I am an open networker, technology enthusiast and evangelist. If you have not added me, I would love to listen from any one and everyone. Add me using my email id: email@example.com •Internal audits for ISO 27001 Compliance. •Conducting training and awareness programs within the organization. •Audit Group Policy for proper Access Controls. •Risk Assessment and Risk Treatment. •Creating a Access Control, organization wide. •Creating Information Security culture organization wide.•Implementing of standards (ISMS / ISO) & reviewing the adherence by recurring audit. •Suggesting Corrective actions for any non-conformity found to the CISO after each internal compliance audit. •Vulnerability Assessment through Different tools and scripts. •Exceptional oral, written communications and customer management skills. •Monitoring of day to day processes – Change control, Patch control, etc. Good in Team Handling and People Management Skills Sound understanding of Information Security technologies, framework & practices. Implementation of ISMS, Policies and Procedure development. Perimeter, Network & Systems Security Audits. Apply IT best practices to enable the business to achieve optimal value from implementation of IT services and IT-enabled business solutions. Ensure business and IT goals cascade down through the enterprise into clear roles, responsibilities and actions. Align the IT risk management processes with the enterprise business risk management framework. Define risk management strategies, and prioritize responses to identified risks to maintain risk levels within the appetite of the enterprise Consuting Knowledge for HIPAA,, FDCPA, EU DPA, Cyber Laws, HL7, Cloud Computing Implementation and Security Penetration testing for Applications, Database and Network. Cloud computing Security Research, Cloud Security Consulting. SOX GCC, SLM, CM, Incident and problem management, Change management. Specialties: .• Information Security Governance • ISO27001 (BS7799) Implementation / BS7799 (ISMS) Advisory Services • Information Technology Risk and Control Reviews / Information Systems Security Audits • Network and Appication Auditing • IT Security Policies & Procedures • Business Continuity Planning (BCP) / Disaster Recovery Planning (DRP) • Business Process Analysis, Reviews & BIA HIPAA Compliance, FDCPA, EU DPA, Cyber Laws, HL7, Cloud adoption strategy and Cloud Security Consulting SOX 404 GCC
Current and Prior Positions
Security & Privacy Manager
4/2016 - Present
Cloud Security Alliance
Founding member Hyderabad Chapter
10/2010 - Present
Major Responsibilities are to conduct meeting for Local Chapter, knowledge management, coordinating with CSA Global and CSA India to understand the major developments in the industry. People Management as well as doing R&D in the area of interest of the group.