SlideShare a Scribd company logo

Resume_IshitaKundu_CISA

Ishita Kundu
Ishita Kundu
1 of 5
Download to read offline
ISHITA KUNDU Current Address: Grand Midwest Hotel Apartment, Flat 502 Dubai Email: ishita.kundu87@gmail.com Ph.: +971 526750719 SUMMARY Audit & Compliance  Possessing 5+ years of experience in the fields of information security, risk & complianc e domain, business continuity management, ISMS, Strategy and information security audit  SSAE 16 / ISAE 3402 (earlier SAS70) reporting on controls at a service organization and its implementation  Implementation of ISO 27001:2013 for major clients in the fields of telecommunication, commercial and luxury goods, major airlines etc.  Vulnerability assessment for multiple clients in various domains of industry like resources, finance, health etc. Business Continuity Management  BCP Documentation across multiple projects of different account group  BCP simulation /Paper test Awareness / Training  Member of New Joiners faculty member and conducting session for all the joiner’s in Accenture across India starting from new joiners to senior management.  Conducting information security session on the basic do don’t of information security policy in the new joiner’s orientation
Educational Details Education - Masters of Computer Application (Silver Medallist) University - Amity University Year of Passing - 2011 Marks Obtained 86.3% Education – Bachelor of Computer Application College - BIT (Mesra) Year of Passing - 2008 Marks Obtained 91.2% Education Higher Secondary (Std. XII) Board West Bengal Council of Higher Secondary Education Marks Obtained 74.5% Education Secondary Education (Std. X) Board Indian Certificate of Secondary Education Marks Obtained 81.3% PROFESSIONAL CERTIFICATIONS & TRAININGS  ISO 22301:2013 – BCMS –Trained from ISC^2 - 2016  CISA (16128868) – Certified Information Security Auditor - 2015  ISO 27001: 2013 Lead Auditor - 2015  Certified Ethical Hacker CEHv8.0 - 2013  ITIL ® Foundation for IT Service Management - 2013  BSI – BS 25999 Business Continuity Management System (BCMS) Implementation - 2011  Currently preparing for CISSP PROFESSIONAL RECOGNITION Accenture Celebrates Excellence Awards  Awarded Accenture celebrates excellence award for innovative excellence in the team category in 2014  Awarded Accenture celebrates excellence award for productivity improvement in team category – FY 2012 Training & Awareness  Awarded certificate of recognition for delivering awareness session in Accenture Delivery Centre – 2012 on security ISO 27001  Awarded certificate of appreciation for ISO 27001 certification implementation in 2013
CORE SKILLS IT Audit  ISO 27001:2013 and ISO 22301:2013, SSAE-16 framework implementation, assurance & sustenance  IT Security, Physical Security & Process compliance – risk based audits  Coordinated the role of consultancy for different projects in self-assessment  Vulnerability assessments for the projects and assisted them for the closure of the gaps Risk Management  Core understanding of ISMS  Asset Management  Vulnerability Assessment  Risk Management Business Continuity Management  Providing SME support for BCP documentation to the management  Coordinating the BCP at an integrated facility level simulation exercises /test on paper Training  Inculcating information security & BCP awareness and training across the organisations to the employees Tools  SEC-Point – Vulnerability Assessment  Risk & Compliance Tool (EGRC)  Understanding of the SIEM Solution  Understanding on Mail Marshal / Web Marshal  Trust Wave DLP
PROFESSIONAL EXPERIENCE Employer: RAS INFOTECH (NOVEMBER 2015 - PRESENT) Information Security, Risk & Compliance  Working for the implementation of the ISO 27001:2013 for major clients  Performing internal Audits for major clients before the third party risk assessment  Information and Security Awareness programme for external clients  Performing Vulnerability and Penetration testing for major clients Employer: ACCENTURE (August 2011 - July 2015) Designation: Security Analyst Information Security, Risk & Compliance  Ensuring the ISO 27001 controls / clauses are correctly implemented and complied with by conducting a thorough internal audit every year prior to external Re-Certification and CAV audits  SAE16 (focusing specifically on Management of SLA, Change Request, Data & Security) clauses are correctly implemented and complied with by conducting a thorough internal audit every year prior to external Recertification  Assisting leads in information security policies, procedures review - update & approval at least annually  Performing asset valuation for all information, software and hardware assets  Conducting asset based risk assessments and risk treatment plans and implementation of ISMS across functions  Gathering information security controls and compliance requirements for client projects and ensuring compliances in terms of ISO27001, Facilities, Computing Infrastructure, Network Infrastructure, Information Security, IPR, Confidentiality, Data protection, Termination etc.  Conducting internal audits before client visit for specific standards like PCI/DSS, HIPPA etc.
 Conducting Contract Compliance internal assessments on delivery projects to:  Measure current project compliance to contractual requirements as per Contract Compliance tracker  Determine whether controls over contract compliance provide with reasonable as surance to the management  Provide input to the effectiveness of the Project Contract Compliance management  Conducting self-assessments for all the projects annually to ensure better internal control  Conducting Project Security Vulnerability Assessments for multiple projects annually to ensure compliance PERSONAL DETAILS Passport Number: G9148270 Nationality: Indian Date of Birth: 07/02/1987 Marital Status: Married Contact Details: +971 526750719 DECLARATION I hereby declare that the information given by me is genuine to the best of my knowledge

Recommended

Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Resume-Ishita_Kundu_2015
Resume-Ishita_Kundu_2015Resume-Ishita_Kundu_2015
Resume-Ishita_Kundu_2015Ishita Kundu
 
Gabriel Ong Resume 22112016
Gabriel Ong Resume 22112016Gabriel Ong Resume 22112016
Gabriel Ong Resume 22112016Gabriel Ong
 
Dai Nagi-Resume
Dai Nagi-ResumeDai Nagi-Resume
Dai Nagi-ResumeDai Nagi
 
Venkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S
 
The infrastructure and the security essentials of information technology in a...
The infrastructure and the security essentials of information technology in a...The infrastructure and the security essentials of information technology in a...
The infrastructure and the security essentials of information technology in a...adeel hamid
 
Feedback access control 1
Feedback access control 1Feedback access control 1
Feedback access control 1Lynden Jones
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 

Recommended

Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Resume-Ishita_Kundu_2015
Resume-Ishita_Kundu_2015Resume-Ishita_Kundu_2015
Resume-Ishita_Kundu_2015Ishita Kundu
 
Gabriel Ong Resume 22112016
Gabriel Ong Resume 22112016Gabriel Ong Resume 22112016
Gabriel Ong Resume 22112016Gabriel Ong
 
Dai Nagi-Resume
Dai Nagi-ResumeDai Nagi-Resume
Dai Nagi-ResumeDai Nagi
 
Venkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S
 
The infrastructure and the security essentials of information technology in a...
The infrastructure and the security essentials of information technology in a...The infrastructure and the security essentials of information technology in a...
The infrastructure and the security essentials of information technology in a...adeel hamid
 
Feedback access control 1
Feedback access control 1Feedback access control 1
Feedback access control 1Lynden Jones
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
Cadre network and security assessments
Cadre network and security assessmentsCadre network and security assessments
Cadre network and security assessmentsScott Mcilwaine
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
Jaylon Resume IT Security
Jaylon Resume IT SecurityJaylon Resume IT Security
Jaylon Resume IT SecurityJaylon Koller
 
ITSecuritySpecialistCV_DuncanMacgregor
ITSecuritySpecialistCV_DuncanMacgregorITSecuritySpecialistCV_DuncanMacgregor
ITSecuritySpecialistCV_DuncanMacgregorDuncan Macgregor
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 
Securadyne_Consulting_Services
Securadyne_Consulting_ServicesSecuradyne_Consulting_Services
Securadyne_Consulting_ServicesJAMES E. McDONALD, PSNA
 
CGEIT Course Content InfosecTrain
CGEIT Course Content InfosecTrainCGEIT Course Content InfosecTrain
CGEIT Course Content InfosecTrainShivamSharma909
 
Consulting_Audit_Security
Consulting_Audit_SecurityConsulting_Audit_Security
Consulting_Audit_SecurityBenjamin Essombe, MBA
 
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Mohamed Aman Elhelw
 
Comptia a+ overview
Comptia a+ overviewComptia a+ overview
Comptia a+ overviewSherief Elmetwali
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 
Resume
ResumeResume
ResumeNikita Watson
 
Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021Stratos Lazaridis
 
Ajish_Resume_Updated
Ajish_Resume_UpdatedAjish_Resume_Updated
Ajish_Resume_UpdatedAjish KP
 
Ultimo safety management brochure
Ultimo safety management brochureUltimo safety management brochure
Ultimo safety management brochureThomas Reames
 
ISO CERTIFICATIONS
ISO CERTIFICATIONSISO CERTIFICATIONS
ISO CERTIFICATIONSBeingcert_Certifications
 
Why should I do SOC2?
Why should I do SOC2?Why should I do SOC2?
Why should I do SOC2?VISTA InfoSec
 
Akil_Malcolm_resume
Akil_Malcolm_resumeAkil_Malcolm_resume
Akil_Malcolm_resumeAkil Malcolm
 
SOC 2 | SOC 2 Compliance
SOC 2 | SOC 2 ComplianceSOC 2 | SOC 2 Compliance
SOC 2 | SOC 2 Compliancehimalya sharma
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 

More Related Content

What's hot

Cadre network and security assessments
Cadre network and security assessmentsCadre network and security assessments
Cadre network and security assessmentsScott Mcilwaine
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureUppala Anand
 
Jaylon Resume IT Security
Jaylon Resume IT SecurityJaylon Resume IT Security
Jaylon Resume IT SecurityJaylon Koller
 
ITSecuritySpecialistCV_DuncanMacgregor
ITSecuritySpecialistCV_DuncanMacgregorITSecuritySpecialistCV_DuncanMacgregor
ITSecuritySpecialistCV_DuncanMacgregorDuncan Macgregor
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMShantanu Rai
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainInfosecTrain
 
CGEIT Course Content InfosecTrain
CGEIT Course Content InfosecTrainCGEIT Course Content InfosecTrain
CGEIT Course Content InfosecTrainShivamSharma909
 
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Mohamed Aman Elhelw
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 
Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021Stratos Lazaridis
 
Ajish_Resume_Updated
Ajish_Resume_UpdatedAjish_Resume_Updated
Ajish_Resume_UpdatedAjish KP
 
Ultimo safety management brochure
Ultimo safety management brochureUltimo safety management brochure
Ultimo safety management brochureThomas Reames
 
Why should I do SOC2?
Why should I do SOC2?Why should I do SOC2?
Why should I do SOC2?VISTA InfoSec
 
Akil_Malcolm_resume
Akil_Malcolm_resumeAkil_Malcolm_resume
Akil_Malcolm_resumeAkil Malcolm
 
SOC 2 | SOC 2 Compliance
SOC 2 | SOC 2 ComplianceSOC 2 | SOC 2 Compliance
SOC 2 | SOC 2 Compliancehimalya sharma
 

What's hot (20)

Cadre network and security assessments
Cadre network and security assessmentsCadre network and security assessments
Cadre network and security assessments
 
ISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedureISO 27001:2013 Implementation procedure
ISO 27001:2013 Implementation procedure
 
Jaylon Resume IT Security
Jaylon Resume IT SecurityJaylon Resume IT Security
Jaylon Resume IT Security
 
ITSecuritySpecialistCV_DuncanMacgregor
ITSecuritySpecialistCV_DuncanMacgregorITSecuritySpecialistCV_DuncanMacgregor
ITSecuritySpecialistCV_DuncanMacgregor
 
Presentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCMPresentation on iso 27001-2013, Internal Auditing and BCM
Presentation on iso 27001-2013, Internal Auditing and BCM
 
CISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | InfosectrainCISA Domain 4 Information Systems Operation | Infosectrain
CISA Domain 4 Information Systems Operation | Infosectrain
 
Securadyne_Consulting_Services
Securadyne_Consulting_ServicesSecuradyne_Consulting_Services
Securadyne_Consulting_Services
 
CGEIT Course Content InfosecTrain
CGEIT Course Content InfosecTrainCGEIT Course Content InfosecTrain
CGEIT Course Content InfosecTrain
 
Consulting_Audit_Security
Consulting_Audit_SecurityConsulting_Audit_Security
Consulting_Audit_Security
 
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
 
Comptia a+ overview
Comptia a+ overviewComptia a+ overview
Comptia a+ overview
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity Audit
 
Resume
ResumeResume
Resume
 
Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021Certified iso 27001 Lead Auditor - 5 days 14072021
Certified iso 27001 Lead Auditor - 5 days 14072021
 
Ajish_Resume_Updated
Ajish_Resume_UpdatedAjish_Resume_Updated
Ajish_Resume_Updated
 
Ultimo safety management brochure
Ultimo safety management brochureUltimo safety management brochure
Ultimo safety management brochure
 
ISO CERTIFICATIONS
ISO CERTIFICATIONSISO CERTIFICATIONS
ISO CERTIFICATIONS
 
Why should I do SOC2?
Why should I do SOC2?Why should I do SOC2?
Why should I do SOC2?
 
Akil_Malcolm_resume
Akil_Malcolm_resumeAkil_Malcolm_resume
Akil_Malcolm_resume
 
SOC 2 | SOC 2 Compliance
SOC 2 | SOC 2 ComplianceSOC 2 | SOC 2 Compliance
SOC 2 | SOC 2 Compliance
 

Similar to Resume_IshitaKundu_CISA

Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
AMIT_YADAV_-CV-IT
AMIT_YADAV_-CV-ITAMIT_YADAV_-CV-IT
AMIT_YADAV_-CV-ITAmit Yadav
 
Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRAApoorva Kabra
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyControlCase
 
Resume-Amit 1.0
Resume-Amit 1.0Resume-Amit 1.0
Resume-Amit 1.0Amit Verma
 
Quality and Information Security Assurance
Quality and Information Security AssuranceQuality and Information Security Assurance
Quality and Information Security AssuranceKumud Mishra
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...PECB
 
CQI-IRCA 27001:2013 Lead Auditor Course
CQI-IRCA 27001:2013 Lead Auditor Course CQI-IRCA 27001:2013 Lead Auditor Course
CQI-IRCA 27001:2013 Lead Auditor Course Desmond Muchetu
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Servicesmcloete
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaFahmi Albaheth
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Tammy Clark
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingOperational Excellence Consulting
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 

Similar to Resume_IshitaKundu_CISA (20)

Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Balaji Jagan -Resume
Balaji Jagan -ResumeBalaji Jagan -Resume
Balaji Jagan -Resume
 
G-CISO
G-CISOG-CISO
G-CISO
 
Mahalakshmi_Profile
Mahalakshmi_ProfileMahalakshmi_Profile
Mahalakshmi_Profile
 
CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1
 
AMIT_YADAV_-CV-IT
AMIT_YADAV_-CV-ITAMIT_YADAV_-CV-IT
AMIT_YADAV_-CV-IT
 
Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRA
 
ISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of PrivacyISO 27001 In The Age Of Privacy
ISO 27001 In The Age Of Privacy
 
Resume-Amit 1.0
Resume-Amit 1.0Resume-Amit 1.0
Resume-Amit 1.0
 
Cyber Security Management
Cyber Security ManagementCyber Security Management
Cyber Security Management
 
Quality and Information Security Assurance
Quality and Information Security AssuranceQuality and Information Security Assurance
Quality and Information Security Assurance
 
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...
 
CQI-IRCA 27001:2013 Lead Auditor Course
CQI-IRCA 27001:2013 Lead Auditor Course CQI-IRCA 27001:2013 Lead Auditor Course
CQI-IRCA 27001:2013 Lead Auditor Course
 
Iso27001 Audit Services
Iso27001 Audit ServicesIso27001 Audit Services
Iso27001 Audit Services
 
Qsys Profile
Qsys ProfileQsys Profile
Qsys Profile
 
Iso27001- Nashwan Mustafa
Iso27001- Nashwan MustafaIso27001- Nashwan Mustafa
Iso27001- Nashwan Mustafa
 
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...Gs Us Roadmap For A World Class Information Security Management System– Isoie...
Gs Us Roadmap For A World Class Information Security Management System– Isoie...
 
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness TrainingISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
ISO/IEC 27001:2022 (Information Security Management Systems) Awareness Training
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 

Resume_IshitaKundu_CISA

  • 1. ISHITA KUNDU Current Address: Grand Midwest Hotel Apartment, Flat 502 Dubai Email: ishita.kundu87@gmail.com Ph.: +971 526750719 SUMMARY Audit & Compliance  Possessing 5+ years of experience in the fields of information security, risk & complianc e domain, business continuity management, ISMS, Strategy and information security audit  SSAE 16 / ISAE 3402 (earlier SAS70) reporting on controls at a service organization and its implementation  Implementation of ISO 27001:2013 for major clients in the fields of telecommunication, commercial and luxury goods, major airlines etc.  Vulnerability assessment for multiple clients in various domains of industry like resources, finance, health etc. Business Continuity Management  BCP Documentation across multiple projects of different account group  BCP simulation /Paper test Awareness / Training  Member of New Joiners faculty member and conducting session for all the joiner’s in Accenture across India starting from new joiners to senior management.  Conducting information security session on the basic do don’t of information security policy in the new joiner’s orientation
  • 2. Educational Details Education - Masters of Computer Application (Silver Medallist) University - Amity University Year of Passing - 2011 Marks Obtained 86.3% Education – Bachelor of Computer Application College - BIT (Mesra) Year of Passing - 2008 Marks Obtained 91.2% Education Higher Secondary (Std. XII) Board West Bengal Council of Higher Secondary Education Marks Obtained 74.5% Education Secondary Education (Std. X) Board Indian Certificate of Secondary Education Marks Obtained 81.3% PROFESSIONAL CERTIFICATIONS & TRAININGS  ISO 22301:2013 – BCMS –Trained from ISC^2 - 2016  CISA (16128868) – Certified Information Security Auditor - 2015  ISO 27001: 2013 Lead Auditor - 2015  Certified Ethical Hacker CEHv8.0 - 2013  ITIL ® Foundation for IT Service Management - 2013  BSI – BS 25999 Business Continuity Management System (BCMS) Implementation - 2011  Currently preparing for CISSP PROFESSIONAL RECOGNITION Accenture Celebrates Excellence Awards  Awarded Accenture celebrates excellence award for innovative excellence in the team category in 2014  Awarded Accenture celebrates excellence award for productivity improvement in team category – FY 2012 Training & Awareness  Awarded certificate of recognition for delivering awareness session in Accenture Delivery Centre – 2012 on security ISO 27001  Awarded certificate of appreciation for ISO 27001 certification implementation in 2013
  • 3. CORE SKILLS IT Audit  ISO 27001:2013 and ISO 22301:2013, SSAE-16 framework implementation, assurance & sustenance  IT Security, Physical Security & Process compliance – risk based audits  Coordinated the role of consultancy for different projects in self-assessment  Vulnerability assessments for the projects and assisted them for the closure of the gaps Risk Management  Core understanding of ISMS  Asset Management  Vulnerability Assessment  Risk Management Business Continuity Management  Providing SME support for BCP documentation to the management  Coordinating the BCP at an integrated facility level simulation exercises /test on paper Training  Inculcating information security & BCP awareness and training across the organisations to the employees Tools  SEC-Point – Vulnerability Assessment  Risk & Compliance Tool (EGRC)  Understanding of the SIEM Solution  Understanding on Mail Marshal / Web Marshal  Trust Wave DLP
  • 4. PROFESSIONAL EXPERIENCE Employer: RAS INFOTECH (NOVEMBER 2015 - PRESENT) Information Security, Risk & Compliance  Working for the implementation of the ISO 27001:2013 for major clients  Performing internal Audits for major clients before the third party risk assessment  Information and Security Awareness programme for external clients  Performing Vulnerability and Penetration testing for major clients Employer: ACCENTURE (August 2011 - July 2015) Designation: Security Analyst Information Security, Risk & Compliance  Ensuring the ISO 27001 controls / clauses are correctly implemented and complied with by conducting a thorough internal audit every year prior to external Re-Certification and CAV audits  SAE16 (focusing specifically on Management of SLA, Change Request, Data & Security) clauses are correctly implemented and complied with by conducting a thorough internal audit every year prior to external Recertification  Assisting leads in information security policies, procedures review - update & approval at least annually  Performing asset valuation for all information, software and hardware assets  Conducting asset based risk assessments and risk treatment plans and implementation of ISMS across functions  Gathering information security controls and compliance requirements for client projects and ensuring compliances in terms of ISO27001, Facilities, Computing Infrastructure, Network Infrastructure, Information Security, IPR, Confidentiality, Data protection, Termination etc.  Conducting internal audits before client visit for specific standards like PCI/DSS, HIPPA etc.
  • 5.  Conducting Contract Compliance internal assessments on delivery projects to:  Measure current project compliance to contractual requirements as per Contract Compliance tracker  Determine whether controls over contract compliance provide with reasonable as surance to the management  Provide input to the effectiveness of the Project Contract Compliance management  Conducting self-assessments for all the projects annually to ensure better internal control  Conducting Project Security Vulnerability Assessments for multiple projects annually to ensure compliance PERSONAL DETAILS Passport Number: G9148270 Nationality: Indian Date of Birth: 07/02/1987 Marital Status: Married Contact Details: +971 526750719 DECLARATION I hereby declare that the information given by me is genuine to the best of my knowledge