Information Security Assurance – Participated in the provision of security assurances for business
operations ranging from PCIDSS, PADSS, Risk Management, business impact assessment (BIA),
technology controls, etc. Broad experience in developing and defining effective technology
frameworks, governance, processes and roadmaps for security and assurance management.
Process Implementation and Assessment – Led organizations through the development and
establishment of processes up to certification according to various international standards. Developed
templates for the adoption of processes for efficiency and effectiveness of the management
systems e.g ISO 27001, ISO 22301, ISO 9001, COBIT, ISO 20000,.
Vulnerability Assessment and Penetration Testing --Conducted onsite penetration tests from an
insider threat perspective. Performed Penetration Tests for network Défense mechanisms externally
utilizing various methods and techniques. Produced advisory reports regarding 0 -day exploits, CVE
vulnerabilities and redesigned network diagrams to meet security requirements. Performed host,
network, and web application penetration tests. Performed network security analysis and risk
management for designated systems. Proposed remediation strategies for remediating system