Assistant Manager

• Apr 2023 - Present

Senior Associate

• Feb 2022 - Mar 2023

Conducted IT General Controls (ITGC) audits for various company clients. Conducted Information Security Management Systems Audits for various organisations. Assisted ICFR auditing teams and fraud detection teams in detection and corelation of fradulent activities. Advised various clients on their Business Continuity Planning & Disaster Recovery management mechanisms. Drafted various security and operational policies pertaining to IT operations, ISMS, Compliance, Environment etc for… Show more Conducted IT General Controls (ITGC) audits for various company clients. Conducted Information Security Management Systems Audits for various organisations. Assisted ICFR auditing teams and fraud detection teams in detection and corelation of fradulent activities. Advised various clients on their Business Continuity Planning & Disaster Recovery management mechanisms. Drafted various security and operational policies pertaining to IT operations, ISMS, Compliance, Environment etc for various clients. Assisted teams in GDPR and PCI-DSS audits. Accountable and Responsible for managing the delivery of commitments, overseeing the fulfillment of such deliveries to clients.

Confidential

• Feb 2020 - May 2022

Prepared documents and framework for the calibration of Cyber Forensics Laboratory under ISO 17025:2005. Drafted the Standard Operating Procedure and Investigation manual for the investigation of Cybercrime as per the dynamics of the State with norms provided by the Ministry of Home Affairs and Reserve Bank of India guidelines. Conducted various internal cyber security preparedness activities and documented the blueprint for the foundation of internal cyber security policy to… Show more Prepared documents and framework for the calibration of Cyber Forensics Laboratory under ISO 17025:2005. Drafted the Standard Operating Procedure and Investigation manual for the investigation of Cybercrime as per the dynamics of the State with norms provided by the Ministry of Home Affairs and Reserve Bank of India guidelines. Conducted various internal cyber security preparedness activities and documented the blueprint for the foundation of internal cyber security policy to be implemented in the future. Conducted Organizational Risk Assessment and Gap Identification keeping ISO 27001:2013 as a benchmark framework on behalf of Senior Police Officials. Lead capacity building, recruitment, and training operations through the State Nodal Office of Cybercrime under State Crime Branch. Assisted specialized field & intelligence units in the investigation of complex technology-driven cybercrime cases. Show less Prepared documents and framework for the calibration of Cyber Forensics Laboratory under ISO 17025:2005. Drafted the Standard Operating Procedure and Investigation manual for the investigation of Cybercrime as per the dynamics of the State with norms provided by the Ministry of Home Affairs and Reserve Bank of India guidelines. Conducted various internal cyber security preparedness activities and documented the blueprint for the foundation of internal cyber security policy to… Show more Prepared documents and framework for the calibration of Cyber Forensics Laboratory under ISO 17025:2005. Drafted the Standard Operating Procedure and Investigation manual for the investigation of Cybercrime as per the dynamics of the State with norms provided by the Ministry of Home Affairs and Reserve Bank of India guidelines. Conducted various internal cyber security preparedness activities and documented the blueprint for the foundation of internal cyber security policy to be implemented in the future. Conducted Organizational Risk Assessment and Gap Identification keeping ISO 27001:2013 as a benchmark framework on behalf of Senior Police Officials. Lead capacity building, recruitment, and training operations through the State Nodal Office of Cybercrime under State Crime Branch. Assisted specialized field & intelligence units in the investigation of complex technology-driven cybercrime cases. Show less

Network and Threat Support Specialist

• Feb 2019 - Feb 2020

Evaluated design and operating effectiveness of controls relating to program changes, Physical & Logical Security, and Program operations. Assisted in the development of remediation plan and provided recommendations to plug the gaps identified during the assessments. Led Vendor Risk Management and Third-Party Vendor assessment based on ISO 27001 and Customer Information Security Guidelines for various Service organizations. Assisted top management in binding security framework… Show more Evaluated design and operating effectiveness of controls relating to program changes, Physical & Logical Security, and Program operations. Assisted in the development of remediation plan and provided recommendations to plug the gaps identified during the assessments. Led Vendor Risk Management and Third-Party Vendor assessment based on ISO 27001 and Customer Information Security Guidelines for various Service organizations. Assisted top management in binding security framework projects like PCI-DSS, SOX along with ISO 27001 clauses to create a cohesive Information Security Management System auditing environment. Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, which include obtaining access to systems, digital artifact collection, containment, and remediation actions. Show less Evaluated design and operating effectiveness of controls relating to program changes, Physical & Logical Security, and Program operations. Assisted in the development of remediation plan and provided recommendations to plug the gaps identified during the assessments. Led Vendor Risk Management and Third-Party Vendor assessment based on ISO 27001 and Customer Information Security Guidelines for various Service organizations. Assisted top management in binding security framework… Show more Evaluated design and operating effectiveness of controls relating to program changes, Physical & Logical Security, and Program operations. Assisted in the development of remediation plan and provided recommendations to plug the gaps identified during the assessments. Led Vendor Risk Management and Third-Party Vendor assessment based on ISO 27001 and Customer Information Security Guidelines for various Service organizations. Assisted top management in binding security framework projects like PCI-DSS, SOX along with ISO 27001 clauses to create a cohesive Information Security Management System auditing environment. Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, which include obtaining access to systems, digital artifact collection, containment, and remediation actions. Show less

Security Engineer

• May 2018 - Jul 2018

Worked at the fabrication of a Cyber Security based internship project. The project aimed at solving the common problems of Industry standard 4.0 with the culmination of Artificial Intelligence methodology. Worked at the fabrication of a Cyber Security based internship project. The project aimed at solving the common problems of Industry standard 4.0 with the culmination of Artificial Intelligence methodology.

Intern

• Apr 2017 - May 2017

Training was given in the cyber crime cell on various domains such as social media crime and investigation, email crime and investigation, mobile crimes and investigation, e-commerce frauds and investigation, website hacking and investigation. Also, sessions were taken up by eminent people on cyber law, cyber forensics, IOT, bots, metasploit, etc. Legal and Forensics content was the area of focus. We did a team project work on Mobile Crime And Investigation. Training was given in the cyber crime cell on various domains such as social media crime and investigation, email crime and investigation, mobile crimes and investigation, e-commerce frauds and investigation, website hacking and investigation. Also, sessions were taken up by eminent people on cyber law, cyber forensics, IOT, bots, metasploit, etc. Legal and Forensics content was the area of focus. We did a team project work on Mobile Crime And Investigation.

Internship Trainee

• Dec 2016 - Jan 2017

This training cum internship sharpened our advanced level skills on Application and System Security. Completed 14 days Project based winter training program on "Ethical Hacking & Cyber Security" This training cum internship sharpened our advanced level skills on Application and System Security. Completed 14 days Project based winter training program on "Ethical Hacking & Cyber Security"