/2013 - 05/2014
Mahindra SSG, Mumbai, Maharashtra India
Industry: Information Security Risk Consulting
(Information Security Consultant) Mumbai, India
Managed Security Services (SIEM/SOC Consulting, Implementation, Presales, GRC) Technology Consulting and Managed Security Services (SIEM Consulting, Implementation, Presales) • Managing delivery of MSS services for multiple clients for Security Incident Management and SIEM solutions (Trustwave, ArcSight, IBM QRadar, RSA-Envision and AlienVault). • Responsible for managing individual utilization, meeting customer expectations, and driving completion of items outlined in the statement/Scope of work (SOW) and associated project plans. • Design, Configure and Implement SIEM around Security Operations, used SIEM solutions in the customer*s daily operations and workflow. • Responsible for conducting Pre-Sales workshop for prospects/clients and remotely support the Sales Team for client presentations. • Conduct Demo/PoC at customer premises by setting up the product in lab/test environment and demonstrate the features of the solution. • Also responsible to create proposals for SIEM and respond to RFP’s for technical documentation and SLA’s. Information Security Risk Advisory services The assignments executed involved consulting for Information Security Risk Advisory services domains as below: • ISO 27001 Gap assessments and Technology Assessments and Implementation assistance. • IT Security Assessments / Technology Assessment / Risk Assessments / Risk treatment plan and configuration review. • Reviewing and Creating ISO Technical Policies as per ISO 27001:2013 standards. • Conducting IT Security Audits and SOC Audits.--
Lead Infrastructure Engineer –Security) 07/2009 - 08/2013
Mphasis, Mumbai, Maharashtra India
Industry: IT Service Provider
(Lead Infrastructure Engineer –Security) Mumbai, India.
ArcSight ESM Security Analyst • Configure rules within ArcSight ESM to correlate events from various devices. • Tune ArcSight performance and event data quality to maximize ArcSight system efficiency. • Create ArcSight use cases for Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active Lists. • Reviewing security logs, content building, analyzing security event data, creating filters, and event correlation and tuning ArcSight SIEM. • Check system health of ArcSight ESM, Logger, Check backups and log archival status. GNS Network Security and Application Services • Perform ticket queue monitoring, resolution and prioritization, maintain diagrams and documentation as appropriate and support firewall rule set reviews, auditing and maintenance activities. • Determine appropriate levels of security configuration, controls and monitoring for Cisco ASA 5505/5510 Series. • Assessment of Firewall rule-base & use appropriate and effective measures to respond to network security alerts. • Understand the latest threat techniques and support appropriate countermeasures, configurations and awareness. • Responsible for rotational on-call responsibility for all Security Infrastructure related components. • Resolve firewall / VPN issues and define solutions. • Resolve issues during the migrations. CNOC Support Services • Provide L2 support for Switching, Routing and Application related problems. • Identification, Diagnosis, configurations & troubleshooting of routers and layer 2/3 switches and routers for multiple sites including Cisco 2690, 3600 series switches. • Inter VLAN Management. EIGRP and OSPF routing protocol configuration and review. • Administration of WAN connectivity between different sites of the company, all connected using Cisco routers. • Identifying LAN & WAN faults and resolving the same. • Providing support for Authentication, Authorization and Accounting (AAA) changes, configuration.--
Analyst – IT 07/2005 - 06/2009
Bank of America, Mumbai, Maharashtra India
Industry: Banking, Finance & Insurance
(Analyst – IT) Mumbai, India.
Global DDI and NTP Security Services • Responsible for Registration and MAC requests for DNS, DHCP & domain registrations globally. • Handling of CNAME, PTR, 3DNS, Resource Record Domain Requests. • Troubleshooting of Severity incidents in the bankofamerica.com domain AMRS /EMEA Regions. • Other responsibilities include On-Call support and new hire Mentoring and preparing Weekly Reports. • Responsible for the Review / troubleshoot and restoral of the Incident Management queue in Maximo and SM9. Telecom Co-ordination Center • Assessed & monitored the telecom requests created for Enterprise Voice Network Services in various groups (Symposium, SCCS, NICE, Aspect, Toll Free Carrier, etc.) • Handling of expedite request for Outages & broadcasting it to respective groups/technicians. • Created & administered the IT Master Calendar requests (Incident requests). • Handled Termination Database project as secondary support which involves administration of telecom requests for terminated employees. Remote Nortel Support • Responsible for Resolving requests for CallPilot Voicemail MAC changes & other CallPilot issues/requests. • CallPilot Application Builder review & administration (MAC requests).--

Madurai Kamaraj University 08/2004 - 04/2011
Mumbai, Maharashtra, India
Degree: Bachelor's Degree
Major:Computer Applications
BCA (Bachelors in Computer Applications)

Information Security Manager Information Security