SlideShare a Scribd company logo

Pankaj's Resume Information Security Professional

Download as DOCX, PDF
Pankaj Kumar
Pankaj Kumar

Thanks for checking out my resume. Feel free to contact me on pankaj.soni2@live.in | +919958684517.

Recruiting & HR
1 of 2
Pankaj Kumar pankaj.soni2@live.in | +91 9958684517 | Greater Noida, UP, INDIA | linkedin.com/in/pankajsoni02 INFORMATION SECURITY MANAGER| INFORMATION SECURITY OFFICER| INFORMATION SECURITY CONSULTANT |IT SECURITY & GRC CONSULTANT PROFESSIONAL SUMMARY A 10-year experienced Information Security Professional blended with strong IT background. 3+ years of experience in leading project delivery and team management. Helped many clients across industries and time zones to achieve their Information Security goals by performing Third-Party Risk Management, Compliance Assessment, ISO 27001 implementation/ Mock audits, Technical Risk Assessment, Application Gap Assessment, etc. CORE COMPETENCIES  InformationSecurity Management  ISMSDocumentManagement  Third Party/Vendor Risk Management  Compliance Assessment  Technical Risk Management  ISMSAudit(ISO 27001)  InformationSecurity Governance  GDPR, HIPPA, PCI, ITGC, FedRAMP etc.  Threat & Vulnerability Management  BusinessContinuity Planning(BCP)& Disaster Recovery (DR)  Security Architecture  Application, Network, Cloud& EndpointSecurity  GRC tools e.g. RSA Archer, ProcessUnity, Atlas SecurityScorecard, TaniumComply, Nessusetc.  MicrosoftOffice (i.e., Word, Excel and PowerPoint)  CustomerHandling  Team Leadership  Internal/ External StakeholderManagement  Self-motivatedperson  Experience in liaising with global clients/ teams  Initiativeand Decision-makingNature PROFESSIONAL EXPERIENCE Senior Specialist (GRC) HCL Technologies Ltd., Noida, India August2019 - present Responsibilities/ Accomplishments  Lead two GRC projects delivery simultaneously (i.e., Third-Party Risk Management and Compliance Assessment) with a team size of 9 Analysts/ Specialists  Managed 4 direct reportees  Drove Issue Management process for the identified findings  Helped clients to achieve ISO 27001:2013 certification by guiding them in ISO 27001:2013 implementation and performing mock audits  Ensured client delivery as per agreed contract deliverables and T&C which resulted to project renewal with increased scope of work  Ensured respective KPI/PI score in green more than 90% times  Ensuredhigherclient satisfactionby conductinggovernancemeetingswithclientsto shareproject status/address their queries/ requirements etc.  Ensured timely & accurate invoice generation to client by submitting billing data on time and resolving billing dispute if occur any Senior Consultant (Cyber Security) Genpact Enterprise Risk Consulting, Gurugram, India January 2018 –July 2019 Responsibilities/ Accomplishments  Led Configuration Compliance project with a team size of 4 Analysts  Increased compliance efficiency by 50% acrossITassetsby developingconfigurationbaselinesand performingthe compliance assessments  Provided Information & Cyber security consultation to many enterprise clients to achieve their Information Security objectives  Helped one of the fortune 100 enterprise client to institutionalize the RSA Archer Issue management platform across the organization
Pankaj Kumar Page 2 of 2  Performed routine Vendor Risk Assessments for more than 30 vendors per year  Performed ITGC audits  Performed asmany as 20 CyberSecurity Gap Assessmentof Application, Network, Cloudetc. andhelped client to remediate the identified gaps Senior Network Security Administrator (Information Security) PeopleStrong HR Services Pvt. Ltd., Gurugram, India October2013 - December2017 Responsibilities/ Accomplishments  Accomplished zero Non-Compliant(NC)in3 consecutiveSSAE18 assessments(yearly)  Helped organizationto secure as many as 30+ new projects andkeep existing projects compliantby supporting Vendor Due Diligence processese.g., Third-Party security assessment, Externalaudits & KPI/PI reporting  Led Security OperationsCenter (SOC) with a team size of 3 Analysts  ManagedInformationSecurity Governance programacrossorganizationconsideringISO 27001:2013 guideline  Established, implemented, andmaintainedIT BCP andachieved 95% - 99% uptimeacrossrespective service tiers  Publishedrespective reportsto the managementas per InformationSecurity Governance metrics  ManagedISMSdocumentationasanauthor, reviewer, andcustodianof the ISMSdocuments  RunSecurity awareness programand InformationSecurity Incidentmanagementprogramacrossthe organization which led to reduction in InformationSecurity Incidentsby 70%  Reduced Risksby 70% by running an effective Risk Managementprocessbased on ISO27001:2013 requirements  Performed CyberSecurity Maturity Gap AnalysisconsideringNISTCyber Security Framework (CSF) and Prepared a 5-Year implementationplanbased onidentified gapsand target maturity level  Reduced application vulnerabilities by 70% by driving Secure SDLC implementationas per OWASP guideline  Reduced Threatsby 90% by performing Vulnerability Assessmentof critical IT resources anddriving remediation  Generated secure productivity capabilitiesacross 1k endpointsby managing Anti-Malware software, DLP solution, Endpointencryptionsolution, etc.  Implemented& Maintainedsecurity controlsonpublic & privatedatacenter consideringCSA guidelines  Achieved 99.80% network uptimeby managingNetwork Security and Network Data e.g., Firewall, IDS/IPS, WAF, Router, Switches, LLB and WAP  Contributed to IT Security Budgeting, IT Security hardware/ software Procurement, and Vendor Management Senior Client Support Engineer (Information Technology (IT)) Smart Integrated Systems, New Delhi, India February 2012 - September2013 Responsibilities/ Accomplishments  Led IT Helpdesk team of 5 IT engineers to manage three regional offices with around 250 endpoint users  Improved Network security by managing Firewalls i.e., Fortinet 110c, 60c, 50b, FortiAnalyzer and WatchGuard  Achieved Network uptime of 98% by managing the network devices e.g., Cisco routers, Cisco switches and WAP  Improved end user productivity by managing Windows servers e.g., AD, DNS, DHCP, File Server and Exchange  Reduced Threats by managing Anti-Virus solution i.e., Symantec Endpoint Protection  Managed Storage & Backup i.e. IBM tape library, Symantec BackupExec software, etc.  Managed User end applications e.g. MS Office, Tally ERP 9, HR Portal, Oracle D2K, ERP, E-TDS, etc. EDUCATION Master’s Degree - MBA – IT |LPU DE, Jalandhar, India 2013 - 2017 Bachelor's Degree - BA Program |SOL, University ofDelhi, New Delhi, India 2008 -2011 College Certificate - Higher Diploma in Systems andNetworking |NIITAcademy, NewDelhi, India 2008 - 2010 ADDITIONAL Language Abilities: English(Fluent)| Hindi (Native) Trainings& Certifications: ISO27001:2013Lead Auditor(Certified) | ITIL ® 2011 Foundation(Certified) | CISSP (Trained)

Recommended

IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Anshu Gupta
 
Security metrics
Security metrics Security metrics
Security metrics PRAYAGRAJ11
 
IT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALIT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALCYBER SENSE
 
20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service ProposalCarl Bradley Pate
 
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Todd Petty
 
Pöyry ICS Cyber Security brochure (English)
Pöyry ICS Cyber Security brochure (English)Pöyry ICS Cyber Security brochure (English)
Pöyry ICS Cyber Security brochure (English)Pöyry
 

Recommended

IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Anshu Gupta
 
Security metrics
Security metrics Security metrics
Security metrics PRAYAGRAJ11
 
IT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALIT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALCYBER SENSE
 
20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service ProposalCarl Bradley Pate
 
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1
Microsoft Word Morningstar Rfp Security Assessment 2008 V2 1Todd Petty
 
Pöyry ICS Cyber Security brochure (English)
Pöyry ICS Cyber Security brochure (English)Pöyry ICS Cyber Security brochure (English)
Pöyry ICS Cyber Security brochure (English)Pöyry
 
Adapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint SecurityAdapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint SecurityTripwire
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryPriyanka Aash
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Priyanka Aash
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran Krishnan
 
CyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROICyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROISiemplify
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
Tesseract Service Portfolio
Tesseract Service PortfolioTesseract Service Portfolio
Tesseract Service PortfolioTesseract Consulting
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Enterprise Management Associates
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
Building a World-Class Proactive Integrated Security and Network Ops Center
Building a World-Class Proactive Integrated Security and Network Ops CenterBuilding a World-Class Proactive Integrated Security and Network Ops Center
Building a World-Class Proactive Integrated Security and Network Ops CenterPriyanka Aash
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations CenterSiemplify
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationPriyanka Aash
 
Overview
OverviewOverview
OverviewNathan Burke
 
Security Operations and Response
Security Operations and ResponseSecurity Operations and Response
Security Operations and Responsexband
 
CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1Anil Kr. Dubey ISP ISLA CIISA ACSA CEH CIWSA CCNA MCSA
 
Resume of Naresh Raghupatruni
Resume of Naresh RaghupatruniResume of Naresh Raghupatruni
Resume of Naresh RaghupatruniNaresh Kumar Raghupatruni
 

More Related Content

What's hot

Adapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint SecurityAdapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint SecurityTripwire
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryPriyanka Aash
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Priyanka Aash
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran Krishnan
 
CyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROICyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROISiemplify
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Enterprise Management Associates
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 
Building a World-Class Proactive Integrated Security and Network Ops Center
Building a World-Class Proactive Integrated Security and Network Ops CenterBuilding a World-Class Proactive Integrated Security and Network Ops Center
Building a World-Class Proactive Integrated Security and Network Ops CenterPriyanka Aash
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationSridhar Karnam
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations CenterSiemplify
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationPriyanka Aash
 
Security Operations and Response
Security Operations and ResponseSecurity Operations and Response
Security Operations and Responsexband
 

What's hot (20)

Adapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint SecurityAdapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint Security
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your Story
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Practical Enterprise Security Architecture
Practical Enterprise Security Architecture
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1Sivasankaran_9yrs_Information_security V1
Sivasankaran_9yrs_Information_security V1
 
CyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROICyberSecurity Strategy For Defendable ROI
CyberSecurity Strategy For Defendable ROI
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
 
Tesseract Service Portfolio
Tesseract Service PortfolioTesseract Service Portfolio
Tesseract Service Portfolio
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operations
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Building a World-Class Proactive Integrated Security and Network Ops Center
Building a World-Class Proactive Integrated Security and Network Ops CenterBuilding a World-Class Proactive Integrated Security and Network Ops Center
Building a World-Class Proactive Integrated Security and Network Ops Center
 
Top 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integrationTop 10 tips for effective SOC/NOC collaboration or integration
Top 10 tips for effective SOC/NOC collaboration or integration
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations Center
 
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity CollaborationIntegrated Security Operations Center (ISOC) for Cybersecurity Collaboration
Integrated Security Operations Center (ISOC) for Cybersecurity Collaboration
 
Overview
OverviewOverview
Overview
 
Security Operations and Response
Security Operations and ResponseSecurity Operations and Response
Security Operations and Response
 

Similar to Pankaj's Resume Information Security Professional

Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBsJyothi Satyanathan
 
Mark Sudan Non-ATS Resume / Curriculum Vitae
Mark Sudan Non-ATS Resume / Curriculum VitaeMark Sudan Non-ATS Resume / Curriculum Vitae
Mark Sudan Non-ATS Resume / Curriculum VitaeMarkSudan1
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Yhcg - IT security and risk management
Yhcg - IT security and risk managementYhcg - IT security and risk management
Yhcg - IT security and risk managementWilfred Barretto
 
YHCG - IT Security and Risk Management
YHCG - IT Security and Risk ManagementYHCG - IT Security and Risk Management
YHCG - IT Security and Risk ManagementWilfred Barretto
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked inJohn Masiliunas
 
Kailash Kapal Resume v5
Kailash Kapal Resume v5Kailash Kapal Resume v5
Kailash Kapal Resume v5Kailash Kapal
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 

Similar to Pankaj's Resume Information Security Professional (20)

CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1
 
Resume of Naresh Raghupatruni
Resume of Naresh RaghupatruniResume of Naresh Raghupatruni
Resume of Naresh Raghupatruni
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
 
Balaji Jagan -Resume
Balaji Jagan -ResumeBalaji Jagan -Resume
Balaji Jagan -Resume
 
Resume-DPITVlinkedin
Resume-DPITVlinkedinResume-DPITVlinkedin
Resume-DPITVlinkedin
 
Mark Sudan Non-ATS Resume / Curriculum Vitae
Mark Sudan Non-ATS Resume / Curriculum VitaeMark Sudan Non-ATS Resume / Curriculum Vitae
Mark Sudan Non-ATS Resume / Curriculum Vitae
 
CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Yhcg - IT security and risk management
Yhcg - IT security and risk managementYhcg - IT security and risk management
Yhcg - IT security and risk management
 
YHCG - IT Security and Risk Management
YHCG - IT Security and Risk ManagementYHCG - IT Security and Risk Management
YHCG - IT Security and Risk Management
 
general_resume_12 1 linked in
general_resume_12 1 linked ingeneral_resume_12 1 linked in
general_resume_12 1 linked in
 
kapil mehandiratta_CV
kapil mehandiratta_CVkapil mehandiratta_CV
kapil mehandiratta_CV
 
Kailash Kapal Resume v5
Kailash Kapal Resume v5Kailash Kapal Resume v5
Kailash Kapal Resume v5
 
G-CISO
G-CISOG-CISO
G-CISO
 
Dr. Charles Pak
Dr. Charles PakDr. Charles Pak
Dr. Charles Pak
 
Hanu's Security Services
Hanu's Security ServicesHanu's Security Services
Hanu's Security Services
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
 
Skillmine CISO as service
Skillmine CISO as serviceSkillmine CISO as service
Skillmine CISO as service
 
Chintakunta
ChintakuntaChintakunta
Chintakunta
 

Recently uploaded

HRM PPT on placement , induction and socialization
HRM PPT on placement , induction and socializationHRM PPT on placement , induction and socialization
HRM PPT on placement , induction and socializationRishik53
 
Mercer Global Talent Trends 2024 - Human Resources
Mercer Global Talent Trends 2024 - Human ResourcesMercer Global Talent Trends 2024 - Human Resources
Mercer Global Talent Trends 2024 - Human Resourcesmnavarrete3
 
Cleared Job Fair Handbook | May 2, 2024
Cleared Job Fair Handbook | May 2, 2024Cleared Job Fair Handbook | May 2, 2024
Cleared Job Fair Handbook | May 2, 2024ClearedJobs.Net
 
Mastering Vendor Selection and Partnership Management
Mastering Vendor Selection and Partnership ManagementMastering Vendor Selection and Partnership Management
Mastering Vendor Selection and Partnership ManagementBoundless HQ
 
How Leading Companies Deliver Value with People Analytics
How Leading Companies Deliver Value with People AnalyticsHow Leading Companies Deliver Value with People Analytics
How Leading Companies Deliver Value with People AnalyticsDavid Green
 
Webinar - How to set pay ranges in the context of pay transparency legislation
Webinar - How to set pay ranges in the context of pay transparency legislationWebinar - How to set pay ranges in the context of pay transparency legislation
Webinar - How to set pay ranges in the context of pay transparency legislationPayScale, Inc.
 
Austin Recruiter Network Meeting April 25, 2024
Austin Recruiter Network Meeting April 25, 2024Austin Recruiter Network Meeting April 25, 2024
Austin Recruiter Network Meeting April 25, 2024Dan Medlin
 
Arjan Call Girl Service #$# O56521286O $#$ Call Girls In Arjan
Arjan Call Girl Service #$# O56521286O $#$ Call Girls In ArjanArjan Call Girl Service #$# O56521286O $#$ Call Girls In Arjan
Arjan Call Girl Service #$# O56521286O $#$ Call Girls In Arjanparisharma5056
 
Kesar Bagh } Escort Service in Lucknow - Phone 🍹 8923113531 🧩 Escorts Service...
Kesar Bagh } Escort Service in Lucknow - Phone 🍹 8923113531 🧩 Escorts Service...Kesar Bagh } Escort Service in Lucknow - Phone 🍹 8923113531 🧩 Escorts Service...
Kesar Bagh } Escort Service in Lucknow - Phone 🍹 8923113531 🧩 Escorts Service...gurkirankumar98700
 
VIP Russian Call Girls in Indore Komal 💚😋 9256729539 🚀 Indore Escorts
VIP Russian Call Girls in Indore Komal 💚😋 9256729539 🚀 Indore EscortsVIP Russian Call Girls in Indore Komal 💚😋 9256729539 🚀 Indore Escorts
VIP Russian Call Girls in Indore Komal 💚😋 9256729539 🚀 Indore Escortsaditipandeya
 
Employee Roles & Responsibilities: Driving Organizational Success
Employee Roles & Responsibilities: Driving Organizational SuccessEmployee Roles & Responsibilities: Driving Organizational Success
Employee Roles & Responsibilities: Driving Organizational SuccessHireQuotient
 

Recently uploaded (12)

HRM PPT on placement , induction and socialization
HRM PPT on placement , induction and socializationHRM PPT on placement , induction and socialization
HRM PPT on placement , induction and socialization
 
Mercer Global Talent Trends 2024 - Human Resources
Mercer Global Talent Trends 2024 - Human ResourcesMercer Global Talent Trends 2024 - Human Resources
Mercer Global Talent Trends 2024 - Human Resources
 
Cleared Job Fair Handbook | May 2, 2024
Cleared Job Fair Handbook | May 2, 2024Cleared Job Fair Handbook | May 2, 2024
Cleared Job Fair Handbook | May 2, 2024
 
escort service sasti (*~Call Girls in Rajender Nagar Metro❤️9953056974
escort service sasti (*~Call Girls in Rajender Nagar Metro❤️9953056974escort service sasti (*~Call Girls in Rajender Nagar Metro❤️9953056974
escort service sasti (*~Call Girls in Rajender Nagar Metro❤️9953056974
 
Mastering Vendor Selection and Partnership Management
Mastering Vendor Selection and Partnership ManagementMastering Vendor Selection and Partnership Management
Mastering Vendor Selection and Partnership Management
 
How Leading Companies Deliver Value with People Analytics
How Leading Companies Deliver Value with People AnalyticsHow Leading Companies Deliver Value with People Analytics
How Leading Companies Deliver Value with People Analytics
 
Webinar - How to set pay ranges in the context of pay transparency legislation
Webinar - How to set pay ranges in the context of pay transparency legislationWebinar - How to set pay ranges in the context of pay transparency legislation
Webinar - How to set pay ranges in the context of pay transparency legislation
 
Austin Recruiter Network Meeting April 25, 2024
Austin Recruiter Network Meeting April 25, 2024Austin Recruiter Network Meeting April 25, 2024
Austin Recruiter Network Meeting April 25, 2024
 
Arjan Call Girl Service #$# O56521286O $#$ Call Girls In Arjan
Arjan Call Girl Service #$# O56521286O $#$ Call Girls In ArjanArjan Call Girl Service #$# O56521286O $#$ Call Girls In Arjan
Arjan Call Girl Service #$# O56521286O $#$ Call Girls In Arjan
 
Kesar Bagh } Escort Service in Lucknow - Phone 🍹 8923113531 🧩 Escorts Service...
Kesar Bagh } Escort Service in Lucknow - Phone 🍹 8923113531 🧩 Escorts Service...Kesar Bagh } Escort Service in Lucknow - Phone 🍹 8923113531 🧩 Escorts Service...
Kesar Bagh } Escort Service in Lucknow - Phone 🍹 8923113531 🧩 Escorts Service...
 
VIP Russian Call Girls in Indore Komal 💚😋 9256729539 🚀 Indore Escorts
VIP Russian Call Girls in Indore Komal 💚😋 9256729539 🚀 Indore EscortsVIP Russian Call Girls in Indore Komal 💚😋 9256729539 🚀 Indore Escorts
VIP Russian Call Girls in Indore Komal 💚😋 9256729539 🚀 Indore Escorts
 
Employee Roles & Responsibilities: Driving Organizational Success
Employee Roles & Responsibilities: Driving Organizational SuccessEmployee Roles & Responsibilities: Driving Organizational Success
Employee Roles & Responsibilities: Driving Organizational Success
 

Pankaj's Resume Information Security Professional

  • 1. Pankaj Kumar pankaj.soni2@live.in | +91 9958684517 | Greater Noida, UP, INDIA | linkedin.com/in/pankajsoni02 INFORMATION SECURITY MANAGER| INFORMATION SECURITY OFFICER| INFORMATION SECURITY CONSULTANT |IT SECURITY & GRC CONSULTANT PROFESSIONAL SUMMARY A 10-year experienced Information Security Professional blended with strong IT background. 3+ years of experience in leading project delivery and team management. Helped many clients across industries and time zones to achieve their Information Security goals by performing Third-Party Risk Management, Compliance Assessment, ISO 27001 implementation/ Mock audits, Technical Risk Assessment, Application Gap Assessment, etc. CORE COMPETENCIES  InformationSecurity Management  ISMSDocumentManagement  Third Party/Vendor Risk Management  Compliance Assessment  Technical Risk Management  ISMSAudit(ISO 27001)  InformationSecurity Governance  GDPR, HIPPA, PCI, ITGC, FedRAMP etc.  Threat & Vulnerability Management  BusinessContinuity Planning(BCP)& Disaster Recovery (DR)  Security Architecture  Application, Network, Cloud& EndpointSecurity  GRC tools e.g. RSA Archer, ProcessUnity, Atlas SecurityScorecard, TaniumComply, Nessusetc.  MicrosoftOffice (i.e., Word, Excel and PowerPoint)  CustomerHandling  Team Leadership  Internal/ External StakeholderManagement  Self-motivatedperson  Experience in liaising with global clients/ teams  Initiativeand Decision-makingNature PROFESSIONAL EXPERIENCE Senior Specialist (GRC) HCL Technologies Ltd., Noida, India August2019 - present Responsibilities/ Accomplishments  Lead two GRC projects delivery simultaneously (i.e., Third-Party Risk Management and Compliance Assessment) with a team size of 9 Analysts/ Specialists  Managed 4 direct reportees  Drove Issue Management process for the identified findings  Helped clients to achieve ISO 27001:2013 certification by guiding them in ISO 27001:2013 implementation and performing mock audits  Ensured client delivery as per agreed contract deliverables and T&C which resulted to project renewal with increased scope of work  Ensured respective KPI/PI score in green more than 90% times  Ensuredhigherclient satisfactionby conductinggovernancemeetingswithclientsto shareproject status/address their queries/ requirements etc.  Ensured timely & accurate invoice generation to client by submitting billing data on time and resolving billing dispute if occur any Senior Consultant (Cyber Security) Genpact Enterprise Risk Consulting, Gurugram, India January 2018 –July 2019 Responsibilities/ Accomplishments  Led Configuration Compliance project with a team size of 4 Analysts  Increased compliance efficiency by 50% acrossITassetsby developingconfigurationbaselinesand performingthe compliance assessments  Provided Information & Cyber security consultation to many enterprise clients to achieve their Information Security objectives  Helped one of the fortune 100 enterprise client to institutionalize the RSA Archer Issue management platform across the organization
  • 2. Pankaj Kumar Page 2 of 2  Performed routine Vendor Risk Assessments for more than 30 vendors per year  Performed ITGC audits  Performed asmany as 20 CyberSecurity Gap Assessmentof Application, Network, Cloudetc. andhelped client to remediate the identified gaps Senior Network Security Administrator (Information Security) PeopleStrong HR Services Pvt. Ltd., Gurugram, India October2013 - December2017 Responsibilities/ Accomplishments  Accomplished zero Non-Compliant(NC)in3 consecutiveSSAE18 assessments(yearly)  Helped organizationto secure as many as 30+ new projects andkeep existing projects compliantby supporting Vendor Due Diligence processese.g., Third-Party security assessment, Externalaudits & KPI/PI reporting  Led Security OperationsCenter (SOC) with a team size of 3 Analysts  ManagedInformationSecurity Governance programacrossorganizationconsideringISO 27001:2013 guideline  Established, implemented, andmaintainedIT BCP andachieved 95% - 99% uptimeacrossrespective service tiers  Publishedrespective reportsto the managementas per InformationSecurity Governance metrics  ManagedISMSdocumentationasanauthor, reviewer, andcustodianof the ISMSdocuments  RunSecurity awareness programand InformationSecurity Incidentmanagementprogramacrossthe organization which led to reduction in InformationSecurity Incidentsby 70%  Reduced Risksby 70% by running an effective Risk Managementprocessbased on ISO27001:2013 requirements  Performed CyberSecurity Maturity Gap AnalysisconsideringNISTCyber Security Framework (CSF) and Prepared a 5-Year implementationplanbased onidentified gapsand target maturity level  Reduced application vulnerabilities by 70% by driving Secure SDLC implementationas per OWASP guideline  Reduced Threatsby 90% by performing Vulnerability Assessmentof critical IT resources anddriving remediation  Generated secure productivity capabilitiesacross 1k endpointsby managing Anti-Malware software, DLP solution, Endpointencryptionsolution, etc.  Implemented& Maintainedsecurity controlsonpublic & privatedatacenter consideringCSA guidelines  Achieved 99.80% network uptimeby managingNetwork Security and Network Data e.g., Firewall, IDS/IPS, WAF, Router, Switches, LLB and WAP  Contributed to IT Security Budgeting, IT Security hardware/ software Procurement, and Vendor Management Senior Client Support Engineer (Information Technology (IT)) Smart Integrated Systems, New Delhi, India February 2012 - September2013 Responsibilities/ Accomplishments  Led IT Helpdesk team of 5 IT engineers to manage three regional offices with around 250 endpoint users  Improved Network security by managing Firewalls i.e., Fortinet 110c, 60c, 50b, FortiAnalyzer and WatchGuard  Achieved Network uptime of 98% by managing the network devices e.g., Cisco routers, Cisco switches and WAP  Improved end user productivity by managing Windows servers e.g., AD, DNS, DHCP, File Server and Exchange  Reduced Threats by managing Anti-Virus solution i.e., Symantec Endpoint Protection  Managed Storage & Backup i.e. IBM tape library, Symantec BackupExec software, etc.  Managed User end applications e.g. MS Office, Tally ERP 9, HR Portal, Oracle D2K, ERP, E-TDS, etc. EDUCATION Master’s Degree - MBA – IT |LPU DE, Jalandhar, India 2013 - 2017 Bachelor's Degree - BA Program |SOL, University ofDelhi, New Delhi, India 2008 -2011 College Certificate - Higher Diploma in Systems andNetworking |NIITAcademy, NewDelhi, India 2008 - 2010 ADDITIONAL Language Abilities: English(Fluent)| Hindi (Native) Trainings& Certifications: ISO27001:2013Lead Auditor(Certified) | ITIL ® 2011 Foundation(Certified) | CISSP (Trained)