Samadhan Rane
Information Security Manager
Dombivali
Summary
Experienced Information Security Manager with 12 plus years of success in designing and implementing robust security architectures aligned with organizational goals and industry standards. Skilled in managing end-to-end cybersecurity operations including network security, DLP, email security, external threat monitoring, and incident response. Proven expertise in technologies such as firewalls, WAF, DDoS, CASB, NAC, DAM, SD-WAN, MDO, and Seclore IRM. Strong background in disaster recovery, roadmapping, audit readiness, and team leadership, with a consistent record of improving security posture and operational efficiency. Actively seeking a growth-oriented role within a forward-thinking organization.
Overview
14
14
years of professional experience
4
4
Certifications
3
3
Languages
Work History
Chief Manager- Information Security
ICICI Lombard General Insurance
07.2021 - Current
- Directed network security programs by performing vulnerability assessments (VA) and configuration audits (CA) for critical network devices using tools like firewall analyzers; evaluated and approved firewall change requests based on risk assessments involving Next-Gen Firewalls, WAF, DDoS mitigation, and SD-WAN technologies.
- Managed enterprise data security operations, including DLP policy enforcement (e.g., Microsoft Purview DLP, Symantec, etc.), data leakage investigations, and implementation of Seclore IRM for secure document handling and rights management.
- Strengthened email security controls by managing Microsoft Defender for Office 365 (MDO), conducting phishing simulation campaigns, and driving DMARC/DKIM/SPF compliance to reduce risks from spoofing and targeted email threats.
- Oversaw external threat management including brand monitoring, deep/dark web surveillance, and threat intelligence analysis to proactively detect and mitigate impersonation, credential leaks, and external risks.
- Delivered full-spectrum Information Security Management Services (ISMS) aligned with ISO/IEC 27001:2022, focusing on governance, documentation, and control effectiveness.
- Ensured governance, lifecycle management, and regulatory compliance of a wide range of security tools including CASB (MCAS, Netskope), proxy solutions (Zscaler, Prisma), NAC (ISE), and DAM (Imperva) platforms.
- Led the Red Team Assessment (RTA) management lifecycle, coordinating with internal and external teams, monitoring execution, reviewing post-assessment results, and overseeing remediation.
- Conducted Proof of Concept (POC) evaluations and led production rollouts for security technologies across various domains including WAF, CASB, NAC, DAM, and DLP, ensuring seamless integration and measurable security outcomes.
- Actively managed security incidents and facilitated Business Continuity and Disaster Recovery (BCP/DR) processes; contributed to playbook development and participated in tabletop exercises for real-world scenarios.
- Executed IT governance and compliance audits, collaborated with cross-functional teams to close audit gaps, and ensured policy enforcement as per IRDAI, ISO, and internal frameworks.
Lead- Information Security
Financial Software and systems Pvt Ltd
11.2020 - 06.2021
- Managed quality assurance program, including on-site evaluations, internal audits and customer surveys.
- Driving compliance to PCI DSS, PADSS, ISO 27001, ISO 22301
- Policy, Process development for above standards and best practices
- Work with teams on security for product development / Technology operations
- Identifying and tracking vulnerabilities to closure
- Participate in Change Management and analyzing the security impact and security Incident Management
Information Security Manager
IndiaFirstLife Insurance Company Ltd
08.2018 - 11.2020
- Monitoring computer virus reports to determine when to update virus protection systems.
- Providing security strategy which provides framework to produce metrics which can be used to assist current and future management decision
- Working closely with IT department on corporate technology development to fully secure information, computer, network, and processing systems
- Performing risk analyses to identify appropriate security countermeasures.
- IT governance and compliance audit
- Incident and BCP Management
- Conducting security audits to identify vulnerabilities.
- Recommend improvements in security systems and procedures.
- Encrypted and Classified data to protect confidential information.
- Monitors use of data files and regulated access to protect secure information.
- Review violations of computer security procedures and developed mitigation plans.
- Managing quality assurance program, including on-site evaluations, internal audits and customer surveys.
- Leading Infosec team in delivery of BAU.
Security Engineer L2
Softcell Technologies Ltd
12.2016 - 07.2018
- Resolved Network access related problems, improved operations and provided exceptional client support.
- Increased customer satisfaction by resolving escalated issues.
- Handled calls and resolved problem tickets as per SLA to address customer inquiries and concerns.
- Configuring and Troubleshooting (L2) Firewall / NAT Rules, VPN on Checkpoint, Fortigate Firewall.
- Configure, troubleshoot, and upgraded Checkpoint Firewalls for Manage clients, which included network and/or resource access, software, or hardware problems.
- WAF, IPS and Proxy L1 level troubleshooting.
- Configuring Algosec firewall Analyzer with Checkpoint Firewall.Fetch reports used/unused/expired rules from Algosec and take necessary action.Do Rulebase and NAT rule review.
Administrator L3
Wipro Technologies
06.2015 - 12.2016
- Resolved Network access related problems, improved operations and provided exceptional client support.
- Increased customer satisfaction by resolving escalated issues.
- Handled calls and resolved problem tickets as per SLA to address customer inquiries and concerns.
- Configuring and Troubleshooting (L2) Firewall / NAT Rules, VPN on Checkpoint Firewall.
- Configuring Algosec firewall Analyzer with Checkpoint Firewall. Fetch reports used/unused/expired rules from Algosec and take necessary action. Do Rulebase and NAT rule review.
- Configuring and monitoring Security logs of Windows,Linux server, firewall, proxy, waf in KHIKA SIEM.
- Escalate suspicious and critical events to risk team for further action.
- Windows and linux server secure configuration scanning in KHIKA
- Configuration of correlation rules in KHIKA SIEM
- Installation and Configuration of VASCO two factor authentication server.
- Assigning and maintaining DIGIPASS tokens.
- Troubleshooting and reporting of 2FA
- Installation and Configuration of Trend Micro Deep Security Manager.
- Trend Micro DSM agent roll-out on EOL servers.
- Daily monitoring and reporting of deep security manager events.
- Troubleshooting and follow-up with trend micro for problem tickets
- Configuration of ForeScoute NAC to monitor span traffic of core switch.
- Creation of policy and successful testing of asset classification, Guest Access, application classification and patch and AV update.
Administrator L2
IT Source Technologies
11.2013 - 05.2015
- Resolve Network access related problems, improved operations and provided exceptional client support.
- Increase customer satisfaction by resolving escalated issues.
- Handle calls and resolve problem tickets as per SLA to address customer inquiries and concerns.
- L2 level troubleshooting on any abnormalities observed in FTP, SFTP, Seclore, PGP applications, unresolved by L1 team member & sharing the RCA for major incident tickets.
- Escalating unresolved major incidents to Principle vendors and partner vendors for getting immediate resolution and as per SLA.
- Maintaining documentation of project data, plan, progress, issues, resolution,risks, task Completion.
- Configuring and Troubleshooting (L1) Firewall / NAT Rules on Checkpoint firewall.
- Seclore file encryption, Globalscape SFTP, Symantec whole disk encryption deployment and troubleshooting.
- Seclore/SFTP/PGP DR-Drill planning and implentation.
- Vulnerability scanning of internet facing servers with Qualys Scanner.
Dell Support Engineer
Aparajitha Dynamic Synergies Limited
08.2012 - 11.2013
- Dell Laptop and Desktop assembling
- Troubleshooting Dell laptop's hardware & software issues
- Troubleshooting Dell desktop's and workstation's hardware issues.
- Escalating unresolved major incidents to Principle vendors and partner vendor for getting immediate resolution and as per SLA.
Education
Bachelor of Science - Hardware Networking & Digital Communication
KSOU
Mumbai06.2012
Skills
Data protection
Network protection
Email protection
Endpoint protection
Compliance audits
Governance, Risk, and Compliance (GRC)
People management
Certification
Checkpoint Certified Security Administrator
Known Technologis
- Firewalls
- WAF, DDOS
- NAC
- DAM
- ZTNA
- CASB
- DLP
- External threat management
- DMARC
- DSPM
- Enterprise browser
- PAM
- Entra ID
- Microsoft Defender for office
- Silverfort identity protection
Timeline
Certified Information Security Manager
12-2025
Implementing ISO/IEC 27001:2022
08-2023
Chief Manager- Information Security
ICICI Lombard General Insurance
07.2021 - Current
Lead- Information Security
Financial Software and systems Pvt Ltd
11.2020 - 06.2021
Checkpoint Certified Security Administrator
05-2020
Microsoft Certified Technology Specialist (Active directory configuration, Microsoft Exchange Server 2010, Configuring)
05-2020
Information Security Manager
IndiaFirstLife Insurance Company Ltd
08.2018 - 11.2020
Security Engineer L2
Softcell Technologies Ltd
12.2016 - 07.2018
Administrator L3
Wipro Technologies
06.2015 - 12.2016
Administrator L2
IT Source Technologies
11.2013 - 05.2015
Dell Support Engineer
Aparajitha Dynamic Synergies Limited
08.2012 - 11.2013
Bachelor of Science - Hardware Networking & Digital Communication
KSOU