- A key member of the DNC Investigation team. Held a security clearance level for frequent interactions with several IT members from different departments in the DNC.
- Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs by
- Consulting a Level-1 Payment Gateway ( Client ) to secure their on-line and internal application.
- Pen-testing on-line and internal web applications and PG integrations.
- Administer and maintain user access controls and procedures to prevent unauthorized access.
- Coordinate with other professionals, such as contractors, architects, engineers to ensure deliverable objectives are met.
- Reviewed change records and advised operations teams to eliminate the procedures causing risk to the production systems .
- Ensure stability of it production environment by implementing and managing operational security standards.
- Reviewed access controls to find the procedural, operational risks to only authorized resources are able to obtain access.
- Re-designed the bank internal control plan in compliance with the new regulatory guidelines.
- Ensure it controls of the environment are secure and meet the required policies related to organisational regulations.
- Currently been assigned as an Account Data Security and Privacy Leader for the account.
- Implementation and Sustenance of various data security and privacy controls as defined by IBM Data Security and Privacy Framework, across the account, For e.g.: On/Off Boarding, Access Control, Security Planning, WorkPlace Security, Risk Management, Separation Of Duties
- Reviewing contractual documents like Master Service Agreements, SOWs, PCRs, DOUs etc. in order to identify the client and local governments, data security and privacy requirements
- Categorisation of the project as a Staff Augmentation or Non-Staff Augmentation depending upon the services IBM will be providing to the client as identified in the Contractual Documents
- Categorisation of the project as High, Medium or Low Risk Rating, depending upon the nature of services provided and accessibility to client sensitive data and environments along with various regulations like GDPR, CCPA, HIPAA etc.
- Preparing process documentations describing different controls applicable to projects and procedures to implement the controls and keeping them updated.
- Working closely with the account leadership, Project Partners, Delivery Project Executives, Service Delivery Managers in order to understand client requirements related to Data Security and Privacy and suggest relevant security controls.
senior security consultant
- Advised 23 clients on the identification of risks, and applied subject matter expertise to risk assessments and ownership of the mitigation plans within the business.
- Ensured that the clients’ responses were received in a timely fashion, were in line with recommendations, and had a reasonable estimated completion date, using RSA Archer.
- Supported United Health Group’s accelerated approach for assessing high-risk critical vendors.
- Acted as a liaison and Subject Matter Expert for internal departments and vendors to successfully perform onsite risk assessments.
- Conducted and managed vendor risk assessments, using the NIST 800-30 and HITRUST CSF frameworks.
- Reported assessment reports with remediation efforts and disposition of the third-party vendors.
- Managing multiple projects in multiple languages in different locations worldwide.
- Liaise with Italian local authorities
- Provision of training in Combat First Aid and weapons handling
- Conduct briefings and presentations
- Trained Nouchâtel Police Unit COUGAR in TCCC.