NARENDRA NEERAV
About Candidate
| Over 19 years of commendable success in Information Technology/Security & Audits, Risk Assessment & IT Infrastructure Management Holds the credit of leading internal team during SAS70 audits and implementing ISO27001 project and providing computer training Exposure in swiftly ramping up networking projects on multiple platforms and conducting security risk assessment, risk management, security audits and developing & implementing security policies Execute and manage Telecom/Infrastructure/Operating System/Database Audits as per company compliance guidelines and global standards Demonstrated experience in developing security processes & procedures as per standards & best practices A keen planner & implementer with a proven track of developing operational policies / norms, systems & controls, motivational schemes & customer service standards Expertise in planning, executing & implementing projects in compliance to quality standards & policies Possess excellent interpersonal, communication and organizational skills with demonstrated abilities in team management and customer relationship management |
Education
Work & Experience
Entrusted with the accountability of maintaining server and Router, Pix firewalls and LAN with 800 systems distributed on two sites • Participated in periodic review of Servers Event Viewer and PIX Logs and ensured implementations and revision of the IT policies while adhering to the compliance with internal policies • Undertook periodic testing of Business Continuity/Disaster Recovery Plan • Interfaced with the client at various places of the world and coordinated with operations to resolve the bottleneck of IT related projects • Conducted internal assessment of Information Technology controls
Ascertained compliance as per GE Corporate Information Security Policy • Carry out Information Security reviews for third parties • Execute and manage Telecom/Datacentre/Infrastructure audits against globalstandards asISO27001 etc for company as well as service providers and other third parties • Steered efforts in planning and implementing Information Security Management System (ISMS) • Conducting due diligence of the vendors aligned for signing service level agreement • Reviewing Master Service agreement of the vendors and conduct the compliance audit against agreed MSA • Imparted periodic information security training to the operations team • Administered a team of five member
Dexterously initiated the internal IT audit functions • Accountable for accessing risk of various IT processes and vulnerabilities • Serving as a part of the: o Team of corporate auditors during external FFIEC/SAS 70 audits o Security committee for periodic assessment and discussion of information security posture of the organization • Initiated penetration testing exercise of internal web applications and data centre network/servers successfully by establishing the team in India • Conducting due diligence of the vendors aligned for signing service level agreement • Reviewing Master Service agreement of the vendors and conduct the compliance audit against agreed MSA • Execute and manage Telecom/Datacentre/Infrastructure audits against global standards as ISO27001 and SAS70 etc. • Rendered risk advisory service to the management as required
• Leading Cyber Security & Compliance Projects implementation • Designing Security Solutions for the end customers • Drafting and implementing internal IT Security Pith policy • Providing IT risk advisory services to the customers which includes computer education (Software/Hardware/Networks) etc • Handling vulnerability assessment/penetration testing assignments • Helping customers in implementing and managing ISMS to get ISO27001 certification • Reviewing and preparing SOW before engaging with partners/customers • Auditing IT infrastructure (Physical/Logical) security and proving cost effective solutions to close the highlighted gaps • Conducting Vulnerability Assessment/Vulnerability Management • Auditing Web applications/Networks etc
Working with the client name Genpact India • Handling and supporting SOX-ITGC Internal/External Audits • Drafting and updating SOPs of different applications as per controls revisions in RCM • Conducting Proactive Monitoring exercise to ensure the audit readiness of In-SOX applications • Handling and supporting vulnerability assessment and management exercise for TAS vertical of Genpact • Providing consulting to dev/ops team on application security guidelines • Supporting ad-hoc projects of audit/InfoSec from TAS vertical side • Handling team of three consultants
Handling and supporting SOX-ITGC Internal/External Audits • Drafting and updating SOPs of different applications as per controls revisions in RCM, Conducting Proactive Monitoring exercise to ensure the audit readiness of In-SOX applications • Handling and supporting vulnerability assessment and management exercise for Technical Applications • Responsible for Implementing Infosec initiatives/projects for TAS vertical • Providing consulting to dev/ops team on application security guidelines • Supporting ad-hoc projects of audit/InfoSec from TAS vertical side • Handling team of three people
Handling and the due diligence questionnaire of the clients and ensuring the compliance • Handling all external/internal regulatory/Compliance audits PROFILE SNAPSHOT • Ensuring audit readiness among the business and different support function teams • Executing Infosec/Phishing Awareness program and status evaluation by sending teams a simulated Phishing email • Working to evaluate and BCP/DR plan • Conducting digital forensic in case of and data breach from the organization • Providing consulting to dev/ops team on security guidelines • Supporting ad-hoc projects of audit/InfoSec from TAS vertical side • Having overall responsibility of global Information Security of the organization • Acting as Chief Information Security Officer(CISO) for the company
