Syed Arifuddin
Hyderabad
Summary
Results-driven information security professional with 10+ years of experience specializing in risk assessments, IT infrastructure including Cloud, and network security. Expertise in identifying vulnerabilities, assessing risks, and implementing robust security controls to protect sensitive data and critical systems. Proficient in conducting comprehensive security assessments, utilizing industry-standard frameworks and methodologies. Strong understanding of regulatory compliance requirements. Proven track record of collaborating with cross-functional teams to develop and implement effective security strategies.
Overview
20
20
years of professional experience
1
1
Certification
Work History
Senior Information Security Engineer
Wells Fargo India Solutions Pvt Ltd
02.2018 - Current
- The Information Security Evaluation (ISE)
process is responsible for assessing the security risk of information assets/Critical applications to determine how the information security risk affects the ability of Wells Fargo to effectively provide services and meet obligations to customers, stakeholders, and regulators - Gathers data regarding the information and technology assets of the organization infrastructure, threats to those assets, vulnerabilities, existing security controls and processes, and the current security standards and requirements
- Analyzes the probability and impact associated with the known threats and vulnerabilities to their assets on the network
- Extract vulnerability scan reports and ensure they are analyzed as per rating
- Remediation of vulnerabilities of the critical applications as per priority
- Conduct security assessments of client organizations to identify risks and recommend solutions
- Develop and implement security plans and procedures
- Monitor compliance with security policies and procedures
- Conduct security assessments of information assets and make recommendations for improvements
- Monitor compliance with security policies and procedures
- Third party Risk management, identify the Findings and Gaps during evaluation
- Performing UAT/SIT testing in ISRMT Platforms
- Collaborate with Information Security Business teams to develop requirements
Operational Risk Consultant 2
Wells Fargo India Solutions Pvt Ltd
07.2012 - 02.2018
- The Enterprise Information Security (EIS) Process Governance is second level oversight for a risk assessment as required by the Information Security Risk Assessment (ISRA) process
- Conducting risk assessments for new and current assets, track and report high risks, review and recommend remediation plans
- Conducting Process Governance and EIS reviews in accordance with ISRA program guidelines
- Validate all sections of security plans for the correctness and completeness
- Coordinate with Information Security Consultant on the findings and suggest for the changes to improve the overall quality of assessments
- Credibly challenged ISC’s on finding which ISC initially thought they were non-findings
- Supporting the Information Security Risk Assessment (ISRA) methodology by providing Line of Business-driven Risk Light Assessments in Sparc
Analyst II
JP Morgan
11.2011 - 06.2012
- Company Overview: Information Security and Risk Management (Systems and Data Security)
- Perform Windows Systems Security Tasks including:
- Document security administration procedures and practices
- Patch Management: Ensure that the systems are up to date with latest security Patches released from Microsoft
- Vulnerability Management: Ensure that the systems vulnerability is managed, mitigated, and monitored throughout
- Access Control: Maintain a controlled user access environment from different capacities of employees on need-to perform basis
- Maintain the integrity of business approvals on each user access request from standard tool and process
- Provide support to Disaster Recovery in linking up the backup user profiles in Business Continuity Plan and to perform drill on getting expected result
- Information Security and Risk Management (Systems and Data Security)
Analyst II
Bank of America
06.2009 - 01.2011
- Providing remote support for 18000+ servers
- Systems Administration of Windows 2000 / 2003 Servers
- Level 2 support for Windows 2000 / Windows 2003 Servers infrastructure and administration of Datacenter
- Responding and resolving the tickets/ issues within the SLA time
- End to End windows 2000 & 2003 support.(OS issues, patches, Disk, CPU, Memory utilization)
- Managing and Administrating Active Directory Groups
- Configuring Windows 2000/ 2003 Active Directory Server and GCS
- Break fix various production issues like Server down, Unexpected shutdowns, etc
- Measuring server performance and updating the server as per the analysis
- Troubleshooting Windows cluster servers & cluster re-balancing
- Monitoring recurring issues on trouble servers & raising CRQ’s related to it
- Maintenance of application servers & critical drive issues of it
- Server Fine tuning & performance optimization
System Engineer
Hewlett Packard
02.2005 - 05.2009
- Company Overview: IT Service Delivery is responsible for coordinating with respective business team and IT Operations team to understand and deliver services as per client requirements
- Capacity and IT infrastructure planning and co-ordination
- Coordinating with business leaders and client in understanding and delivering the services as per their requirement
- Enable business by partnering with internal & external teams and improve the availability & reliability of IT infrastructure, on time provisioning of services, drive for excellence and establishing a strong connect
- BRM(Business review meetings) with delivery teams to cover all location projects every quarter
- Front end client visits from IT standpoint & take care of all IT related requirements during such visits
- Drive CSAT coverage & excellence in IT services
- Handled setting up of IT / Network infrastructure in office expansion of 400 Servers
- Established ODC as per client requirements at par with per HP IT/ Network/ InfoSec policy
- IT Service Delivery is responsible for coordinating with respective business team and IT Operations team to understand and deliver services as per client requirements
Education
MSc - computer Science
Osmania University
01.2003
BSc - Computer Science
SK University
01.2000
Skills
- Information security expertise with a proven track record in safeguarding digital assets, mitigating risks, and implementing cybersecurity measures
- Accomplished security assessment specialist at conducting risk analysis, implementing controls, and driving actionable solutions to position the risk
- Implementing security policies and procedures to ensure adherence and bolster the organizations overall posture
- Risk management expert with a proven ability to analyze and mitigate potential threats
- Frameworks and standards
ISO 27001
NIST Framework, GDPR, PCI DSS, GLBA - Certified in CRISC and CISM
Certification
- CRISC, 01/24
- CISM, 01/23
- CEHv8, 01/19
- AZ 900, 01/23
Timeline
Senior Information Security Engineer
Wells Fargo India Solutions Pvt Ltd
02.2018 - Current
Operational Risk Consultant 2
Wells Fargo India Solutions Pvt Ltd
07.2012 - 02.2018
Analyst II
JP Morgan
11.2011 - 06.2012
Analyst II
Bank of America
06.2009 - 01.2011
System Engineer
Hewlett Packard
02.2005 - 05.2009
BSc - Computer Science
SK University
- CRISC, 01/24
- CISM, 01/23
- CEHv8, 01/19
- AZ 900, 01/23
MSc - computer Science
Osmania University
Similar Profiles
Mahesh BabuMahesh Babu
Senior Loan Servicing Specialist at Wells Fargo India Solutions PVT LTDSenior Loan Servicing Specialist at Wells Fargo India Solutions PVT LTD
NITHYAPRABHU SNITHYAPRABHU S
Trade Service Processor at Wells Fargo India solutions PVT LTDTrade Service Processor at Wells Fargo India solutions PVT LTD
Sethu Madhavan SunderSethu Madhavan Sunder
Senior Commercial Banking Portfolio Cordinator at Wells Fargo India Solutions Pvt LtdSenior Commercial Banking Portfolio Cordinator at Wells Fargo India Solutions Pvt Ltd