Chithra Sethumadhavan

Channel Protection-Secure Email Gateway

· The main responsibility includes governance and maintenance of multi-layered Email security architecture, incorporating endpoint protection and email encryption.

·Implemented and managed advanced email security solutions, significantly reducing phishing, spam, and malware incidents.

· Implemented multi-layered detection systems to identify and block malicious content in emails and web traffic.

·Designed and deployed robust email security solutions, protecting against spam, phishing, and malware attacks through advanced filtering and threat detection technologies.

·Deployed and managed email encryption solutions to safeguard sensitive communications and ensure data privacy.

·Led security audits to evaluate the effectiveness of security controls and ensure compliance with regulatory requirements, implementing corrective actions to enhance security posture.

·Conducted comprehensive risk assessments to identify vulnerabilities and assess potential impacts on the organization.

· Led incident response efforts for email security breaches, ensuring rapid containment, investigation, and remediation.

· Conducted incident response and digital forensics investigations, coordinating with stakeholders to resolve security incidents and prevent future breaches.

·

· Developed and enforced comprehensive security policies and procedures, ensuring compliance with industry standards and regulatory requirements.

· Conducted regular vulnerability assessments and penetration testing, identifying and mitigating potential threats.

· Developed and enforced policies for secure email usage, including encryption standards and best practices.

· Collaborated with IT and security teams to integrate defense mechanisms, providing comprehensive protection against a wide range of threats.

· Engaged with stakeholders to understand security requirements and provide tailored solutions that address business needs.

· Engaged with security vendors and stakeholders to evaluate and implement advanced security solutions, aligning with organizational goals.

· Coordinated with cross-functional teams to ensure seamless integration and operation of security layers.

Mobile Device Management

· Implemented and managed mobile device security solutions to protect corporate data and mitigate risks of data breaches.

· Developed and enforced security configurations and policies for mobile devices, including password policies, encryption standards, and remote wipe capabilities.

· Established governance frameworks for mobile device management, aligning with industry standards and regulatory requirements.

· Conducted periodic reviews of MDM policies and practices, ensuring they remain current and effective in addressing emerging threats and organizational needs.

· Conducted regular compliance checks and audits to ensure adherence to security policies and regulatory requirements, addressing any identified gaps.

· Engaged with vendors to manage MDM solutions, ensuring optimal performance and addressing any issues promptly.

· Monitored mobile devices for compliance with established policies, identifying and addressing non-compliant devices through appropriate remediation actions.

· Conducted reviews of new MDM features and updates, assessing their impact on the organization’s mobile security posture and operational efficiency.

· Collaborated with vendors and internal teams to evaluate and implement feature enhancements that align with organizational goals and improve user experience.

· Managed the transition from corporate-owned devices to a Bring Your Own Device (BYOD) model, ensuring seamless integration and maintaining security controls.

· Developed and enforced BYOD policies, balancing corporate security requirements with user privacy and convenience.

· Provided training and support to end-users and IT staff on MDM best practices and troubleshooting, creating comprehensive documentation for reference.

· Managed comprehensive inventory of mobile applications across the enterprise, ensuring up-to-date tracking and monitoring of app installations and usage.

· Conducted regular audits of mobile app inventory to identify unauthorized or outdated applications and enforce compliance with organizational policies.

· Public Key Infrastructure (PKI) and Certificate Management Governance:

· Managed the implementation and maintenance of a robust PKI infrastructure, ensuring secure certificate issuance, renewal,backup, expiry tracking and revocation processes.

· Oversaw the entire certificate lifecycle, from issuance and renewal to revocation and decommissioning, ensuring compliance with security policies and best practices.

· Developed and maintained automated processes for certificate issuance, renewal, and monitoring to enhance operational efficiency and reduce manual intervention.

· Provided technical support and troubleshooting for PKI-related issues, collaborating with cross-functional teams to resolve incidents and ensure system reliability.

· Diagnosed and resolved certificate-related issues, including validation failures and trust chain problems.

· Created comprehensive documentation and conducted training sessions to educate teams on PKI and certificate management best practices.

· Developed and enforced PKI policies, including certificate policies and certification practice statements, ensuring robust security practices.

· Collaborated with certificate authorities (CAs) and other vendors to manage certificate services and resolve issues promptly.

· Engaged with stakeholders to understand business requirements and provide tailored PKI solutions that meet organizational needs.

· Ensured compliance with industry standards and regulatory requirements (e.g., PCI-DSS, HIPAA, NIST) related to PKI and digital certificates.

· Supported regular audits and assessments of PKI environments to identify vulnerabilities and implement corrective actions.