H S Zakia Kousar

Business Information Security Officer (BISO):

• Strategic security leader partnering with business and technology executives to translate enterprise security requirements into actionable controls, measurable risk reduction, and audit-ready governance.
• Proven ability to embed secure-by-design principles across products, cloud, and third-party ecosystems, while enabling business outcomes through clear risk decisions, stakeholder alignment, and executive reporting.

My Core Responsibilities:

• Advise business leaders on security risks, guiding decisions to mitigate, accept, transfer, or avoid them with clear accountability.
• Integrate security-by-design into initiatives, including new products, vendor selection, cloud migrations, and major transformations.
• Implemented Zero Trust solutions for applications, and provided application assessment. (Risk Scoring and Impact Analysis)
• Ensure alignment with enterprise policies, standards, and regulatory obligations; drive audit readiness, and evidence collection.
• Lead vulnerability remediation prioritization, and govern risk exceptions with documented rationale, compensating controls, and expiration.
• Manage third-party risk through due diligence, contract security requirements, and ongoing vendor oversight.
• Serve as a business liaison during incident response, coordinating with central security teams, and maintaining recovery playbooks.
• Promote tailored security awareness, and secure ways of working across business teams.

Scope of Ownership and Influence:

Owns:

• Business-unit security roadmap and control adoption plan
• Risk register inputs and exception governance
• Stakeholder alignment across product, engineering, and leadership

Influences (with CISO organization):

• Enterprise control design and security tooling adoption
• SOC processes and escalation paths
• IAM and security architecture standards

Key Deliverables:

• Business security roadmap and adoption plan
• Risk assessments and documented risk acceptances/exceptions
• Security requirements for projects (data classification, encryption, monitoring)
• Third-party security assessments and remediation tracking
• Executive risk reporting (top risks, remediation aging, audit issues, policy exceptions)
• High-Impact Achievements
• Served as primary security advisor for a business unit, aligning priorities with enterprise strategy.
• Built and executed a business-aligned security roadmap balancing delivery timelines, regulatory obligations, and risk reduction.
• Led risk assessments for new products and major changes; guided leadership on risk decisions with documented rationale.
• Established and governed a transparent risk exception process, reducing unmanaged exceptions.
• Embedded security into the SDLC via threat modelling, requirements, and release gating for high-risk changes.
• Partnered with engineering to prioritize remediation by business impact and exploitability, improving time-to-fix for critical issues.
• Directed third-party due diligence and contract security requirements to reduce vendor risk.
• Standardized cloud security control patterns (identity, encryption, monitoring) across teams.
• Coordinated business engagement during incidents, aligning decisions and recovery priorities with central security teams.
• Produced executive-ready risk metrics and reporting (KRIs/KPIs, remediation aging, audit findings) to support leadership decisions.
• Managed and motivated employees to be productive and engaged in work.
• Accomplished multiple tasks within established timeframes.
• Maximized performance by monitoring daily activities and mentoring team members.
• Enhanced customer satisfaction by resolving disputes promptly, maintaining open lines of communication, and ensuring high-quality service delivery.

E-Discovery and Forensic Investigation.

E-Discovery:

Engage clients to determine requirements, questions for investigation. Utilize various investigation methods, such as forensics, data restoration, and keyword searches, to answer clients' questions. Interpret various data results to ensure accurate facts are presented in response to questions asked, without bringing E-Discovery and Forensic Investigation.

E-Discovery:

Monitor all the collection requests that are made by clients via the HMS tool.

Review, search, gather, and respond to all collection requests for Druva, Connected Backup Support Center, ShareFile, and Home directory.

ServiceNow (SN) ticket management: PPMDs retired, and expats.

Preparing monthly metrics of ITS performance related to HMS requests.

Investigations:

DLP:

Trained a team of three under the Symantec Network DLP CI Reduction Process.

Worked on the Symantec Network DLP Scanning and Remediation Process Overview, and setup of scans.

Restoration process and purge process.

Patch Management Team.

• Organize and communicate the monthly PMT meeting requests. (Includes reserving the meeting room, providing the conference bridge number, and the LiveMeeting link.)

Prepare and communicate the PMT meeting agenda for review prior to the meeting.

• Conduct the monthly PMT meeting to review newly reported patches, deliberate, apply deployment ratings, and approve deployment schedules.

Ensure all meeting agenda items are covered, or placed on the next agenda for review, pending priority.

Document meeting notes, including approved deployment ratings, caveats, and attendance.

Coordinate the distribution of the Official Security Patch Notification, as approved by PMT, and distribute completed notes to the email distribution lists and the PMT SharePoint site.

• Communicate any patch deployment cycle issues to the PMT.

Act as a liaison between teams and management on process changes.

Security Compliance Team.

Monitor the Tivoli Web Reports on a weekly basis to look at the compliance report.

Check that all the controls have passed or failed, and coordinate with the system owner.

Properties the risk controls and act immediately with that system owner.

Generate compliance reports, and act as a liaison between teams and management on reports.

Initiate emergency PMT meetings requiring Core PMT members' attendance.

• Manage and maintain the Patch Management Policy, Processes, and Procedures.

• Manage PMT distribution lists:

• Provide training on the Patch Management Program.

• Attend the monthly PMT meeting to review newly reported patches, deliberate, apply deployment ratings, and approve deployment schedules.

• Designate a team representative with voting rights in their absence.

Review and approve all security-related patches for deployment.

• Initiate Emergency PMT meetings requiring the Core PMT members' attendance.

• Manage the Patch Management Program and approve all additions, changes, or deletions to the currently approved Patch Management Program and related policies.

• Enforce the Patch Management Policy, Processes, and Procedures.

Escalate risk issues related to patch management to the Director of Infrastructure, including those where a common agreement cannot be reached.

• Identifying opportunities, conceptualize, design, and implement process changes for metrics and operational improvement.
• Creativity and process innovation through Six Sigma independently with team members.
• Cross-skill development in the team, as required by the project.
• Ensure knowledge-sharing sessions for upskilling team members.
• Manage and resolve escalations as per the process.
• Induction efficiency for new team members (technical and process).
• Expected to have accuracy in shift management, and ensuring that there are no escalations while managing shifts.
• Process compliance, knowledge management, accuracy of documents, and updating all the team members with the changes.
• Accuracy on the daily shift handover report, with detailed RCA for SLA-violated tickets in every shift.
• Timely deliverables on all the designated activities from the management, and deficient management support, always.
• Enabling career compass compliance, and technical certifications for the team.
• Enabling job rotation in the team.
• Mentoring projects, presentations, new ITIS team members, team satisfaction, and team planning ability.
• Contribution to the practice of the Knowledge Management repository.

• Monitored system infrastructure security, and identified network vulnerabilities.
• Involves analyzing intrusion events through the SourceFire Defense Center.
• Monitoring critical network and data security functions like security policy breaching by users, potential worm outbreaks and attempted malicious activity through use of SILCS (Security Login Incidents Correlation System developed internally).
• Performances of DB Servers, DMZ Servers, Application servers etc. are monitored for efficient performance and consistency.
• Use of Big Brother which is a Web-based system and network monitoring solution for monitoring the realtime availability of SOC agents, Sinkholes servers, ePO DAT Servers, SourceFire DC and Sensors and Pushing Emergency DATS on time.
• Event Resolution, Incident handling, worm remediation is done adhering to SLA.
• Tools used in Realtime are nmap, tcpdump and few internally developed UBS tools.
• Implementing database auditing and logging using the SOCDBAUD agent, the firm-wide strategic solution, for all productive Oracle, Sybase and MS SQL databases.
• SOCDBAUD is intended to audit in near real-time activities of Database Administrators, report on a scheduled basis accounts having high-level privileges not currently being audited, all failed logins and changes to the audit sub-system
• Investigating the usage of computing facilities for any security breach and access violations.
• Use of unauthorized software, external storage devices such as USB drives, pen drive etc. for any breach of policy, password sharing, root password changes, any potential rogue devices connected in the network, any malicious activity detected are monitored.
• Liaising with systems users and administrators and recommending.
• Improvements in the management of computing facilities.
• Chat/Email/Phone support to support teams like Database administrators, Wintel Group, Engineering Team, Storage Team etc on issues such as audit logs, socdbaud, NetIQ, Powerbroker access, Antivirus, SOC Agents installations, users reporting about an Incident, Wintel Account lockouts etc.
• Publish the monthly and quarterly reporting (Project Dashboard, Score Card, Security posture etc.) related to overall health of the organization.
• Provides reports on a regular basis, to keep the senior management informed of the operation and progress of compliance efforts.
• Security Incidents - Analysis of incidents, taking action and working with GIS teams to address security incidents and ensuring closure.
• Decide when to be proactive or reactive when an incident occur and take that forward to Problem management Team.