YASH SHUKLA
Bengaluru
Summary
Experienced Information Security Consultant with 8+ years of expertise in cybersecurity. Proven track record in resolving complex problems and enhancing customer satisfaction. Adept at implementing robust security measures to safeguard confidential information and mitigate risks. Continuously staying up-to-date with industry trends and technologies to provide cutting-edge solutions.
Overview
9
9
years of professional experience
2015
2015
years of post-secondary education
4
4
Certifications
2
2
Languages
Work History
Information Security Consultant
StickmanCyber
06.2021 - Current
- Conducted various cybersecurity posture assessment against NIST and ISO 27001
- Conducted PCI DSS gap assessment
- Performed audits for various environments and businesses
- Risk Assessment based on NIST 800-53 (Cybersecurity Framework)
- Performed Cyber Security Maturity Audits and creating assessment reports
- Acted as Consultant on demand for various clients providing Cybersecurity advisory service and helping clients meet cybersecurity requirements
- Acted as Single Point of Contact to ensure smooth communication between various internal team and clients, ensuring all commitments as per SoW are achieved
- Review of client network infrastructure, policies, and procedures
- Review of Audit log configuration
- Managing Internal ISMS
Associate Consultant
Capgemini India
09.2019 - 06.2021
- Conducting ISO 27001:2013 Application and Process Internal Audit and reporting Non-conformities and OFI's as part of the report
- Delivering security awareness training and customer process training to the new joiners
- Delivering security talks to the Capgemini Cybersecurity business unit on various information security topics on ad-hoc basis
- Preparing monthly security dashboard for the various activities carried out as part the project and presenting it to the Customer
- Preparing vulnerability assessment report as per the vulnerability for servers and applications
- Raising a Jira ticket for the vulnerability mitigation
- Monitoring daily and monthly IDS/IPS hits on the Customer applications from different Countries and reporting suspicious hits
- Monitoring and analysing Radware daily and monthly reports and reporting any malicious traffic received on the applications
Security Consultant
ISECURION Technologies & Consulting PVT LTD
12.2017 - 09.2019
- ISO 27001:2013 Implementation and Auditing for clients
- Performing Gap assessment
- Conducting Risk Assessments and documenting treatment plan
- Documenting Statement of Applicability
- Documenting various policies and procedures for ISMS
- Conduct Information security awareness training for the employees
- Helping in implementing security controls identified in risk treatment
- Conducting Internal audit
- Providing support during external audit
- Physical Security Assessment for the one of the BPO and Consulting firm in India
- Carrying out monthly vulnerability assessment for client using Nessus tool and providing a walkthrough to client
- Supporting client in closing the vulnerabilities
- Managing Internal ISMS
Associate Consultant
vAptus Consultancy Service Pvt. Ltd
05.2016 - 12.2017
- Vulnerability Assessment of Servers / Network device
- Conducting vulnerability assessment for the clients by using Nessus tool, Nmap and Qualys Guard
- Documenting vulnerability assessment report for the clients
- Provided report walkthrough and helped in mitigation of vulnerabilities
- Carried out application security testing for the client applications both manually and using tools such as Acunetix and Burpsuite
Education
Bachelor of Engineering - Electronics and Communications Engineering
Technocrats Institute of Technology and Science
Bhopal, KarnatakaSkills
NIST Cybersecurity Framework
Risk Management Framework
Payment Card Industry Data Security Standard (PCI DSS)
Vulnerability Management
ISO 27001
ISO 27005
ISO 31000
Microsoft Azure
Certification
CISA - Certified Information Systems Auditor (Training)
Personal Information
Gender: Male
Linkedin Profile
https://www.linkedin.com/in/yash-shukla-294844a3/
Timeline
Information Security Consultant
StickmanCyber
06.2021 - Current
Associate Consultant
Capgemini India
09.2019 - 06.2021
Security Consultant
ISECURION Technologies & Consulting PVT LTD
12.2017 - 09.2019
Associate Consultant
vAptus Consultancy Service Pvt. Ltd
05.2016 - 12.2017
Bachelor of Engineering - Electronics and Communications Engineering
Technocrats Institute of Technology and Science