Watching movies
Ranjan Mukherjee
Director - Information Security & Risk Management
Hyderabad
Summary
Around 20 years’ rich experience and demonstrated expertise in a wide gamut of Cyber Security, Information Security, Risk and Compliance Audit, Information System Audit with strong project management and decision-making skills. Brings comprehensive knowledge of Information/Cyber Security Risk Management planning and development.
Overview
18
18
years of professional experience
6
6
years of post-secondary education
4
4
Certifications
3
3
Languages
Work History
Director - Information Security
Aon
Hyderabad
03.2022 - Current
- Led Information Security Risk and Compliance for the Aon Technology organization
- Developed a Information Security and Risk & Compliance road map for the organization
- Developed Threat Models to create Technology Process Risk register for Technology operations
- Developed Security and Compliance road map for Cloud Migration
- Evaluated Technology Processes and developed Policies, Standards SOPs and Controls to verify Risk alignment with applicable regulatory requirements
- Managed regulatory/non-regulatory compliance requirements like SOx, SOC, HIPAA, HiTRUST, PCI-DSS, GDPR, SCHREMS II
- Helped the Security organization on Risk mitigation arising from third party security audits and scorecards
- Identified key KRIs to develop Risk and Compliance dashboard for the management using Data Analytics platform and Data visualization tools
- Leveraged in-house GRC platform to identify emerging Risks and perform continuous control monitoring
- Developed Data Life Cycle Framework to understand and identify aspects around Data Management, Privacy and Security
- Spearheaded innovative approaches to optimize operational processes using process automations
- Leveraged professional networks and industry knowledge to strengthen Information Security posture for Technology organization
Director - Cyber Security
EY
Hyderabad
03.2013 - 03.2021
- Established and managing a Information and Cyber Security Practice in Hyderabad for EY to cater to the domestic and international market needs
- Strategies the Cyber Security Business development plan with the local and national leadership to develop the Cyber practice
- Advised and helped large multinationals to develop Cyber Resiliency road map for future
- Developed threat models leveraging industry standards such as NIST, ISO27001, CSA, MITRE, OWASP, STRIDE to identify, assess, evaluate and manage Cyber Risks
- Implemented large Security Operation Center for industry leaders to Detect, Protect, Respond and Manage Security Incidents
- Managed Cyber Security Risk assessments for organizations across industries through designing and executing Red Teaming
- Helped developing Blue Team for organizations to proactively and efficiently manage security incidents
- Helped organizations to recover from massive ransomware attack by restoring business in priority, analyzing root cause of the attack, identifying possible backdoors etc.
- Developed Data Privacy framework for large corporations to comply with GDPR regulations
- Developed Data Life Cycle to manage Data privacy, security and retention for various organization across industries
- Helped identifying Key Risk Indicators to manage InfoSec Risk & Compliance requirements
- Built and leveraged professional networks and industry knowledge to strengthen client relationships
Manager - Information Security
PwC
Kolkata
07.2007 - 02.2013
- Managed Information Security, Compliance & Governance and Information System Audits effectively
- Managed global Information Security, Compliance & Governance and System Security Control review engagements for one of the Global Technology major
- Managed and performed technical security audits on Operating Systems, Network, Databases
- Managed and performed ERP security audits on ERPs such as SAP, Oracle.
IT - Analyst
TCS
Kolkata
07.2006 - 07.2007
- Employed as Windows Global Program Lead for Fortune 100 global primary metals major
- Led the Data Centre migration and virtualization project
- Streamlined all the global IT and IS processes for cross- border Data centres [America, Europe and Australia]
- Maintained a strong client and other stakeholder
Helped the organization in achieving and maintaining the target SLA with the client - Helped the metal major to streamline the team and the processes scattered across geographies
- Helped the metal major to complete a seamless centralization and virtualization of the entire environment
- Helped the organization in improving stakeholder relationship
Technical Lead
Microsoft
Bangalore
05.2005 - 07.2006
- Designing and planning deployment strategy for Windows Active Directory domain infrastructure.
- Troubleshoot complex windows infrastructure issues [AD & Network]
- Provided technical assistance to resolve complex issues
- Developed case studies and technical documentation to create MS knowledge based
- Helped other teams by taking trainings and triages
Developed a cohesive team - Led a team of 10 to 12 individuals
Technical Lead
Convergys
Delhi
06.2003 - 05.2005
- Provided support to customers with Microsoft Enterprise Products with a specialization in Active Directory Services.
- Troubleshoot Windows Active Directory domain infrastructure
- Coordinated technical issues involving Active Directory, Windows Networking and operating systems (Windows 2000, 2003 r2)
- Led a team of 12 individuals
Education
Bachelor's of Commerce - Accounting And Business Management
University of Calcutta
West Bengal, India 03.1997 - 03.1999
12th Board - Science
Nabagram Bidyapith
West Bengal, India 03.1994 - 03.1997
10th Board - General Studies
Nabagram Vidyapith
West Bengal, India 03.1993 - 03.1994
Skills
Information security integration
Information Protection /Security
Security architecture and technologies
Penetration testing [Tools]
Security vulnerability assessment
Risk mitigation strategies
Security regulations compliance
Security consultation
Designing security controls
Accomplishments
- Received "I am Exceptional" award from EY for exemplary client service
- Received accolades from EY leadership for establishing and growing the Cyber Security practice
- Received best Cyber team award in 2020 for delivering projects working from during the pandemic situation, without missing a single deadline
Certification
ITIL
Interests
Playing sports
Trekking
Key Projects
- Helped one of the payment gateways to migrate to cloud solutions
- Helped one of the largest Middle Eastern Bank to become ISO27001 compliant
- Helped one of the Pharma majors to recover from a massive Ransomware attack
- Designing the entire network architecture and the cloud solution for them
- Helped one of the largest tier-4 datacentres in Asia to recover from a massive ransomware attack
- Helped them to manage the security incident and salvaged one their top ERP clients
- Designed and implemented the data retention and disposal lifecycle for one of the technology majors using Microsoft M365 and AIP tools
- Helped one of the technology giants to implement GDPR and NIST data centric framework
- Implementing BCP-DR for Hyderabad Airport
- Centralized datacentre operations for a metal major
Timeline
Director - Information Security
Aon
03.2022 - Current
Director - Cyber Security
EY
03.2013 - 03.2021
Manager - Information Security
PwC
07.2007 - 02.2013
IT - Analyst
TCS
07.2006 - 07.2007
Technical Lead
Microsoft
05.2005 - 07.2006
Technical Lead
Convergys
06.2003 - 05.2005
Bachelor's of Commerce - Accounting And Business Management
University of Calcutta
03.1997 - 03.1999
12th Board - Science
Nabagram Bidyapith
03.1994 - 03.1997
10th Board - General Studies
Nabagram Vidyapith
03.1993 - 03.1994