Amar Prakash
Dubai
Summary
More than 13 years' experience as an Information Technology (IT) professional with strong expertise in IT management, IT security management, and IT enterprise architecture. Demonstrated expertise in establishing and implementing large information security programs. Designed and implemented automated tool-based vulnerability management framework that continuously monitors and detects Cybersecurity threats and vulnerabilities. Performed evaluations and selections of IT security tools and successfully implemented IT security systems to protect the availability, integrity, and confidentiality of critical business information and information systems. Highly skilled, dedicated and enthusiastic team player with excellent leadership and communication skills.
Overview
14
14
years of professional experience
Work History
IAM Consultant
OneTriam
Pune
08.2021 - Current
- Collaborated with sales organization and delivered outstanding sales support to retain and grow business.
- Maintained industry leadership reputation by responding to press inquiries.
- Understood business direction of companies and created optimized architectures to meet business needs.
- Identified issues, analyzed information and provided solutions to problems.
- Resolved problems, improved operations and provided exceptional service.
- Offered friendly and efficient service to customers, handled challenging situations with ease.
- Met project deadlines without sacrificing build quality or workplace safety.
- Reviewed and assessed architecture design, implementation, testing and deployment needs to identify project requirements and costs.
- Interviewed, hired and trained staff, leading performance reviews and offering constructive feedback.
- Analyzed network security and current infrastructure to assess areas in need of improvement and develop solutions.
- Communicated and explained business requirements to team members to understand and implement functional demands
Information Security Manager
FAB
Abu Dhabi
12.2019 - Current
- Developed IT security handbooks to provide detailed information and guidance regarding the processes to meet IT security program requirements.
- Developed and implemented web-based Cybersecurity Awareness Training Program for all employees.
- Developed and implemented automated tool-based vulnerability management framework.
- Led effort to conduct IT security risk assessments and develop security plans for departments.
- Led evaluation, selection and implementation of the following tools: governance, risk & compliance (GRC), security information and event management (SIEM), automated vulnerability management, automated penetration testing, application whitelisting, data loss prevention (DLP), intrusion detection system/intrusion prevention system (IDS/IPS), web filtering, malware defense systems for endpoints and network perimeter, and mobile device management.
- Measure, monitor and report on the design and effectiveness of IT controls in compliance with FAB’s internal standards and industry best practices.
- Governance oversight over incident management process and DLP incident management process to ensure appropriate corrective and preventive actions are taken.
Senior Consultant
Wipro
Dubai
12.2018 - 12.2019
- Established management control and communications processes to ensure IT Security Program is implemented consistent with current policies.
- Ensured development and approval of IT security plans and procedures, continuity of operations plans and procedures, and information security baselines and controls.
- Conducted IT security audits to ensure effective implementation of security controls.
- Ensured development and implementation of risk analysis processes and procedures for IT systems.
- Defined risk mitigation strategies and reported significant changes to senior management.
- Ensured vulnerability and threat assessments were performed to evaluate the effectiveness of existing security controls.
- Developed and implemented processes to enable detection, identification, and analysis of IT security threats and vulnerabilities.
- Developed and implemented Information Security Training and Awareness Program.
- Established and maintained effective Information Resource Management program, including the development of strategic IT plan.
- Managed IT service functions, including end user services and devices (computer workstations and mobile computing devices).
- Established management and communication processes to ensure effective IT program that enables the mission and fosters conflict resolution.
- Managed and implemented IT requirements, standards, and business processes.
Assistant Manager
Wallstreet Exchange LLC
Dubai
01.2017 - 12.2018
- Developed program IT security governance document that includes effective approach to internal and external integration and communication to accomplish IT security objectives.
- Coordinated activities of Information Security Officers to define and establish unified program-wide approach to address IT security issues and mitigate IT security risks.
- Established IT security planning processes, including continuity of operations and disaster recovery planning, risk analysis methodologies, and test methodologies for contingency plans and security controls.
- Interfaced with senior management on policy interpretation and presented recommendations for approval. Coordinated with other Mission Directorates, Programs, and Projects to ensure consistent application and implementation of standards.
- Provided leadership to IT security team and contractor community for resolution of IT security issues and implementation of process improvements from lessons learned.
- Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with the Organization’s goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk.
- Oversees all ongoing activities related to the development, implementation, and maintenance of the Organization’s information security policies and procedures by ensuring these policies and procedures encompass the overall security of electronic information at rest or in motion within the system and assisting departments in local process and procedure development, ensuring they are not in conflict with Organization policies.
- Assists other departments to ensure regulatory compliance.
Consultant
PricewaterHouseCoopeer
Pune
12.2014 - 09.2016
- Analyzed problematic areas to provide recommendations and solutions.
- Collaborated with teams to define, strategize and implement marketing and web strategies.
- Created and developed detailed work plans to meet business priorities and deadlines.
- Improved performance, hiring practices and management systems to facilitate success of client's organization.
- Delivered outstanding service to clients to maintain and extend relationship for future business opportunities.
- Enterprise Solution, Design and implement: Design and developed architecture for Enterprise implementation of various security solution like CVM, WAF, DDoS, and PIM for Financial & Telecomm client.
Associate Consultant
Capgemini
Pune
03.2013 - 12.2014
- Integrated technology and business operations to identify targeted solutions to customer issues.
- Aligned closely with business owners and employees to gather information and gain operational insight..
- Participated in design and planning exercises for future software rollouts.
- Collaborated with multidisciplinary teams to design and implement new technology features.
- Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
- Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.
- Performed risk analyses to identify appropriate security countermeasures.
Senior Security Analyst
Sakshay Web Technologies
Noida
11.2012 - 03.2013
- Performed risk analyses to identify appropriate security countermeasures.
- Reviewed violations of computer security procedures and developed mitigation plans.
- Conducted security audits to identify vulnerabilities.
- Recommend improvements in security systems and procedures.
- Developed plans to safeguard computer files against modification, destruction or disclosure.
- Completed vulnerability scans to identify at-risk systems and remediate issues.
- Outlined and maintained security patching schedule to efficiently address ongoing system issues.
- Reduced security risks by 60% through enhancing protocols and ensuring adherence to regulations.
Security Analyst
Society for Electronic Transaction and Security
New Delhi
01.2012 - 10.2012
- Performed risk analyses to identify appropriate security countermeasures.
- Conducted security audits to identify vulnerabilities.
- Recommend improvements in security systems and procedures.
- Monitored use of data files and regulated access to protect secure information.
- Developed plans to safeguard computer files against modification, destruction or disclosure.
- Collaborated with team members to achieve target results.
Assistant System Engineer
Tata Consultancy Services
Gurgaon
08.2010 - 01.2012
- Developed and maintained incident response protocols to mitigate damage and liability during security breaches.
- Designed company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.
- Authored security incident reports, highlighting breaches, vulnerabilities and remedial measures.
- Performed risk analyses to identify appropriate security countermeasures.
- Conducted security audits to identify vulnerabilities.
- Engineered, maintained and repaired security systems and programmable logic controls.
Education
Master of Science - Cyber Law And Information Security
Indian Institute of Information Technology
Allanahad, India06.2010
Bachelor of Technology - Information Technology
Raj Kumar Goel Institute of Technology
Ghaziabad, India06.2006
Skills
- Certified Information Security Auditor (CISA) - 2019
- Certified Information Security Manager (CISM) - 2020
- Certified Cloud Security Knowledge (CCSK) - 2021
- Microsoft Certified Azure Fundamental - 2021
- AWS certified Cloud Practitioner - 2021
- Governance, risk & compliance (GRC)
- Project management
- Information protection and analysis
- Security information and event management (SIEM)
- Risk assessment & compliance
- Intrusion detection/prevention systems (IDS/IPS)
- Security Assessment & Review
- Data loss prevention (DLP)
- Disaster recovery planning
- Vulnerability management
Accomplishments
Leadership
- Developed and implemented enterprise security strategy and framework that consists of strategically integrated elements of NIST risk management and Cybersecurity frameworks, SANS Critical Controls, ISO/IEC 27001/27002 and COBIT 5 for Information Security.
Strategy and Planning
- Developed and communicated Acceptable Use policy, Mobile Device Management (MDM) and Bring Your Own Device (BYOD) policy, and many other security policies and standards to all users.
- Established policies and procedures for system administrators to perform operating system and application patching.
Team Collaboration
- Collaborated with large departments to establish enterprise security framework to accomplish common IT security objectives and leverage common tools to reduce costs.
- Coordinated the activities of Information Security Officers to define and establish unified program-wide approach to address IT security issues and mitigate IT security risks.
Project Management
- Managed the implementation of Enterprise IT Security Framework “Quick Wins” Road Map based on SANS Critical Controls “First Five” controls.
- Managed IT Certification & Accreditation (C&A) program implementing automated tools to realize efficiencies and significant cost savings for C&A process, including developing IT security plans and processes.
Timeline
IAM Consultant
OneTriam
08.2021 - Current
Information Security Manager
FAB
12.2019 - Current
Senior Consultant
Wipro
12.2018 - 12.2019
Assistant Manager
Wallstreet Exchange LLC
01.2017 - 12.2018
Consultant
PricewaterHouseCoopeer
12.2014 - 09.2016
Associate Consultant
Capgemini
03.2013 - 12.2014
Senior Security Analyst
Sakshay Web Technologies
11.2012 - 03.2013
Security Analyst
Society for Electronic Transaction and Security
01.2012 - 10.2012
Assistant System Engineer
Tata Consultancy Services
08.2010 - 01.2012
Master of Science - Cyber Law And Information Security
Indian Institute of Information Technology
Bachelor of Technology - Information Technology
Raj Kumar Goel Institute of Technology
Similar Profiles
MOHAMMED ANASMOHAMMED ANAS
Freelancer at Stefab.comFreelancer at Stefab.com
ERICK SAIMON MMBAGAERICK SAIMON MMBAGA
Ramp Operations Team Leader at Dnata, The Emirates GroupRamp Operations Team Leader at Dnata, The Emirates Group
Asma ShaabanAsma Shaaban
Social Media Manager at KcalSocial Media Manager at Kcal
Nizamuddin SyedNizamuddin Syed
Safety Inspector/Coordinator/Production/Purchasing at Ostermeier FZESafety Inspector/Coordinator/Production/Purchasing at Ostermeier FZE
Jayanth Gowda K UJayanth Gowda K U
IAM Consultant at Hexadius Consulting Pte. Ltd.IAM Consultant at Hexadius Consulting Pte. Ltd.