Director CyberXchange

• Nov 2021 - Present

Director

• Nov 2021 - Present

A passionate Cyber security & Data Protection professional. After having worked for almost 17 years in this Industry am dedicating my expertise in development of Cyber security and Data Protection skills amongst Young professionals through the CyberXchange initiative. CyberXchange develops Cyber security and Data protection skills, provides cheapest and best quality Data protection and Cybersecurity services. Some of my marquee projects include: 1. Assisted the Aadhaar program (Biometric… Show more A passionate Cyber security & Data Protection professional. After having worked for almost 17 years in this Industry am dedicating my expertise in development of Cyber security and Data Protection skills amongst Young professionals through the CyberXchange initiative. CyberXchange develops Cyber security and Data protection skills, provides cheapest and best quality Data protection and Cybersecurity services. Some of my marquee projects include: 1. Assisted the Aadhaar program (Biometric ID, UIDAI) with Privacy & Security program (GRCP) for 4 years 2. Assisted in designing the Security and Privacy architecture of Morocco's Biometric based ID program 3. Assisted in designing the Security & privacy of Malaysia's Mobile ID program 4. Assisted in developing & designing the strategy of Srilanka National ID program 5. Worked for many years with Data Security Council of India (DSCI) project for Security & privacy awards 6. Managed the security testing project for GSTN 7. Helped multinationals comply to Privacy / Data protection laws in many countries in Europe, US, Canada etc.

Director Cyber Security (CISSP, CEH, CISRA, CIPP foundatation, CCNA, ISO27001 LA trained)

• May 2014 - Present

1. One of the few experts across the world in security of Biometric based National ID programs. Involved in designing the security of Biometric based National ID programs 2. Providing Managed security services to large and complex clients. Currently providing Managed security services to the National ID program of India. 3. Data protection compliance to EU Directive 95/46/EC, UK Data Protection Act 1998, Romania law 677/2001, Poland Act of August 29, 1997 on Protection of Personal Data… Show more 1. One of the few experts across the world in security of Biometric based National ID programs. Involved in designing the security of Biometric based National ID programs 2. Providing Managed security services to large and complex clients. Currently providing Managed security services to the National ID program of India. 3. Data protection compliance to EU Directive 95/46/EC, UK Data Protection Act 1998, Romania law 677/2001, Poland Act of August 29, 1997 on Protection of Personal Data, Data Protection (Amendment) Act 2003, US Privacy laws (HIPAA, GLBA, FCRA, COPPA etc.), Law of Ukraine on Protection of Personal data 2011, Kazakhstan law no. 94-V 4. Developing Information security program, Policies, procedures, standards, guidelines 5. Developing Cyber security program and policies 6. Setting up ISMS and certifying on ISO27001:2005 and ISO27001:2013 standards 7. Business Continuity planning/ DR planning for National level project 8. Business Continuity planning/DR planning for locations and for clients in various domains 9. Facilitating external certifications/audits such as ISO27001 for Information security and SSAE16/ISAE3402 for SOX compliance 10. Internal audits and Risk assessments in line with ISO27001/ISO31000/OCTAVE for various clients in IT/ITES, Manufacturing, Finance & Accounting, Technical helpdesk, Order management, Customer service, HR payroll, Airline domains 11. Vendor compliance management 12. Contract reviews for Information security compliance 13. Setting up Training & Awareness programs on Information security 14. PCI DSS solutions (2011 till 2014) 15. Experience of working with multiple countries in handling Risk management & Information security activities

Manager

• 2014 - 2015

Manager

• 2014 - 2015

Manager

• 2014 - 2015

Deputy Manager - Risk Management & Compliance

• Feb 2013 - May 2014

Managed Europe and Americas region for Risk Management & Compliance function Internal Audits/ Managing Internal Audits Risk Assessments Develop Business Continuity Solutions for the client BCP testing Data Protection Law Security Incident Investigations Respond to RFPs Implementation and monitoring of Client Security requirements Data Privacy solution to the clients Review of Standard Model contracts for Data Transfer outside EEA Managed Europe and Americas region for Risk Management & Compliance function Internal Audits/ Managing Internal Audits Risk Assessments Develop Business Continuity Solutions for the client BCP testing Data Protection Law Security Incident Investigations Respond to RFPs Implementation and monitoring of Client Security requirements Data Privacy solution to the clients Review of Standard Model contracts for Data Transfer outside EEA

NA

• 2005 - 2014

Deputy Manager( Risk Management and Compliance)

• Oct 2010 - Feb 2013

SIte Risk Leader for Europe - conduct ISMS Audits, Risk Assessments, Training and Awareness , Security Incident Investigations , Monitor and improve implementation of ISMS, Create and maintain Business Continuity Plans Business Continuity Certified Specialist ISO 27001 Lead Auditor training certified Associate of ISC2 towards CISSP SIte Risk Leader for Europe - conduct ISMS Audits, Risk Assessments, Training and Awareness , Security Incident Investigations , Monitor and improve implementation of ISMS, Create and maintain Business Continuity Plans Business Continuity Certified Specialist ISO 27001 Lead Auditor training certified Associate of ISC2 towards CISSP

Team Leader

• Aug 2006 - Nov 2008

I have an experience of more than 2.5 years in handling team. I have handled AT&T( ISP) and Windstream(ISP) processes as a Team Leader. I have an experience of more than 2.5 years in handling team. I have handled AT&T( ISP) and Windstream(ISP) processes as a Team Leader.