Watching movies
Ranjan Mukherjee
Director - Information Security & Risk Management
Hyderabad
Summary
Around 20 years’ rich experience and demonstrated expertise in a wide gamut of Cyber Security, Information Security, Risk and Compliance Audit, Information System Audit with strong project management and decision-making skills. Brings comprehensive knowledge of Information/Cyber Security Risk Management planning and development.
Overview
18
18
years of professional experience
6
6
years of post-secondary education
4
4
Certifications
3
3
Languages
Work History
Director - Information Security
Aon
Hyderabad
03.2022 - Current
- Led Information Security Risk and Compliance for the Aon Technology organization
- Developed a Information Security and Risk & Compliance road map for the organization
- Developed Threat Models to create Technology Process Risk register for Technology operations
- Developed Security and Compliance road map for Cloud Migration
- Evaluated Technology Processes and developed Policies, Standards SOPs and Controls to verify Risk alignment with applicable regulatory requirements
- Managed regulatory/non-regulatory compliance requirements like SOx, SOC, HIPAA, HiTRUST, PCI-DSS, GDPR, SCHREMS II
- Helped the Security organization on Risk mitigation arising from third party security audits and scorecards
- Identified key KRIs to develop Risk and Compliance dashboard for the management using Data Analytics platform and Data visualization tools
- Leveraged in-house GRC platform to identify emerging Risks and perform continuous control monitoring
- Developed Data Life Cycle Framework to understand and identify aspects around Data Management, Privacy and Security
- Spearheaded innovative approaches to optimize operational processes using process automations
- Leveraged professional networks and industry knowledge to strengthen Information Security posture for Technology organization
Director - Cyber Security
EY
Hyderabad
03.2013 - 03.2021
- Established and managing a Information and Cyber Security Practice in Hyderabad for EY to cater to the domestic and international market needs
- Strategies the Cyber Security Business development plan with the local and national leadership to develop the Cyber practice
- Advised and helped large multinationals to develop Cyber Resiliency road map for future
- Developed threat models leveraging industry standards such as NIST, ISO27001, CSA, MITRE, OWASP, STRIDE to identify, assess, evaluate and manage Cyber Risks
- Implemented large Security Operation Center for industry leaders to Detect, Protect, Respond and Manage Security Incidents
- Managed Cyber Security Risk assessments for organizations across industries through designing and executing Red Teaming
- Helped developing Blue Team for organizations to proactively and efficiently manage security incidents
- Helped organizations to recover from massive ransomware attack by restoring business in priority, analyzing root cause of the attack, identifying possible backdoors etc.
- Developed Data Privacy framework for large corporations to comply with GDPR regulations
- Developed Data Life Cycle to manage Data privacy, security and retention for various organization across industries
- Helped identifying Key Risk Indicators to manage InfoSec Risk & Compliance requirements
- Built and leveraged professional networks and industry knowledge to strengthen client relationships
Manager - Information Security
PwC
Kolkata
07.2007 - 02.2013
- Managed Information Security, Compliance & Governance and Information System Audits effectively
- Managed global Information Security, Compliance & Governance and System Security Control review engagements for one of the Global Technology major
- Managed and performed technical security audits on Operating Systems, Network, Databases
- Managed and performed ERP security audits on ERPs such as SAP, Oracle.
IT - Analyst
TCS
Kolkata
07.2006 - 07.2007
- Employed as Windows Global Program Lead for Fortune 100 global primary metals major
- Led the Data Centre migration and virtualization project
- Streamlined all the global IT and IS processes for cross- border Data centres [America, Europe and Australia]
- Maintained a strong client and other stakeholder
Helped the organization in achieving and maintaining the target SLA with the client - Helped the metal major to streamline the team and the processes scattered across geographies
- Helped the metal major to complete a seamless centralization and virtualization of the entire environment
- Helped the organization in improving stakeholder relationship
Technical Lead
Microsoft
Bangalore
05.2005 - 07.2006
- Designing and planning deployment strategy for Windows Active Directory domain infrastructure.
- Troubleshoot complex windows infrastructure issues [AD & Network]
- Provided technical assistance to resolve complex issues
- Developed case studies and technical documentation to create MS knowledge based
- Helped other teams by taking trainings and triages
Developed a cohesive team - Led a team of 10 to 12 individuals
Technical Lead
Convergys
Delhi
06.2003 - 05.2005
- Provided support to customers with Microsoft Enterprise Products with a specialization in Active Directory Services.
- Troubleshoot Windows Active Directory domain infrastructure
- Coordinated technical issues involving Active Directory, Windows Networking and operating systems (Windows 2000, 2003 r2)
- Led a team of 12 individuals
Education
Bachelor's of Commerce - Accounting And Business Management
University of Calcutta
West Bengal, India 03.1997 - 03.1999
12th Board - Science
Nabagram Bidyapith
West Bengal, India 03.1994 - 03.1997
10th Board - General Studies
Nabagram Vidyapith
West Bengal, India 03.1993 - 03.1994
Skills
Information security integration
Accomplishments
- Received "I am Exceptional" award from EY for exemplary client service
- Received accolades from EY leadership for establishing and growing the Cyber Security practice
- Received best Cyber team award in 2020 for delivering projects working from during the pandemic situation, without missing a single deadline
Certification
ITIL
Interests
Playing sports
Trekking
Key Projects
- Helped one of the payment gateways to migrate to cloud solutions
- Helped one of the largest Middle Eastern Bank to become ISO27001 compliant
- Helped one of the Pharma majors to recover from a massive Ransomware attack
- Designing the entire network architecture and the cloud solution for them
- Helped one of the largest tier-4 datacentres in Asia to recover from a massive ransomware attack
- Helped them to manage the security incident and salvaged one their top ERP clients
- Designed and implemented the data retention and disposal lifecycle for one of the technology majors using Microsoft M365 and AIP tools
- Helped one of the technology giants to implement GDPR and NIST data centric framework
- Implementing BCP-DR for Hyderabad Airport
- Centralized datacentre operations for a metal major
Timeline
Director - Information Security
Aon
03.2022 - Current
Director - Cyber Security
EY
03.2013 - 03.2021
Manager - Information Security
PwC
07.2007 - 02.2013
IT - Analyst
TCS
07.2006 - 07.2007
Technical Lead
Microsoft
05.2005 - 07.2006
Technical Lead
Convergys
06.2003 - 05.2005
Bachelor's of Commerce - Accounting And Business Management
University of Calcutta
03.1997 - 03.1999
12th Board - Science
Nabagram Bidyapith
03.1994 - 03.1997
10th Board - General Studies
Nabagram Vidyapith
03.1993 - 03.1994
Similar Profiles
Laura Daniela Triana GuzmánLaura Daniela Triana Guzmán
Wealth Analyst at AONWealth Analyst at AON
SIANI NELSONSIANI NELSON
Benefits Counselor at AonBenefits Counselor at Aon
Geoffrey FrenkGeoffrey Frenk
Retirement Specialist at AonRetirement Specialist at Aon
Allie PignatelloAllie Pignatello
Assistant Vice President at AonAssistant Vice President at Aon
ARAVA ANANTHA RAOARAVA ANANTHA RAO
Information Security Manager at Tata Consultancy ServicesInformation Security Manager at Tata Consultancy Services