Rahul Deshmukh

 ISO/ IEC 27001:2013, Data security & privacy, Information Security Regulation Implementation & Maintenance  Pivotal in development & implementation of Information Security Policies, Procedures & Guidelines as well as establishing Risk Assessment Method & handholding asset owners to conduct assessments  Conducted ISO 27001 audits to ensure compliance to established standards & security best practices; established appropriate indicators & processes to evaluate effectiveness of security control  Played a key role and prepared account ready for ISO 27001 surveillance audit  Work with delivery team and Security Risk Advisor (SRA) to complete Delivery Risk Assessment (DRA)  Proactive identification of potential security threats, vulnerabilities, and control techniques and communication across appropriate teams  Develop and implement the risk management process and segregation of duties practices for the project Key Processes: Access Management, On – Off Boarding process, Security plans, Workplace Security Inspection, Segregation of Duties and Risk Management  Also analysing the results from internal and external audits and suggesting action plans.  Managing contracts/RFPs/SLAs w.r.t delivery commitments and service level requirements.  Used to ensure process artefacts are compliant to account standards & policies as well as IBM's internal standards

 Conceptualising & implementing Information Security Framework, IT Security Policies & Standards in organisations to ensure compliance to ISMS requirements; devising Risk Management Framework to manage risks at each level/step and ensure security control.  Lead on implementation of IT controls commensurate with the risk appetite of the organization and compliance of standards / regulatory frameworks.  Making the organisation audit ready, conducting Security/ Data Centre Audits, facilitating Internal & External Audits and acquiring required certifications for the organisations  Involved & facilitator for Business Continuity Management/ Disaster Recovery Plans  Reviewing the IT security measures & safeguarding the information resources of the enterprise to maintain integrity, confidentiality & availability of data / application; performing audits for several application environments and networks  Conducting weekly/monthly status meetings with ADGs & DDGs on various controls, status on vulnerabilities  Perform/ conduct audit as per risk assessment and best practices like ISO27001, ITIL and CMMi guidelines  Responsible to improve Project Management process and methodology for all the AD and AM activities  Supporting team on Data Migration and Information security process related issues  Oversee Security Awareness program at organizational level including the Information Security training programs for staff and work towards continuous improvements.  Managing contracts/RFPs/SLAs w.r.t delivery commitments and service level requirements.  Certified trainer on and ISO 27001 guidelines & Project Management.