Information Security Consultant Resume

Contact information

Buratyno T. Ram

19 Street

Jacksonville

Florida

Career objective 

Looking for a challenging position of the Information Security Consultant Resume the reputed University with a view to use my wide experience for the benefit of the organization.

PROFILE

 

Information Security Consultant with a wide range of experience primarily in implementing the ISO  standard across multiple geographies. Also have work experience on the Information Governance Statement of Compliance (IGSoC) standard and B  (Business Continuity).

 

Able to work on own initiative and as part of a team with a dedication to maintain high quality standards. Proven leadership skills involving managing, developing and motivating individuals and teams to achieve their objectives within the stipulated timelines. 

 

 

MAJOR ACHIEVEMENTS

 

Part of the team which made the ISO  certification possible for Accenture – India Delivery Centre in 2005 which was a first in the world achievement

Responsible for implementing ISO  standard across Accenture – UK Delivery Centre in London. The external audit was conducted by BSI and the certification was achieved in 2008 without any major or minor non-conformities 

Defined the Risk Assessment methodology for Accenture –   Delivery centre as part of the ISO  certification (2008) which was later adopted to two Accenture locations in Germany (Hof & Kronberg)

Responsible for coordinating and managing the External ISO  Continual Assessment Visit (CAV) for Accenture -   Delivery Centre (2009) from BSI

Responsible for the IGSoC and IS  initiative for Clinicenta and for defining the InformationSecurity Risk Assessment methodology which is currently being used

 

 

CAREER HISTORY

 

January 2010 – Current – Clinicenta Ltd

 

Responsible for getting Clinicenta aligned with the Information Governance Statement of Compliance (IGSoC) requirements as stated by NHS and to submit the IG Toolkit. 

Ensure continual efforts to put together a robust Information Governance mechanism in place leading to the IS  certification.

Provide security related advice in the overall functioning of the organisation and put together a Security Forum to discuss the issues/ concerns.

Conduct security audits to identify weaknesses in the implemented system and to plan for remedial actions.

Conduct Information Governance/ Security sessions to raise the security awareness among all staff and to ensure compliance with the NHS training requirements.

Ensure Clinicenta’s compliance with other relevant standards as stated by the laws of the land.

Provide inputs for Business Continuity/ Disaster recovery activities and help the organisation test the plans periodically.

Conducting Risk Assessment and to achieve the ISO  certification for a new hospital in Lister as part of a new contract with NHS

 

 

 

June 2005 – November 2009 - Accenture Services Pvt Ltd

 

October 2008 – Novembers 2009 – Accenture Services –  

 

 

Responsible for managing the Information Security Management System (ISMS) for Accenture   Delivery centre and to ensure the successful certification to ISOstandard

 

Defined and implemented a central framework by which all non compliance issues can be effectively monitored, tracked and reported to management periodically. This improved the effectiveness to a new level which was much appreciated by the management

 

Defined a Risk Assessment approach to identify all the information security risks on various assets/ infrastructure housed within the facility and to ensure that adequate actions are taken to address those in a timely manner. This includes risk acceptance from the senior management 

 

Reviewed change requests to ensure that all changes to the infrastructure are validated to ensure that there are nosecurity flaws being introduced into the system

 

Was part of 'Client Data Protection' program, a program to safeguard personal/ customer data from unauthorised access

 

Provided support to two delivery centre’s in Germany in effectively managing the ISMS and ensure the re-certification of ISO standard. This also included defining the risk assessment methodology by which each domain could conduct self risk assessment.

 

 

 

August 2007 – September 2008 – Accenture Services – London

 

 

Responsible for defining the ISMS for the London Delivery Centre (DC) and implementing the ISO standard across the DC which lead to a successful certification from BSI in June 2008

 

Defined the risk assessment approach and conducted the risk assessment to identify all the applicable risks and take adequate actions to address them as required by the standard

 

Conducted internal audits to validate the effectiveness of the implemented ISMS and defined a process to continually improve the system

 

Defined the Information Security Governance System by which the various inputs from ISMS can be analysed and consolidated, to provide the state of the nation to the management and bring their focus to areas which needs improvement

 

Played a major role in the initial project planning phase to agree on the implementation timelines and define the expectations at each stage of the ISO  implementation process

 

Worked on the project and budget plans for the People CMM initiative for Accenture UK in London

 

 

 

June 2005 – August 2007 – Accenture Services – India

 

 

Part of the team which was responsible for implementing ISO  standard across 10 Accenture India DCs. Tasks involved reviewing organizational policies, conducting risk assessments, technical & non technical audits, interviews, rolling out surveys, reporting etc

 

Part of Business Continuity Team and was responsible for managing BCP Plans for 40+ projects and had to coordinate with and support the projects during a crisis situation. Also was responsible for testing the BCP Plans 

 

Conducted compliance audits to monitor the status of the various projects against their client’s requirements and ensure timely reporting in case of any challenges

 

Defined and implemented various dashboards which made monitoring, tracking and reporting of the project status easier and faster

 

Played a key role in coordinating client visits and represented the company in prospective client interviews from anInformation Security perspective

 

Lead a team, which did a comparison/ analysis on the various business continuity software packages available in the market and proposed on the requirements of an in-house software package for better efficiency

 

Conducted Information Security induction for new resources joining the firm and also mentored the new joiners joining the team. Also was responsible for some indirect reporting from the new members of the team

 

Conducted audits on other standards such as SAS 70, HIPAA etc as part of the overall team responsibilities

 

 

 

QUALIFICATIONS

 

B’ Tech in Information Technology – MG University (2005)

Certified ISO  Lead Implementer – BSI (2006) 

Completed ‘Implementing BS ’ Course – BSI (2009)

Completed ‘Risk Management in Banking and Finance’ Course – City University, London (2007)

 

 

ADDITIONAL EXPERIANCE

 

Share Point 2003/ Moss 2007 - Have 2 plus years of experience in developing and managing Share Point portals and implementing dashboards to make real time reporting possible. The interface was provided with MS Excel 

 

Have limited exposure with various international standards such as SoX (Sarbanes Oxley), PCI (Payment Card Industry), GLBA (Gramm-Leach-Bliley Act), NIST (National Institute of Standards & Technology) standards etc

 

Have mapped the PCI controls to controls of the ISO  standard to identify the level of PCI compliance achieved by an ISO  certification

 

Limited exposure to People CMM owing to the short term responsibility in project planning and budgeting. Have conducted some PCMM internal audits as part of the gap analysis exercise and have exposure to the L2/ L3 process areas

 

References

Buratyno T. Ram

Manager

Wap Company.

Buratyno_Ram@gmail.com