$$$$
{{ $t($store.state.user.experience_value_in_dollars) }}
Expert
{{ $t($store.state.user.experience_search_name) }}
0
jobs
Information Security Risk Manager
Manoj kumar K, CISSP
,
Watford, United Kingdom
Experience
Other titles
Skills
I'm offering
I am an accomplished Information Security Professional with strong client interfacing skills and a proven track record of delivering using a strong risk assessment methodology. I have Several years of relevant professional experience in IT Compliance and IT Risk Management.
I have Expert knowledge in IT Risk assessment, IT Compliance programs
and Data Protection principles and practices
An efficient, innovative and highly motivated individual with excellent interpersonal skills and the ability to communicate concisely at all levels. I am a self-starting person who has lots to offer in terms of enthusiasm with the ability to bring high standards to the workplace with proven leadership and managerial skills from both a “hands on” and “off” capability. Comfortable working in a fast-paced, growth orientated work environment and possessing a proven ability to ensure that brand messages, standards and communications are understood and implemented correctly, possessing a good understanding of client customer relationships.
As someone who is recognised for my professionalism and for my proactive approach, I am now seeking a challenging role offering growth opportunity where I can meet business goals, enhance productivity and acquire additional skills.
I have Expert knowledge in IT Risk assessment, IT Compliance programs
and Data Protection principles and practices
An efficient, innovative and highly motivated individual with excellent interpersonal skills and the ability to communicate concisely at all levels. I am a self-starting person who has lots to offer in terms of enthusiasm with the ability to bring high standards to the workplace with proven leadership and managerial skills from both a “hands on” and “off” capability. Comfortable working in a fast-paced, growth orientated work environment and possessing a proven ability to ensure that brand messages, standards and communications are understood and implemented correctly, possessing a good understanding of client customer relationships.
As someone who is recognised for my professionalism and for my proactive approach, I am now seeking a challenging role offering growth opportunity where I can meet business goals, enhance productivity and acquire additional skills.
Markets
United Kingdom
Industries
Language
English
Fluently
Ready for
Larger project
Ongoing relation / part-time
Full time contractor
Available
My experience
2015 - ?
job
Information Security Risk Manager
DXC Technologies.
Client - Lloyds of London (Insurance)
Key Responsibilities:
• ISMS Programme: Responsible to manage the ISMS risk management program in line with 27001, escalating risks and issues to technology and security management and client's senior Security and Compliance leadership.
• Responsible to perform cybersecurity controls testing across the network to determine control effectiveness and adherence to ISO27001 requirements
• Audit - Interfaced as security liaison to internal/external auditors to ensure all scheduled surveillance audits are completed as planned.
• Responsible for Tracking and monitoring implementation of action plans to ensure remediation of identified issues
• Governance- Responsible to support IT health check, Audits, Pen tests, Patching and delivering the service to the customer
• Risk Assessment and Incident prevention - Successfully developed and implemented an on-going risk assessment program targeting information security and privacy matters in line with 27001 requirements.
Responsible for conducting technology risk reviews.
• Providing, maintaining and developing monthly and quarterly risk reporting at relevant governance, steering, working groups.
• Policy - Drafted and published Information Security policies, standards and procedures, working with Key IT offices, data custodians and governance groups in the development of such documents. Responsible for dissemination of the policy documents across the business.
• Relationship Management- Responsible for developing and maintaining relationships with cybersecurity, technology, legal, and risk leaders
Key Responsibilities:
• ISMS Programme: Responsible to manage the ISMS risk management program in line with 27001, escalating risks and issues to technology and security management and client's senior Security and Compliance leadership.
• Responsible to perform cybersecurity controls testing across the network to determine control effectiveness and adherence to ISO27001 requirements
• Audit - Interfaced as security liaison to internal/external auditors to ensure all scheduled surveillance audits are completed as planned.
• Responsible for Tracking and monitoring implementation of action plans to ensure remediation of identified issues
• Governance- Responsible to support IT health check, Audits, Pen tests, Patching and delivering the service to the customer
• Risk Assessment and Incident prevention - Successfully developed and implemented an on-going risk assessment program targeting information security and privacy matters in line with 27001 requirements.
Responsible for conducting technology risk reviews.
• Providing, maintaining and developing monthly and quarterly risk reporting at relevant governance, steering, working groups.
• Policy - Drafted and published Information Security policies, standards and procedures, working with Key IT offices, data custodians and governance groups in the development of such documents. Responsible for dissemination of the policy documents across the business.
• Relationship Management- Responsible for developing and maintaining relationships with cybersecurity, technology, legal, and risk leaders
It, Manager, Audit, Health, Development, Testing, Assessment, Monitoring, Insurance, Support, Implementation, Audit, ISO27001, Network, Security, Compliance, Technology, Service, Management, Leadership, Information Security, Risk Management
2011 - 2015
job
CISO (Country Information Security Officer)
DHL Express.
Key Responsibilities:
• Relationship Management- Worked closely with the senior Security and Compliance leadership as the focal point for IT security or compliance matters that affect the company.
• Gap assessments: All phases of achieving and maintaining 27001 compliance with regard to scoping, gap analysis and remediation action
• Audit - Interfaced as security liaison to internal/external auditors to ensure company is in compliance with regulations based on the Internal Security frameworks based on ISO 27001.
• Policy - Drafted and published Information Security policies, standards and procedures, working with Key IT offices, data custodians and governance groups in the development of such documents. Responsible for dissemination of the policy documents across the business.
• Risk Assessment and Incident prevention - Successfully developed and implemented an on-going risk assessment program targeting information security and privacy matters in line with 27001 requirements.
Responsible for conducting technology risk reviews.
• Work with users, technical groups and management in the development and the implementation of security strategies designed to provide a high level of security over data and information systems.
• Breach reduction Responsible for reporting significant breaches in security to senior management. Interviewing offenders in conjunction with the relevant line manager or on own authority if the breach warrants it. Where appropriate, participates in forensic evidence gathering, disciplinary measures.
• Incident Response - Developed and implemented an Incident reporting and response system to address security incidents (breaches) and in performing investigation and recommending appropriate corrective action.
• Relationship Management- Worked closely with the senior Security and Compliance leadership as the focal point for IT security or compliance matters that affect the company.
• Gap assessments: All phases of achieving and maintaining 27001 compliance with regard to scoping, gap analysis and remediation action
• Audit - Interfaced as security liaison to internal/external auditors to ensure company is in compliance with regulations based on the Internal Security frameworks based on ISO 27001.
• Policy - Drafted and published Information Security policies, standards and procedures, working with Key IT offices, data custodians and governance groups in the development of such documents. Responsible for dissemination of the policy documents across the business.
• Risk Assessment and Incident prevention - Successfully developed and implemented an on-going risk assessment program targeting information security and privacy matters in line with 27001 requirements.
Responsible for conducting technology risk reviews.
• Work with users, technical groups and management in the development and the implementation of security strategies designed to provide a high level of security over data and information systems.
• Breach reduction Responsible for reporting significant breaches in security to senior management. Interviewing offenders in conjunction with the relevant line manager or on own authority if the breach warrants it. Where appropriate, participates in forensic evidence gathering, disciplinary measures.
• Incident Response - Developed and implemented an Incident reporting and response system to address security incidents (breaches) and in performing investigation and recommending appropriate corrective action.
Audit, Information Security, Leadership, Management, Technology, Compliance, Security, It, Implementation, ISO 27001, Assessment, Development, Audit, Performing, Manager
2009 - 2011
job
Information Security Manager
Thetrainline.com.
London
Key Responsibilities:
• Responsible for conducting Business impact assessment to identify and assess IT security risk/exposure on new and existing infrastructure
• Responsible for reporting significant breaches in security to senior management. Interviewing offenders in conjunction with the relevant line manager or on own authority if the breach warrants it. Where appropriate, participates in forensic evidence gathering, disciplinary measures.
• All phases of achieving PCI DSS compliance with regard to scoping, gap analysis and remediation action
definition, and implementation of necessary remediation actions.
• Conducted reviews of new business proposals and planned technical changes and provides specialist guidance
on security issues and implications.
• Facilitated and influenced the development of secure business applications and infrastructure through active input to and assessment of development projects.
Key Responsibilities:
• Responsible for conducting Business impact assessment to identify and assess IT security risk/exposure on new and existing infrastructure
• Responsible for reporting significant breaches in security to senior management. Interviewing offenders in conjunction with the relevant line manager or on own authority if the breach warrants it. Where appropriate, participates in forensic evidence gathering, disciplinary measures.
• All phases of achieving PCI DSS compliance with regard to scoping, gap analysis and remediation action
definition, and implementation of necessary remediation actions.
• Conducted reviews of new business proposals and planned technical changes and provides specialist guidance
on security issues and implications.
• Facilitated and influenced the development of secure business applications and infrastructure through active input to and assessment of development projects.
Information Security, Management, Compliance, Security, It, Implementation, Infrastructure, Assessment, Development, Manager
2007 - 2009
job
IT Security Manager
ESAB Holdings Ltd.
Key Responsibilities:
• Responsible for the quality and on-time completion of projects including the analysis of requirements, estimation of effort, planning and tracking.
• Provided information and assurance to senior management that risks were identified and mitigated or managed appropriately within agreed standards and policies.
• Successfully built relationships with technology management and staff in order to influence business decisions and obtain buy-in from employees.
• Developed timely and appropriate management reports on IT Security Control reviews.
• Identified risks and worked with stakeholders to agree action plans.
• Created Policies and Procedures based on ISO 27001.
• Responsible for the quality and on-time completion of projects including the analysis of requirements, estimation of effort, planning and tracking.
• Provided information and assurance to senior management that risks were identified and mitigated or managed appropriately within agreed standards and policies.
• Successfully built relationships with technology management and staff in order to influence business decisions and obtain buy-in from employees.
• Developed timely and appropriate management reports on IT Security Control reviews.
• Identified risks and worked with stakeholders to agree action plans.
• Created Policies and Procedures based on ISO 27001.
Management, Technology, Security, It, ISO 27001, Manager
2009 - 2009
freelance
IT Contractor
unknown.
Various
• Worked on IT Security contract opportunities
• Worked on IT Security contract opportunities
Security, It
2004 - 2007
job
Information Security Lead
IBM Global Services.
Key Responsibilities: (Client 1 - Royal Dutch Shell (UK))
• In London to lead a team of resources working for the ISIP Project, responsible for the quality and on-time completion of projects including the analysis of requirements, estimation of effort, planning, tracking and resource allocation.
• Successfully lead the technical project teams to implement audit compliance controls.
• Performed health-check for assurance against the "Baseline".
• Risk Assessment planning; due diligence investigations; service definition; pre-transition/transformation activities
Key Responsibilities: (Client 2--Siebel Inc.)
• Interacted with various teams to understand the overall application architecture & design of the Siebel Application.
• Conduct a detailed application security assessment of Siebel using the IBM Ethical hacking methodology using various open source and commercial tools such as Nessus, Webinspect & IBM's proprietary NSA Tool.
• Provided OS hardening recommendations and enforced recommendations with the help of MIS teams.
• Supported other customers such as: Texas Instruments, ICICI Bank, Iseva, Icelerate, Tata, Unilever for both Pre-sale and project delivery.
• In London to lead a team of resources working for the ISIP Project, responsible for the quality and on-time completion of projects including the analysis of requirements, estimation of effort, planning, tracking and resource allocation.
• Successfully lead the technical project teams to implement audit compliance controls.
• Performed health-check for assurance against the "Baseline".
• Risk Assessment planning; due diligence investigations; service definition; pre-transition/transformation activities
Key Responsibilities: (Client 2--Siebel Inc.)
• Interacted with various teams to understand the overall application architecture & design of the Siebel Application.
• Conduct a detailed application security assessment of Siebel using the IBM Ethical hacking methodology using various open source and commercial tools such as Nessus, Webinspect & IBM's proprietary NSA Tool.
• Provided OS hardening recommendations and enforced recommendations with the help of MIS teams.
• Supported other customers such as: Texas Instruments, ICICI Bank, Iseva, Icelerate, Tata, Unilever for both Pre-sale and project delivery.
Design, Audit, Information Security, Due Diligence, Service, Compliance, Architecture, Security, Open source, Security Assessment, Transformation, Assessment, Hacking, Health, Audit
2003 - 2004
job
Network Team Lead
Timken Engineering & Research.
Network
2001 - 2003
job
Senior Engineer
Vinciti Networks Pvt. Ltd.
1997 - 2001
job
Network Engineer
Vaks Online Services.
Network
My education
?
-
2013
Henley Business School
MBA, Business
MBA, Business
?
-
1997
Bangalore University
Bachelors, Engineering
Bachelors, Engineering
Manoj's reviews
Manoj has not received any reviews on Worksome.
Contact Manoj kumar K, CISSP
Worksome removes the expensive intermediaries and gives you direct contact with relevant talent.
Create a login and get the opportunity to write to Manoj directly in Worksome.
38000+ qualified freelancers
are ready to help you
Tell us what you need help with
and get specific bids from skilled talent in Denmark