Sandeep Kumar-CISSP
Bengaluru
Summary
Cybersecurity professional with over 17+ years of experience in leading organizational change in Cybersecurity transformation, Information security risk management, Digital workplace transformation, Application & Infrastructure modernization and IT Service management.
- Cybersecurity enthusiast with deep experience in managing Technology & Business Risks, Risk reporting and Cybersecurity technology stack.
- Advocates Zero trust, Well versed with NIST CSF, MITRE ATT&CK framework, Risk management framework, industry leading practices & taxonomies.
- Hands-on experience in ISO 27001:2013, ISO 20000:2011, Capability maturity model & SIAM implementations.
- Program management experience in leading software development & IT infrastructure projects, Avg ticket size - 80M USD
- An Individual with proven abilities to plan, organize and lead in a dynamic work environment, with strong communication, presentation and management skills.
Overview
17
17
years of professional experience
1
1
Certification
Work History
Senior Project Manager - Security Practice
Microsoft
09.2018 - Current
- Leading multi-year Cloud Migration & Cyber Security transformation program for one of the FSI client (TCV 95 M USD)
- Responsible for end-to-end Program management including financials, resourcing and scope changes.
- Project scope spans across deploying Microsoft Defender and Compliance suit such as purview, defender for end point/cloud apps.
- Leading program effort to align client's business strategy and transformation objectives.
AVP - Information and Cybersecurity
Standard Chartered GBS
09.2018 - 05.2022
- Information & Cybersecurity champion (Business Risk Manager) for SCB GBS entities and Governance lead for Group Function's ICS Risk Management team
- Leading Threat scenario led Risk Assessment to produce risk profile and subsequently driving treatment plan/s aligned to Group's risk appetite statement/Board Risk Appetite Matrix
- Crafted 12-month roadmap for technical control adoption across key control domains such as Security Logging and Monitoring, Information Protection, IAM, Network Segmentation and other resiliency measures.
- Working with Enterprise Risk Management, Internal audit, Enterprise technology teams to ensure that technology & security functions operate within defined risk appetite or identify required remediation activity.
- Supporting enterprise initiatives in several areas such as Risk framework transition, Control testing and attestation, LRM (Legal, Regulatory and Mandatory) RFI responses
- Member of SOC 2, Type II audit assessment team for one of Institutional banking function.
- Led "Reciprocal-Third Party Security Assessment (r-TPSA)”, a client due diligence activity for assurance about organization's information security posture.
- In previous role, led Cybersecurity transformation program consisting of 5 multiyear complex projects in Identity & access management domain.
- Key Projects: Multi-Factor Authentication, Privilege Identity Management, Access Automation & Governance, Birthright Access
Senior Manager
Microland Limited
01.2016 - 09.2018
- Member of Core committee responsible for ISO 27001:2013 implementation.
- Responsible for transitioning / offshoring Infrastructure, Application management and Managed security services for “Existing-New & New-New business” right from RFP stage till operational sustenance through HOTS process
- Led project management teams to manage USD 20+ million revenue transition projects, Multiple technologies, multiple geographies and with consistent C-sat 4.5+/5 C-Sat scores.
- Led initiative to develop Project Management framework and "Critical to Quality" for each tollgate for transition/PMO function.
Associate Consultant
HCL Technologies
07.2014 - 01.2016
- ISO 27001:2013 audit champion for BFSI accounts
- Led Internal governance to comply with 3rd party security audit for a leading European Bank and implementation of robust Governance, Risk & Compliance framework for continual monitoring.
- Led Oracle identity analytics project implementation.
- Project Champion for Digital workplace transformation project (EDGE) to modernize end user computing experience and upgrade desktop and email environments, Team Size-50 and TCV 15M USD
- Transitioned ITSM processes and SIAM integration practices for a leading European Bank
Assistant Manager
MetLife Global Operations Support Center
04.2011 - 04.2014
- Led implementation of "ISMS" and subsequent external ISO27K Audit & certification, Implementation of ISO 20K standard across GOSC and Process Engineering group member for CMMi for Services implementation
- Diverse role, which focused on IT Service Delivery, Project Management and Information Security
- Led team for 50+ Internal and partner team members to manage service operations for 10000+ end users, Lead service improvement project to achieve and sustain consistent SLA of 99%
- Optimized overall operational costs by 5% over a period of 3 years through standardization.
- Improved C-SAT to 94%,an upward increase by 40% YoY with 60% sample size
Operations Manager
Wipro Limited
05.2006 - 04.2011
- Set up Enterprise Service Desk, NOC & Data Center support set up for global customers including "Built, Operate and Transfer" model
- Responsible for overall account management (Service level management, Continual service improvement, Resourcing, P&L, Farming business growth, customer satisfaction, training & development etc.)
- 20% profitability enhancement through one time billable and Resource optimization for account worth INR 3+ million TCV account
Education
Bachelor of Engineering - Electronics & Communications
Amravati University
Maharashtra04.2003
Skills
- Information Security Risk Management
- Threat Intelligence
- Digital Security & Resiliency
- Identity & Access Management
- Privacy
- Cybersecurity Transformation
- Governance Risk Compliance
- Project & Program Management
- Organization Change Management
- Digital Transformation
Certification
- CISSP
- ISO 27001:2013 LA & ISO 20000:2011 LI
- PMP, CSM & PSPO
- Azure Fundamentals (AZ 900) & Azure Security Fundamentals (AZ 500)
- ITIL Intermediate
Timeline
AVP - Information and Cybersecurity
Standard Chartered GBS
09.2018 - 05.2022
Senior Project Manager - Security Practice
Microsoft
09.2018 - Current
Senior Manager
Microland Limited
01.2016 - 09.2018
Associate Consultant
HCL Technologies
07.2014 - 01.2016
Assistant Manager
MetLife Global Operations Support Center
04.2011 - 04.2014
Operations Manager
Wipro Limited
05.2006 - 04.2011
Bachelor of Engineering - Electronics & Communications
Amravati University
Similar Profiles
Danielle Mc EvoyDanielle Mc Evoy
Service Engineer IC2 at MicrosoftService Engineer IC2 at Microsoft
TONY HAUGENTONY HAUGEN
Partner Customer Account Manager / Customer Success Account Manager at MicrosoftPartner Customer Account Manager / Customer Success Account Manager at Microsoft
Denis MazurovDenis Mazurov
Senior Software Engineer at MicrosoftSenior Software Engineer at Microsoft
Shubham SinghShubham Singh
Software Developer II (Level 62) at MicrosoftSoftware Developer II (Level 62) at Microsoft
Abha MauryaAbha Maurya
Capex Controller at Diageo IndiaCapex Controller at Diageo India