Yasir Nisar Beigh
Summary
An enthusiastic & high energy-driven professional, aiming to utilize the professional experience, knowledge and skills to create a growth path for own self and the organization Location Preference: Global Industry Preference: IT Profile Summary A result-oriented professional with over 8.5 years of experience in Information Security and IT Compliance Management A certified ISO 27001 Lead Auditor, CEH and ITIL V4, ISO 27701 and GDPR Hands on experience in implementation and handling Internal audits/external audits based on ISO 27001, 27701 and SOC 2 and GDPR Developed effective processes associated with risk management, environmental, physical and logical security, access control, data backup and restoration, media management, change management, log management, employee exit, service level agreement, business continuity and disaster recovery management Professional expertise in the design and implementation of strategic security programs that provide operational excellence Acknowledged for exceptional performance in process improvements, change management and facilitation of multiple projects while ensuring compliance with the law Rich knowledge in Information Security and security plans An effective communicator with excellent team building and relationship management skills
Overview
9
9
years of professional experience
2
2
years of post-secondary education
4
4
Certifications
1
1
Language
Work History
Associate Information Security Lead
To The New Pvt. Ltd
Delhi
06.2022 - Current
- Maintaining Security Compliance Framework as per security policy & directives; developing control framework for security health checks monitoring
- Risk Assessments
- Handling a team of 5 members
- Project management
- Revising end-user security documentation, policies, cheat sheets & induction PPTs; enhancing the visibility of security performance by publishing metrics in the risk dashboard
- Performing gap analysis for Information Security Management System (ISMS) implementation
- Administering organizational structure and roles for IS, Information Management and IT Teams aligned with business unit plans; creating and managing new organization ‘Security Operations Centre’
- Reviewing and developing client's custom control catalogues to ensure alignment of test procedures and control language for increasing efficiencies in the remote execution of test procedures
- Supporting client service delivery by consistently meeting quality guidelines within the established turnaround times and budget for the request assigned
Information Security Governance Specialist
Koch Business Solutions India
09.2018 - 06.2022
- Considered a subject matter expert of KGS owned Governance Risk Compliance (GRC) systems (i.e., ZenGRC)
- Demonstrable understanding of security standards such as ISO 27001:13 and NIST frameworks
- Responsible for TPRM process and approval
- Promote and maintain security standards, policies, and procedures, also by conducting security awareness training throughout organization
- Conduct Periodic compliance reviews against regulatory Information Security requirements and internal Policies, procedures, and standards
- Safeguarding organizational data using DLP policies
- Detail Oriented / Critical Thinker – Able to thoroughly review process documentation and verify requirements coverage (i.e., ISO27001/2, HIPAA, NIST) flagging any gaps or areas not covered
- Worked as an EDR (Crowd Strike admin)
IT Security Admin
Epsilon India
Bangalore
07.2016 - 08.2018
- I had the opportunity to work on Qradar, Splunk, Sematic Endpoint, Cisco Sourcefire, Resilient, and Service now, Qualys etc
- Real-time monitoring of corporate environment for security incidents, investigate suspicious activity, correlate events, and conduct technical analysis of network traffic and end-point systems
- Perform analysis on malware and phishing/spam email activity, provide recommendations and take steps to stop the same
- Working on Qradar log integration, creation of alerts and fine tuning
- Analysing data loss prevention through Semantic, provide recommendations on false positives to fine tune the alerts
- Mitigating the threats to systems using semantic end point protection
- Proactively investigate on users for visiting malicious websites- Content Filtering
- Vulnerability assessment for servers, network devices and web applications and assistance with remediation wherever required
- Monitor and investigate the irregular activities on Critical devices
- Recommend enhancements to SOC security process, procedures, and policies.
SOC Engineer
Quintiles India
Bangalore
07.2014 - 06.2016
- Assessing and Validating the Impact and Urgency of the Incident
- Monitor Security Logs and events to determine cause of security related events or to identify potential security risks
- Monitor dashboards to keep track of security events, health of SIEM devices
- Real-Time Monitoring, Investigation, Analysis, Reporting and Escalation of Security Events from multiple log sources
- Report on anomalies outside expected norm
- Actively coordinate and cooperate with other teams, to ensure best IT Security practices and deliveries and a smooth interaction
- Imparting knowledge to the newly inducted team members on the business and technology
Education
Master of Computer Applications -
University Of Kashmir
Kashmir 01.2011 - 05.2013
Skills
Package: MS Officeundefined
Additional Information
- Address: , Chinigund Kanalwan Bijbehara Anantnag Kashmir (192124)
Certification
ISO 27701 LA
Timeline
ISO 27701 LA
02-2023
Associate Information Security Lead
To The New Pvt. Ltd
06.2022 - Current
ISO 27001 LA
03-2022
CEH
03-2021
Information Security Governance Specialist
Koch Business Solutions India
09.2018 - 06.2022
IT Security Admin
Epsilon India
07.2016 - 08.2018
ITIL
03-2016
SOC Engineer
Quintiles India
07.2014 - 06.2016
Master of Computer Applications -
University Of Kashmir
01.2011 - 05.2013
Similar Profiles
GAYATHRI DEVIGAYATHRI DEVI
Assistant of Regulatory Affair at VKL SEASONING PVT. LTD. / KEYA FOODS INTERNATIONAL PVT. LTDAssistant of Regulatory Affair at VKL SEASONING PVT. LTD. / KEYA FOODS INTERNATIONAL PVT. LTD
Anum HasanAnum Hasan
Head of Department -Software Project Management & Business Development at Appedology (Pvt.) Limited - New Name of Protégé Global (Pvt.) LimitedHead of Department -Software Project Management & Business Development at Appedology (Pvt.) Limited - New Name of Protégé Global (Pvt.) Limited
Thiyaga Lakshmi VellaiSamyThiyaga Lakshmi VellaiSamy
Senior Software Implementation Specialist at DigiSME Pvt Ltd (a) Majulah Info-Tech Pvt LtdSenior Software Implementation Specialist at DigiSME Pvt Ltd (a) Majulah Info-Tech Pvt Ltd