Abhijeet Mali
Security Consultant
Pune
Summary
Collaborative leader with dedication to partnering with coworkers to promote engaged, empowering work culture. Documented strengths in building and maintaining relationships with diverse range of stakeholders in dynamic, fast-paced settings. Detail-oriented Security Consultant committed to improving system design and operations for reliable workflow management. Researches and implements budget-conscious security and encryption solutions to protect user privacy and increase overall network health. Creates easy-to-follow guidelines and troubleshooting documentation for non-technical staff.
Overview
14
14
years of professional experience
5
5
years of post-secondary education
3
3
Certifications
Work History
Security Consultant
Principal Global Services
Pune
09.2020 - Current
- Utilized code and modern cloud-native deployment techniques to design, plan and integrate cloud computing and virtualization systems.
- Worked with cloud architect to generate assessments and develop and implement actionable recommendations based on results and reviews.
- Reviewed existing systems and made recommendations for improvements.
- Partnered with infrastructure teams on evaluation and feasibility assessments of new systems and technologies.
- Identified gaps in market to spot opportunities to create value propositions.
- Developed security metrics and technical analysis to give insight into performance and trends.
- Worked with business partners to balance requirements, security and risk reduction.
- Reviewed and assessed architecture design, implementation, testing and deployment needs to identify project requirements and costs.
- Recommended design changes to production systems in response to changing business process, capacity, risks and performance requirements.
- Participated in system development life cycle from requirements analysis through system implementation.
Cyber Security Compliance Analyst
Studio Retail UK
Manchester
07.2019 - 01.2020
- Conduct internal compliance audits of security controls, and compliance with policies and frameworks
- Gathering and evaluating evidence, collating and preparing evidence for 2nd line review
- Ensuring audit preparation and audit activities are conducted in accordance with timelines and schedules
- Create, maintain and distribute timely and relevant information/cyber security KPIs and metrics
- Develop and maintain and information/cyber security dashboard and metrics which provide a accurate representation of the company cyber risk profile, and relevant cyber threats
- Develop and oversee control systems to prevent, highlight, or deal with any exceptions, and revise processes and reports on a continuous improvement basis to identify hidden risks or exceptions
- Identification and impact/risk assessment of exceptions and non-conformances
- Proactive management and regular reviews of exceptions
- Maturity assessment on IT GRC security control based on PCI/CIS Standard
- Check on Security policy, procedures and related documents to meet organizational risk posture
- Liaising with stakeholders across IT and the wider business to establish any risks and exceptions as a result of policy or process gaps, and taking steps to document and address issues
- Ensuring adherence to all compliance, governance, quality and security standards, delivering a safe, secure and reliable service to the business
- Adhering to regulatory, legislative, quality and security standards and expectations
- Coordinate with external third-party vendors on existing company security and exchange information on controls implemented
Senior Consultant
Cognizant Technology Solution
Pune
03.2016 - 01.2019
- Design & Develop ISMS control framework, based ISO 27001 & ISO 31000 standard
- Conducted the review of security design corresponding to ISO 27001 standard
- IT security policy and procedures review, Business continuity framework review, Risk Assessment Framework
- Reviewing the Policies & procedure based on ISO 27001 standard
- Support client audits based on ISO27001, SSA16/18, HIPPA, and PCIDSS etc
- Technical risk assessment for new applications and the corresponding Information Security Assets
- Perform vendor risk assessments
- Support line of Business, Processes by identifying and managing technology & information risk
- Performed Vulnerability Assessment & Penetration Testing for internal (Application, Network & Servers
- Identified business issues through careful collaboration with key stakeholders
- Assessed security controls needs for IT Security projects and made proposals to senior executives on overall compliance level
- Manage relationships with security, technology and business stakeholders to identify and communicate security risks and mitigation approaches
- Improve and promote comprehensive system risk-related and information security-related activities
- Develop and report key performance and risk indicators to senior and executive management
- Serving as the responsible subject matter expert on IT Risk within that organization which includes
- Analyzed problematic areas to provide recommendations and solutions
IT Security Consultant
Triogenesys Pvt LTD
Pune
09.2014 - 03.2016
- Assessed security compliance, security program organization, policies and procedures, general risks and vulnerabilities.
- Developed reasonable and cost effective recommendations for security improvement.
- Reviewed and interpreted software scanning results to determine best course of action.
- Mitigated operations risks through proactive coordination of crisis response and emergency management strategies.
Senior Administration
Deco's Software Pvt. Ltd
Pune
01.2013 - 09.2014
- Information Security Audit based on ISO 27001 standard
- Assess the adequacy of control, standards, policies & procedures to ensure compliance to regulatory requirements
- Technical risk assessment for new applications and the corresponding Information Security Assets
- Performed Vulnerability Assessment & Penetration Testing for internal (Application, Network & Servers etc.)
IT Lab Administrator
Courion IT Pvt. Ltd
Pune
09.2011 - 09.2012
- ISMS framework (ISO 27001),
- Process management audit including incident and helpdesk management, change management, SLA management, backup procedures, patch management etc
- IT security policy and procedures review, Business continuity framework review, Risk Assessment Framework
- Performed SAS 70 Type I & II audit.
Senior Network Administration
Tata Communication Pvt. Ltd
Pune
03.2009 - 09.2011
- ISMS (ISO 27001) Implementations, As-Is Assessment, Gap assessment
- Process management audit including incident and helpdesk management, change management, SLA management, software licensing management, accounts management, backup procedures, patch management and so on
- IT security policy and procedures review, Business continuity framework review, Risk Assessment Framework
- Risk Management & Compliance regulations
Education
Bachelor of Engineering - Electrical, Electronics and Communications Engineering
Pune University
01.2001 - 01.2006
Skills
IT security best practicesundefined
Accomplishments
- Strong Knowledge of Compliance (ISO/IEC27001, PCI-DSS)
- Technical Risk Assessment (Application Security Assessment, Vulnerability assessment, Network security audit & System configuration review, Web Application Security etc
- Good experience in third party vendor risk assessment & reviews
- Demonstrated abilities in developing information security frameworks, review, reviewing information security policies and ensuring compliance with security standards and procedures
- Worked with various leading public/private sector banks on information security projects and has an understanding of Banking, Healthcare, and Manufacturing industry etc
Certification
CISA
Timeline
Security Consultant
Principal Global Services
09.2020 - Current
Cyber Security Compliance Analyst
Studio Retail UK
07.2019 - 01.2020
Senior Consultant
Cognizant Technology Solution
03.2016 - 01.2019
PCI DSS
03-2015
IT Security Consultant
Triogenesys Pvt LTD
09.2014 - 03.2016
CISM
03-2014
Senior Administration
Deco's Software Pvt. Ltd
01.2013 - 09.2014
CISA
02-2012
IT Lab Administrator
Courion IT Pvt. Ltd
09.2011 - 09.2012
Senior Network Administration
Tata Communication Pvt. Ltd
03.2009 - 09.2011
Bachelor of Engineering - Electrical, Electronics and Communications Engineering
Pune University
01.2001 - 01.2006
Similar Profiles
Ravinder GoliRavinder Goli
Team Lead at Principal Global ServicesTeam Lead at Principal Global Services
Chaitanya VashishthChaitanya Vashishth
Data Product Manager at Principal Global ServicesData Product Manager at Principal Global Services
Suman SamaiyaSuman Samaiya
Senior Process Specialist (FP&A) at PRINCIPAL GLOBAL SERVICESSenior Process Specialist (FP&A) at PRINCIPAL GLOBAL SERVICES
Natasha RajaniNatasha Rajani
Associate Manager at Principal Global ServicesAssociate Manager at Principal Global Services
Amol Dilip WaniAmol Dilip Wani
Senior Specialist – Client Services Project Manager at NICE Interactive SolutionsSenior Specialist – Client Services Project Manager at NICE Interactive Solutions