Experience

IIROC (Investment Industry Regulatory Organization of Canada)

• Canada
• Financial Services
• 100 - 200 Employee

• Information Security Analyst

  • Jan 2019 - Present



IBM

• United States
• IT Services and IT Consulting
• 700 & Above Employee

• IT Security Delivery Specialist

  • May 2012 - Jul 2018

  Vulnerability Management: • Handled multiple transitions to plan, develop and deploy client requirements to process objective. • Achieved reduction in vulnerability count by 70% through efficient triaging strategies. • Strong capability in deploying and operating vulnerability scanning tools such as Rapid7 Nexpose and Qualys Guard to perform security assessments. • Working knowledge of PCI DSS and ISO 27001 compliance requirements for vulnerability management. • Proactively conducted regular/adhoc scanning as well as triage critical rated vulnerabilities to immediate remediation. • Conducted governance activities and collaborated with Information Security, Platform and Account Management teams to conduct remediation and fix issues effectively. • Collaborated with senior management to make recommendations to enhance the security posture and review risk documents to make logical/practical decisions. • Evaluated reports from Nexpose, Qualys Guard and Nessus with existing Risk documents and Business Exceptions. • Keep current with vulnerabilities, attacks and countermeasures through constant research and development. Anti-Virus Management: • Perform regular security health checks on SEPM (Symantec) console and server and workstations. • Monitor and ensure antivirus definition updates on SEPM (Symantec) and clients are at latest values. • Monitor and create incident records for potential threats, viruses and clients without latest definitions. • Generate regular Risk, Compliance and Security Health reports and distribute to necessary parties. • Involved in major upgrade of SEPM from v12 to v14, and also planned, deployed and ensured the periodic upgradation of SEP Clients on over 2500 workstations. • Develop, review and implement Anti-virus rules and policies for various groups of servers and workstations. • Develop or modify Security Policy documents to keep them updated with current data and procedures.



Altisource

• Luxembourg
• Real Estate
• 700 & Above Employee

• Associate

  • Jun 2011 - Dec 2011