NANDISH N G
Bengaluru
Summary
Experienced Information Security Engineer with 12 years history of managing security of physical and cloud infrastructure. Adept at identifying security risks and improving security architecture designs. Proven to maintain efficiency in high-stress situations.
Overview
12
12
years of professional experience
Work History
Lead Test Engineer
NEC Software Solutions(India) Pvt Ltd
01.2022 - Current
- Conducting Vulnerability Assessments on Servers.
- Conducting Web Application Security Testing using manual and automated techniques with the ZAP tool.
- Identifying the vulnerabilities using the Nessus tool and providing detailed reports to the client.
- Creating a remediation plan with the customer and management.
- Leading awareness initiatives and programs to follow best application security practices.
- Providing support with the compliance audits..
Information Security & Risk Management
IBM India Pvt Ltd
05.2014 - 01.2022
- Primary lead in Offshore Infrastructure Vulnerability Assessment team for Canada banking client.
- Schedule vulnerability scans for morethan 2500+Windows, 2000+Unix servers in Qualays.
- Experience in Handling the Vulnerability & Compliance Management Environment in Banking and telecommunication sector
- Vulnerability Assessment using tools Nessus, Qualys and classifying security vulnerabilities based on industry-accepted scoring models like CVE, CCSS and work on mitigation plans with system owners
- Remediating the vulnerabilities in a complex environment with ZERO business impact
- ISO 27001 LA, involved in the implementation and internal auditing
- Implemented C.S.D (Customer Security Document) and cover all the clauses of ISO 27001:2013 as applicable.
- Experience in handling IT SOX, SSAE16 audit, and I.T Audit.
- Risk Management, Incident Management, and Access Management.
- Identifying Non-Compliance Issues and driving for closure within the timeline
- Experience in handling critical activities of the audit life cycle.
- Performed risk assessment within the environment.
- Review/Verify the health of critical processes such as Health Check, Patch Management, and Risk and Issue Management.
- Understand the Risk & Compliance framework and integrate that into account- specific requirements.
- Performing monthly vulnerability scans of systems/devices, reviewing vulnerability management reports.
- Act as I.T and Audit response focal
- Provide I.T Pre-audit support for both internal and external audits
- Perform an Internal self-assessment before the external audit to ensure that the delivery team is audit-ready and no major issue exists in the environment
- Facilitate the root cause analysis, identification of corrective and preventive actions, and follow-up for closure
- I.T General control review for various controls such as Patch Management and Health Check Process.
Incident Management Specialist
IBM India Pvt Ltd
11.2010 - 05.2013
- Monitoring the alerts on Tivoli Enterprise Console (T.E.C.), Netcool Omnibus such as Monitor the File system/disk space utilization, CPU utilization, and the like & Creating incident Record when there is an issue identified in a server.
- Responsible for performance- Notification, and Achievement of SLA/SLO of the Operations from an individual and the entire team in the pool to ensure the Service Level Agreements.
- Prepare periodic reports to track workload, response time, and quality of input, provide assistance, training, and troubleshooting support to the team, to achieve healthy team dynamics and Quality review of the Incident records handled by the team.
- I was working in the command Center 24/7 and providing high-end remote technical support to IBM customers.
Education
M.B.A - Information Management
Sikkim Manipal University
2017
B.B.M -
Mountain View College
2009
Skills
- Languages : Python
- Tools : Qualys, Nessus, Nmap, Wireshark, Metaspolit, Burpsuite
- Systems: Windows, Kali Linux, Parrot Security
Certification
● ISO 27001:2013 Lead Auditor.
● Azure Fundamentals AZ-900 Certified.
● Completed CEH V.11 training and planning to write the exam by the end of Sep.
● Completed CISM (Certified Information Security Manager) training in 2021
● ITIL V 3.0 Foundation.
● Red hat Certified System Administrator (RHCSA in V.6).
● Introduction to Cyber Security tools and Cyber Attacks.
● Cloud Security Architect and Engineer Fundamentals.
PERSONAL DOSSIER
● Passport details: Z6153879 valid till 10th January 2031.
● D.O.B.: 01-May-1989
● Marital Status: Married.
● Contact Details: # B003, "Nakshatra Celestia," Thanisandra, Bangalore – 560 094.
● Languages Known: Kannada, English, and Hindi.
Timeline
Lead Test Engineer
NEC Software Solutions(India) Pvt Ltd
01.2022 - Current
Information Security & Risk Management
IBM India Pvt Ltd
05.2014 - 01.2022
Incident Management Specialist
IBM India Pvt Ltd
11.2010 - 05.2013
M.B.A - Information Management
Sikkim Manipal University
B.B.M -
Mountain View College
Similar Profiles
Shraddha ShahShraddha Shah
Senior Business Analyst at NEC SOFTWARE SOLUTIONS INDIA PVT. LTD.Senior Business Analyst at NEC SOFTWARE SOLUTIONS INDIA PVT. LTD.
Sushil Kumar PrajapatiSushil Kumar Prajapati
Software Engineer at NEC Software Solutions India Pvt Ltd.Software Engineer at NEC Software Solutions India Pvt Ltd.
Dheemanth G KDheemanth G K
Senior Software Engineer at NEC Software Solutions PvtSenior Software Engineer at NEC Software Solutions Pvt
PRATEEK JAINPRATEEK JAIN
Lead Product Manager at PayU PaymentsLead Product Manager at PayU Payments
Kishore GSKishore GS
Assistant Manager | Business Development at Flipkart Internet Pvt LtdAssistant Manager | Business Development at Flipkart Internet Pvt Ltd