Ravindra Kumar Thakur

Monitoring of Network and firewall security devices. • Configuring and troubleshooting of Cisco Routing protocols (EIGRP, OSPF, BGP), etc. • Configuring and troubleshooting of Cisco Switching protocol (STP, RSTP, PVST) etc. • Configuring and troubleshooting of load balancing protocols HSRP and GLBP. • Configuring and troubleshooting of VLAN, and VTP for Cisco switches. • Analysing of LAN/WAN to determine network performance problems. Provided solutions and documentation • Coordinating with the Global Team in case of critical Network Outages. • Solving the client’s issues remotely using Live meetings and remote Desktop etc. • Investigating, diagnosing, and resolving all network issues by coordinating with users. • Installing and Configuring Routers and Switches as per the project requirement. • Providing Technical Support to field technicians. • Coordinating with ISP vendors in case of link failure. • Performing Regular Security Checks on workstations and servers. • Reviewing the End of Life or End of Support assets and changing as per SLA. • Upgrading the IOS on network devices as per change management process • Installing and implementing security services like E-mail and Internet filters. • Evaluating implementing network management software. • Providing support during the organization-specific internal audits and external audits and sharing the required evidence as per controls

Planning, Scheduling, and Executing the internal audits as per ISMS standards. • Conducting an internal audit program to ensure that an effective internal controls structure is properly designed and operating effectively. • Conducting Endpoint Assessments, Network assessments, Server and Network device hardening reviews as per organization requirements. • Providing support in updating the policies/process/guidelines as per internal organizational changes in process and standards. • Checking all Vulnerable Port Firewalls and Network devices Over the internet with Bit Sight and security scorecard. • Troubleshooting network issues and assisting network engineers with the design of network models and network topology. • Worked on SR, Mail & calls as well for route reachability and VLAN change on the network. • Worked and managed the Tool like HPNNMi, BMC remedy, HPNA, Cisco Prime Provisioning, Infoblox, CA eHealth, and CA Reporter Analyzer. • Worked and managed on Allot, Packet shaper for Proxy and Bandwidth allocation. • Managed all types of Network reachability with scanners like Qualys scanner, and PT scanner. • Managed all types of network vulnerabilities on remediation as per SLA, which are identified by the project team, client audit, PCI DSS audit, and organization-specific vulnerability scans. • Provided support as expertise to assist various business units/projects to achieve different IT and data security certifications like PCI DSS, ISO27001, ISO 22301, ISO 20000, HIPAA, and NIST CSF.

Planning, Scheduling, and Executing the internal audits as per ISMS standards. • Conducting an internal audit program to ensure that an effective internal controls structure is properly designed and operating effectively. • Conducting Gap analysis for projects and applications per ISMS standards and client requirements. • Reviewing the controls as per the organization's Enhanced Compliance Assessments and validating the control as per Test of Design – TOD and Test Of Operating Effectiveness - TOE. • Collecting the artifacts as per internal controls and sharing the evidence with management during the control assessments. • Coordinating with multiple stakeholders gathering the required evidence and validating the control effectiveness as part of internal assessments. • Conducting Endpoint Assessments, Network assessments, Server and Network device hardening reviews as per organization requirements. • Validating the Data Centre controls generating the reports and sharing with management on noted observations or nonconformance areas. • Conducting the internal control reviews as per ITGC like Change Management, Access Management, Patch Management, Incident Management, Back and Restore Security, and Access Reconciliation. • Performing compliance checks and onboarding sign-off for all network security devices into operations. • Doing follow-up with respective tracks and stakeholders on identified observations or nonconformance identified during the internal audits and assessments till closure as per SLA. • Drafting the SOPs and Training Materials on Network, Endpoints, and Servers for internal project-specific training to newly joined resources. • Providing Awareness sessions to employees and vendors on ISMS and Organization policies. • Supporting during External Audits like ISMS, SOC1/ SOC 2, ITGC, PCI-DSS and HIPAA/HITRUST. • Providing support during the client audits as per customer requirements and standards. • Providing support for various business units/projects to achieve different IT and security certifications like PCI DSS, ISO27001, ISO 22301, ISO 20000, HIPAA, and NIST CSF. • Hands-on RCP, KAP, Open pages risk management tools, CAR tools. • Managing Risk management process for clients. • Managing all compliance-related Work like – patch management, and incident management, preparing dashboards for patch reports, and reviewing policy and procedure documents. • Conducting Governance calls, and compliance calls with clients and as well as different service owners.

Planning, scheduling, and executing the internal audits as per ISMS standards • supporting the business group for ISO 27001, PCI DSS, SOC 2, SOC 1, internal audit, external audit, ITGC, SAP GITC, and application audit. • Supporting security control testing and training with the ServiceNow Tool. • Supporting the integration of controls for infrastructure and applications into the ServiceNow tool. • Supporting the closure of the IT audit findings within the given period. • Working with the team to close the SAP GITC application audit findings within the given period. • Supporting SAP GITC Audit, PATCH Management Audit, and Software License Audit, and also supporting closing the audit findings as well. • Supporting and preparing the GRC and IT Audit action presentations for senior management. • Supporting the cyber insurance renewal program. • Supporting filling up the audit requirement questionnaire. • Supporting the NIS2 directive audit, Cyber UK Analysis Implementation • Working with the CoE team to prepare and publish policy, standards, and procedures. • Preparing a gap analysis for the different audit requirements. • Analyze and prepare a gap analysis for policy and standards. • Helping the team prepare the risk acceptance letter and get approval. • Supporting the consolidation of different audit reports for senior management and the internal audit team for discussion.