ALOK JAIN

• Working as Security Manager in Cyber Defense division preventing and defending against unauthorized access to systems, networks & data of clients Infra • Working for the India 2nd largest Bank for performing below activities for 30+ Department closely with Chief General Manager, AGM and DGM: o Process Audit (for 200+ applications) o Security cum Functional Audit for the new functionalities o Risk Assessment for critical business applications to define the risks associated o Change management process review to check integrity of process o User Access Review for business-critical applications o Techno cum Process Audit for CyberArk, DLP, SOC, Cyber Security Framework, Network Devices o Special audit for Facilities department • Demonstrated experience of cyber security, information security and data privacy, risk management frameworks and related regulatory and compliance standards in various projects • Oversee the work and manage the engagements and team members ensuring quality and meeting the requirements of the engagement letter / contract • Working as a part of Singapore JV project (since joining) which involved network architecture review and application architecture of some of the critical applications of the client. I am responsible for identifying security gaps in the existing architecture and providing remediation for the gaps identified. • Was involved in conducting information security auditing for several critical applications for one of the Government

SOC Team; improving company’s information security strategy, practices affecting enterprise-wide culture change and facilitating fine tuning of the systems and policies • Revising end-user security documentation, policies, cheat sheets & induction PPTs; enhancing visibility of security performance by publishing metrics in risk dashboard • Performing USB Access review activity every quarter to lower risks associate with removable media by defining partial/full authentication • Performed audit of ITSM & IDPM SaaS Applications with reporting risks to Vendor (Symphony Summit) on quarterly basis • Maintaining RCA documents across all teams in case of any business criticality (SEV 1 tickets) or any alerts through Realtime monitoring of critical devices ( Servers, Network devices, Web Apps) , Security Incident & Event Management solution

• Diligently administered in-house products like Indiabulls DHANI, Trading Web & Mobile App, NSDL API, ADHAAR KYC & KRA, BIOMETRIC Authentication, E-SIGN Documents, PAN, LMS & Home Loans Galaxy Server • Leveraged excellent problem solving and management skills to reduce the Business Risk by 75-80% through: o Quarterly Server Hardening Process (700+ servers) o Quarterly Mobile Apps & Web App Audit ( 20 Apps overall ) o Cross-team coordination for new technology implementation ( New Server, Webservices & Integration of 3rd party APIs) o Collaboration with Data Leakage Prevention & Proxy Team for deployment of a Data Classification, Data Marking & DLP solution, and integrate DLP systems with other solutions like SIEM, NAC and Vulnerability Management to avoid sensitive data leakage • Successfully implemented & delivered ARCON Privileged Identity Management (PIM) /Privileged Access Management Suite (formerly known as ARCOS) with software planning, POC, Architecture Designing, VPN Access, Data Gathering, Software & Collaborating Database Implementation • Involved in an engagement for conducting trade platform testing and enterprise infra reviews for a leading home loan financial organization in India. The engagement also involved the implementation and audit of Identity Access Management. • Ensured the product compatibility to match the end user requirements (in case of DLP & PIMPAM solution) • Other assignments includes Disaster Recovery , UAT rollout & peer feedbacks, technologies integration, troubleshoot and production rollout • Coordinating with Network Head for fine-tuning policies & performing quarterly NAC & IDS Audit to ensure security • Meticulously monitored for critical incidents and presented reports to CISO & other stakeholders of business