SlideShare uma empresa Scribd logo

G-CISO

Transferir como DOC, PDF
N
Namrata Bhise
1 de 3
Namrata N. Bhise CISA B-1903, Pride Presidency Luxuria, Off Ghodbundar Road, Dhokali Naka, Kolshet Road Thane West 400607 Mobile : 9833701852 CISA Certified with expertise in Information Security Governance & Compliance Over 15 years of experience with around 10+ years of experience in Information security leadership position. Background and success to handle all stages of IT audits including planning, study, evaluation and testing of controls, reporting and follow up. Proven track record of design and manage Information governance and Information security related projects like ISO 27000, BCP, Change Management, PCI DSS certification project. PROFESSIONAL EXPERIENCE TATA AIA LTD - Manager Information Security Compliance (Since December 2013) Working as an Information Security Manager (CISO-backup) of the company in providing overall assurance on information security practices to key stakeholders including Management, Business Partners and Customers with wide range of activities including: ISO 27000:2013  Implement and maintain Information Security Management System based on ISO 27000:2013.  Periodic internal audit of the department that are in scope of ISO.  Risk acceptance documented and sign off from CIO.  Facilitate a centralized IT compliance management process through audit and assessment methodology.  Works collaboratively with Business units, IT teams, Audit , Privacy , Legal and risk management functions to align Information Security control framework to business BCP Management  Work with senior management to establish disaster recovery (DR) and business continuity plan.  Facilitate Business Impact Assessment of all the Critical Department, understand new BCP requirement and work with IT Infrastructure team for seamless execution of BCP drill. Information Security Awareness  Facilitated to design awareness mailers and posters.  Annual Information Security Awareness Exam conducted for employees of all the branches across PAN India. Third Party Audit Management  Ownership of Third Party Audit by interacting with all level of management while coordinating and planning third party security review of vendors and outsourced service providers for TATAAIA.  Provide leadership for the governance and compliance of AIA security standards to prevent the unauthorized use, release, modification or destruction of data across multiple platforms and environment. Audit & Compliance  Oversee regulatory compliance, establish and implement cyber security related policies.  Analyze and track key risks involves in IT projects, security incidents, IT Audits and guide investigation and resolution of risks.  Co-ordinate with various teams to ensure timely compliance of all outstanding audit recommendations.  Developing, maintaining and overseeing IT Policies and procedures to ensure alignment with current practices and regulatory requirement.  Conduct half yearly Logical Recertification for critical applications.  Reporting to senior management on the effectiveness of implemented Technology and Information Security matters.  Participate in evaluation, selection and implementation of security product and technologies. ItzCash Card Ltd – Manager Information Security (December 2011 – December 2013) Received appreciation from MD & Senior Management for the Implementation of Change Management and Information Security Awareness program across the Organization. Information Security:  Document & Implement the Information Security policies and Procedure as per regulatory requirements and Industry best practices
 Project Management for Information security governance projects like Change management and Information Security awareness, Business Continuity Planning  Acting as SPOC for all Information Security related requirement by various stakeholders & Business partners for ItzCash Co-Branding cards. Project Delivery Manager, PCI-DSS:  Responsible for delivery of the PCI certification project for freedom prepaid card of Itzcash Card Ltd.  This includes co-ordination with business and vendors for network segmentation, removal, masking of card related data.  System remediation and development of PCI related requirement repository. PREVIOUS EXPERIENCE HDFC BANK – Kanjurmarg as Deputy Manager IT Governance (December 2010 – December 2011)  Create and Roll-out of IT policies, procedures and checklists.  Monitor measure and improve the currently implemented process with the help of process owners and Internal Auditors  Ensure adherence to the Banks IT Policies.  Project Monitoring & follow-up with project team as a part of IT Governance team. ANEJA Associates Mumbai as Assistant Manager IT AUDIT (September2008 – November 2010) Received “Best Audit Report awards 2010” for the project of FINO India.  Worked as Assistant Manager Information Security to identify IT related risk, I used to prepared audit scopes, reported findings, and presented recommendations for improving data integrity and operations.  Conducted security reviews for various clients across Industries like:  HDFC Standard Life Insurance, Birla Sun Life Insurance., Reliance Life Insurance, Tata Power, Clearing Corporation Of India ( CCIL), Birla Mutual Fund, Watson Pharmaceutical Ltd. Nicholas Piramal, National Stock Exchange Mumbai (NSE), NCDEX, NSDL, UTI MF, Crisil India Ltd, FINO India,Peninsula Group Mumbai. CMS Computer Ltd. Mumbai ( Team Leader IT Security – ABN AMRO BANK March 2006 – August 2008) Qualitative experience in risk assessment for identifying and evaluating the application controls and tracking the errors to ensure smooth flow of E-Banking application. NIIT, Kalyan - Corporate trainer (2004 – 2006) Premier Plastics Quality Control Executive (2002-2004) Ana, Mumbai - Quality Control Assistant (1993-1995) PROFESSIONAL QUALIFICATION Certified Information Systems Auditor; ISACA (June - 2008) ISO 27001(ISMS) Lead Auditor ISO 27001:2013 Lead Implementor EDUCATION PGDM - IT/System (2010 - 2011) BSC, Mumbai (1993) Diploma in Software Engineering (NIIT) Mumbai (2005) Diploma in PL/SQL (NIIT) Mumbai (2005) EXTRACURRICULAR ACTIVITIES
Toastmaster member since November 2011– Toastmaster is international organization help individual to improve communication and leadership skill. Date of Birth : 29/04/1974.

Recomendados

Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT SecuritySeccuris Inc.
 
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...Directorate of Information Security | Ditjen Aptika
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Resume-Amit 1.0
Resume-Amit 1.0Resume-Amit 1.0
Resume-Amit 1.0Amit Verma
 
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...Enterprise Mobile
 
Cdpse course content infosec train
Cdpse course content infosec trainCdpse course content infosec train
Cdpse course content infosec trainShivamSharma909
 
(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...
(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...
(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...ITIL Indonesia
 
Cisa 2013 ch3
Cisa 2013 ch3Cisa 2013 ch3
Cisa 2013 ch3Aladdin Dandis
 

Recomendados

Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT SecuritySeccuris Inc.
 
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...
Kerangka untuk RPM Information Security Governance: COBIT 5 for Information S...Directorate of Information Security | Ditjen Aptika
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Resume-Amit 1.0
Resume-Amit 1.0Resume-Amit 1.0
Resume-Amit 1.0Amit Verma
 
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...From Device Selection to Data Protection: Selecting the Right Mobility Soluti...
From Device Selection to Data Protection: Selecting the Right Mobility Soluti...Enterprise Mobile
 
Cdpse course content infosec train
Cdpse course content infosec trainCdpse course content infosec train
Cdpse course content infosec trainShivamSharma909
 
(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...
(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...
(ONLINE) ITIL Indonesia Community - Manfaat Penerapan Sistem Manajemen Keaman...ITIL Indonesia
 
Cisa 2013 ch3
Cisa 2013 ch3Cisa 2013 ch3
Cisa 2013 ch3Aladdin Dandis
 
The Economics of Security
The Economics of SecurityThe Economics of Security
The Economics of SecurityNetwork Intelligence India
 
Why ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationWhy ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationSyed Azher
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsIgnyte Assurance Platform
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1Anil Kr. Dubey ISP ISLA CIISA ACSA CEH CIWSA CCNA MCSA
 
Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)Eryk Budi Pratama
 
Cisa 2013 ch2
Cisa 2013 ch2Cisa 2013 ch2
Cisa 2013 ch2Aladdin Dandis
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get startedIT Governance Ltd
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0Maganathin Veeraragaloo
 
Cisa 2013 ch4
Cisa 2013 ch4Cisa 2013 ch4
Cisa 2013 ch4Aladdin Dandis
 
A framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a cisoA framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a cisoMax Justice
 
How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?PECB
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? PECB
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditBob Rhubart
 
Professional Designations IT Assurance
Professional Designations IT AssuranceProfessional Designations IT Assurance
Professional Designations IT Assurancea3virani
 
[null] Iso 27001 a business view by Sripathi
[null] Iso 27001 a business view by Sripathi[null] Iso 27001 a business view by Sripathi
[null] Iso 27001 a business view by SripathiPrajwal Panchmahalkar
 
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Craig Martin
 
PCI Certification and remediation services
PCI Certification and remediation servicesPCI Certification and remediation services
PCI Certification and remediation servicesTariq Juneja
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information SecurityJohn Macasio
 
NRS 486 Synthesis Paper
NRS 486 Synthesis PaperNRS 486 Synthesis Paper
NRS 486 Synthesis PaperAndrea Ritchie
 
ura_report
ura_reportura_report
ura_reportSara Sudetic
 

Mais conteúdo relacionado

Mais procurados

Why ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationWhy ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationSyed Azher
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsIgnyte Assurance Platform
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?PECB
 
Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)Eryk Budi Pratama
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get startedIT Governance Ltd
 
A framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a cisoA framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a cisoMax Justice
 
How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?PECB
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? PECB
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditBob Rhubart
 
Professional Designations IT Assurance
Professional Designations IT AssuranceProfessional Designations IT Assurance
Professional Designations IT Assurancea3virani
 
[null] Iso 27001 a business view by Sripathi
[null] Iso 27001 a business view by Sripathi[null] Iso 27001 a business view by Sripathi
[null] Iso 27001 a business view by SripathiPrajwal Panchmahalkar
 
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Craig Martin
 
PCI Certification and remediation services
PCI Certification and remediation servicesPCI Certification and remediation services
PCI Certification and remediation servicesTariq Juneja
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information SecurityJohn Macasio
 

Mais procurados (20)

The Economics of Security
The Economics of SecurityThe Economics of Security
The Economics of Security
 
Why ISO 27001 for an Organisation
Why ISO 27001 for an OrganisationWhy ISO 27001 for an Organisation
Why ISO 27001 for an Organisation
 
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and SubcontractorsFull Cybersecurity Regulations Overview for DoD Prime and Subcontractors
Full Cybersecurity Regulations Overview for DoD Prime and Subcontractors
 
How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?How to determine a proper scope selection based on ISO 27001?
How to determine a proper scope selection based on ISO 27001?
 
CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1CV_Anil K Dubey V1.1
CV_Anil K Dubey V1.1
 
Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)Protecting Agile Transformation through Secure DevOps (DevSecOps)
Protecting Agile Transformation through Secure DevOps (DevSecOps)
 
Cisa 2013 ch2
Cisa 2013 ch2Cisa 2013 ch2
Cisa 2013 ch2
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get started
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0
 
Cisa 2013 ch4
Cisa 2013 ch4Cisa 2013 ch4
Cisa 2013 ch4
 
A framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a cisoA framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a ciso
 
How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?
 
How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation? How to minimize threats in your information system using network segregation?
How to minimize threats in your information system using network segregation?
 
Enterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to auditEnterprise Security Architecture: From access to audit
Enterprise Security Architecture: From access to audit
 
Professional Designations IT Assurance
Professional Designations IT AssuranceProfessional Designations IT Assurance
Professional Designations IT Assurance
 
[null] Iso 27001 a business view by Sripathi
[null] Iso 27001 a business view by Sripathi[null] Iso 27001 a business view by Sripathi
[null] Iso 27001 a business view by Sripathi
 
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
Risk-driven and Business-outcome-focused Enterprise Security Architecture Fra...
 
PCI Certification and remediation services
PCI Certification and remediation servicesPCI Certification and remediation services
PCI Certification and remediation services
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governance
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information Security
 

Destaque

NRS 486 Synthesis Paper
NRS 486 Synthesis PaperNRS 486 Synthesis Paper
NRS 486 Synthesis PaperAndrea Ritchie
 
College trade cert
College trade certCollege trade cert
College trade certScott Baker
 
Lehendakariaren hitzaldia - Gautena zentrura bisita
Lehendakariaren hitzaldia - Gautena zentrura bisita Lehendakariaren hitzaldia - Gautena zentrura bisita
Lehendakariaren hitzaldia - Gautena zentrura bisita Irekia - EJGV
 
Skydrive word doc
Skydrive word docSkydrive word doc
Skydrive word docpduddilla
 
Internship Report 2015- st20000575
Internship Report 2015- st20000575Internship Report 2015- st20000575
Internship Report 2015- st20000575Seinn Lei Lei Tun
 
Criança em idade escolar com fissura labial ou fenda palatina (espanhol)
Criança em idade escolar com fissura labial ou fenda palatina (espanhol)Criança em idade escolar com fissura labial ou fenda palatina (espanhol)
Criança em idade escolar com fissura labial ou fenda palatina (espanhol)Creche Segura
 
Raymond Curriculum Vitae
Raymond Curriculum VitaeRaymond Curriculum Vitae
Raymond Curriculum Vitaeraymond maingi
 

Destaque (20)

NRS 486 Synthesis Paper
NRS 486 Synthesis PaperNRS 486 Synthesis Paper
NRS 486 Synthesis Paper
 
ura_report
ura_reportura_report
ura_report
 
College trade cert
College trade certCollege trade cert
College trade cert
 
Dr. Niranjan CV
Dr. Niranjan CV Dr. Niranjan CV
Dr. Niranjan CV
 
Lehendakariaren hitzaldia - Gautena zentrura bisita
Lehendakariaren hitzaldia - Gautena zentrura bisita Lehendakariaren hitzaldia - Gautena zentrura bisita
Lehendakariaren hitzaldia - Gautena zentrura bisita
 
Test
TestTest
Test
 
Skydrive word doc
Skydrive word docSkydrive word doc
Skydrive word doc
 
sunny-certificate
sunny-certificatesunny-certificate
sunny-certificate
 
03
0303
03
 
I’m so cool
I’m so coolI’m so cool
I’m so cool
 
KGPP
KGPPKGPP
KGPP
 
Postcard invite
Postcard invite Postcard invite
Postcard invite
 
IMEKO-final
IMEKO-finalIMEKO-final
IMEKO-final
 
1
11
1
 
Internship Report 2015- st20000575
Internship Report 2015- st20000575Internship Report 2015- st20000575
Internship Report 2015- st20000575
 
Cardiac Ultrasound, Cardiomyopathy and High Precision Medicine
Cardiac Ultrasound, Cardiomyopathy and High Precision MedicineCardiac Ultrasound, Cardiomyopathy and High Precision Medicine
Cardiac Ultrasound, Cardiomyopathy and High Precision Medicine
 
Criança em idade escolar com fissura labial ou fenda palatina (espanhol)
Criança em idade escolar com fissura labial ou fenda palatina (espanhol)Criança em idade escolar com fissura labial ou fenda palatina (espanhol)
Criança em idade escolar com fissura labial ou fenda palatina (espanhol)
 
Raymond Curriculum Vitae
Raymond Curriculum VitaeRaymond Curriculum Vitae
Raymond Curriculum Vitae
 
ResumeCurrent
ResumeCurrentResumeCurrent
ResumeCurrent
 
My vacation
My vacation My vacation
My vacation
 

Semelhante a G-CISO

CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 
Visual_ CV_of_Umesh ranade
Visual_ CV_of_Umesh ranadeVisual_ CV_of_Umesh ranade
Visual_ CV_of_Umesh ranadeUmesh ranade
 
Bankat Resume 16th April 15
Bankat Resume 16th April 15Bankat Resume 16th April 15
Bankat Resume 16th April 15Bankat Sharma
 
Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011subramanian K
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Resume of md. ataul islam
Resume of md. ataul islamResume of md. ataul islam
Resume of md. ataul islamMd. Ataul Islam
 
Quality and Information Security Assurance
Quality and Information Security AssuranceQuality and Information Security Assurance
Quality and Information Security AssuranceKumud Mishra
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISAIshita Kundu
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedkonchada
 
Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore.
 
CV_Ashish Shah2016
CV_Ashish Shah2016CV_Ashish Shah2016
CV_Ashish Shah2016Ashish Shah
 
Roger Sloan Resume
Roger Sloan ResumeRoger Sloan Resume
Roger Sloan ResumeRoger Sloan
 
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Mohamed Aman Elhelw
 
Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRAApoorva Kabra
 
Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis
 

Semelhante a G-CISO (20)

CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 
Balaji Jagan -Resume
Balaji Jagan -ResumeBalaji Jagan -Resume
Balaji Jagan -Resume
 
Visual_ CV_of_Umesh ranade
Visual_ CV_of_Umesh ranadeVisual_ CV_of_Umesh ranade
Visual_ CV_of_Umesh ranade
 
Bankat Resume 16th April 15
Bankat Resume 16th April 15Bankat Resume 16th April 15
Bankat Resume 16th April 15
 
RBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on ITRBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on IT
 
Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011Security architecture rajagiri talk march 2011
Security architecture rajagiri talk march 2011
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
 
Resume of md. ataul islam
Resume of md. ataul islamResume of md. ataul islam
Resume of md. ataul islam
 
Quality and Information Security Assurance
Quality and Information Security AssuranceQuality and Information Security Assurance
Quality and Information Security Assurance
 
Sanjay Pawar
Sanjay PawarSanjay Pawar
Sanjay Pawar
 
Resume_IshitaKundu_CISA
Resume_IshitaKundu_CISAResume_IshitaKundu_CISA
Resume_IshitaKundu_CISA
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Saikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updatedSaikiran_CV_Operational Risk_updated
Saikiran_CV_Operational Risk_updated
 
Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance Analyst
 
CV_Ashish Shah2016
CV_Ashish Shah2016CV_Ashish Shah2016
CV_Ashish Shah2016
 
Roger Sloan Resume
Roger Sloan ResumeRoger Sloan Resume
Roger Sloan Resume
 
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
Resume - Mohamed Aman Mohamed Elhelw-Jun 2016
 
Resume-APOORVA KABRA
Resume-APOORVA KABRAResume-APOORVA KABRA
Resume-APOORVA KABRA
 
Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015
 
Resume of Naresh Raghupatruni
Resume of Naresh RaghupatruniResume of Naresh Raghupatruni
Resume of Naresh Raghupatruni
 

G-CISO

  • 1. Namrata N. Bhise CISA B-1903, Pride Presidency Luxuria, Off Ghodbundar Road, Dhokali Naka, Kolshet Road Thane West 400607 Mobile : 9833701852 CISA Certified with expertise in Information Security Governance & Compliance Over 15 years of experience with around 10+ years of experience in Information security leadership position. Background and success to handle all stages of IT audits including planning, study, evaluation and testing of controls, reporting and follow up. Proven track record of design and manage Information governance and Information security related projects like ISO 27000, BCP, Change Management, PCI DSS certification project. PROFESSIONAL EXPERIENCE TATA AIA LTD - Manager Information Security Compliance (Since December 2013) Working as an Information Security Manager (CISO-backup) of the company in providing overall assurance on information security practices to key stakeholders including Management, Business Partners and Customers with wide range of activities including: ISO 27000:2013  Implement and maintain Information Security Management System based on ISO 27000:2013.  Periodic internal audit of the department that are in scope of ISO.  Risk acceptance documented and sign off from CIO.  Facilitate a centralized IT compliance management process through audit and assessment methodology.  Works collaboratively with Business units, IT teams, Audit , Privacy , Legal and risk management functions to align Information Security control framework to business BCP Management  Work with senior management to establish disaster recovery (DR) and business continuity plan.  Facilitate Business Impact Assessment of all the Critical Department, understand new BCP requirement and work with IT Infrastructure team for seamless execution of BCP drill. Information Security Awareness  Facilitated to design awareness mailers and posters.  Annual Information Security Awareness Exam conducted for employees of all the branches across PAN India. Third Party Audit Management  Ownership of Third Party Audit by interacting with all level of management while coordinating and planning third party security review of vendors and outsourced service providers for TATAAIA.  Provide leadership for the governance and compliance of AIA security standards to prevent the unauthorized use, release, modification or destruction of data across multiple platforms and environment. Audit & Compliance  Oversee regulatory compliance, establish and implement cyber security related policies.  Analyze and track key risks involves in IT projects, security incidents, IT Audits and guide investigation and resolution of risks.  Co-ordinate with various teams to ensure timely compliance of all outstanding audit recommendations.  Developing, maintaining and overseeing IT Policies and procedures to ensure alignment with current practices and regulatory requirement.  Conduct half yearly Logical Recertification for critical applications.  Reporting to senior management on the effectiveness of implemented Technology and Information Security matters.  Participate in evaluation, selection and implementation of security product and technologies. ItzCash Card Ltd – Manager Information Security (December 2011 – December 2013) Received appreciation from MD & Senior Management for the Implementation of Change Management and Information Security Awareness program across the Organization. Information Security:  Document & Implement the Information Security policies and Procedure as per regulatory requirements and Industry best practices
  • 2.  Project Management for Information security governance projects like Change management and Information Security awareness, Business Continuity Planning  Acting as SPOC for all Information Security related requirement by various stakeholders & Business partners for ItzCash Co-Branding cards. Project Delivery Manager, PCI-DSS:  Responsible for delivery of the PCI certification project for freedom prepaid card of Itzcash Card Ltd.  This includes co-ordination with business and vendors for network segmentation, removal, masking of card related data.  System remediation and development of PCI related requirement repository. PREVIOUS EXPERIENCE HDFC BANK – Kanjurmarg as Deputy Manager IT Governance (December 2010 – December 2011)  Create and Roll-out of IT policies, procedures and checklists.  Monitor measure and improve the currently implemented process with the help of process owners and Internal Auditors  Ensure adherence to the Banks IT Policies.  Project Monitoring & follow-up with project team as a part of IT Governance team. ANEJA Associates Mumbai as Assistant Manager IT AUDIT (September2008 – November 2010) Received “Best Audit Report awards 2010” for the project of FINO India.  Worked as Assistant Manager Information Security to identify IT related risk, I used to prepared audit scopes, reported findings, and presented recommendations for improving data integrity and operations.  Conducted security reviews for various clients across Industries like:  HDFC Standard Life Insurance, Birla Sun Life Insurance., Reliance Life Insurance, Tata Power, Clearing Corporation Of India ( CCIL), Birla Mutual Fund, Watson Pharmaceutical Ltd. Nicholas Piramal, National Stock Exchange Mumbai (NSE), NCDEX, NSDL, UTI MF, Crisil India Ltd, FINO India,Peninsula Group Mumbai. CMS Computer Ltd. Mumbai ( Team Leader IT Security – ABN AMRO BANK March 2006 – August 2008) Qualitative experience in risk assessment for identifying and evaluating the application controls and tracking the errors to ensure smooth flow of E-Banking application. NIIT, Kalyan - Corporate trainer (2004 – 2006) Premier Plastics Quality Control Executive (2002-2004) Ana, Mumbai - Quality Control Assistant (1993-1995) PROFESSIONAL QUALIFICATION Certified Information Systems Auditor; ISACA (June - 2008) ISO 27001(ISMS) Lead Auditor ISO 27001:2013 Lead Implementor EDUCATION PGDM - IT/System (2010 - 2011) BSC, Mumbai (1993) Diploma in Software Engineering (NIIT) Mumbai (2005) Diploma in PL/SQL (NIIT) Mumbai (2005) EXTRACURRICULAR ACTIVITIES
  • 3. Toastmaster member since November 2011– Toastmaster is international organization help individual to improve communication and leadership skill. Date of Birth : 29/04/1974.