SHAHEER MOHAMMED PUTHANVEETTL
+91-7406998264, [email protected]
II FLOOR, ARADHANA NILAYAM
OPP TO SAI LEELA APARTMENT, SAI COLONY
BELATHUR, KADUGODI,BANGALORE – 560067
KARNATAKA, INDIA
______________________________________________________________________________________________
SUMMARY:
An IT Security professional with functional experience in the areas of risk management, information security, data
privacy, vulnerability management, firewalls, security auditing, governance & compliance, operations management.
EDUCATION:
Graduation in B.sc from Andhra University, Visakhapatnam
Intermediate from Board of Intermediate Education, Visakhapatnam
SSC from Board of Secondary Education, Visakhapatnam
TECHNICAL QUALIFICATION:
Applications : Microsoft Exchange, Citrix, Lotus Notes
Security Tools : Retina Scanner, Snort, NMAP, Nessus, Burp Suite, Wireshark
CRM Tools : GRC Archer, Parature, BMC Remedy 7.5, Service Center
Standards : ISO 27001, PCI DSS, HIPAA, SOX
Governance Tools : RSA GRC Archer
CERTIFICATIONS:
Certified ISO 27001:2013 Lead Auditor (ISMS)
Certified Ethical Hacker (CEH) from EC-Council
ITIL v3
PROFESSIONAL EXPERIENCE:
I. IBM INDIA PVT. LTD, BANGALORE, INDIA
Advisory Consultant – Information Security (09th Jul 2015 – Till date)
Direct the information security focus of the Account’s health insurance business within the region,
maintaining the strategy and plans for delivering the appropriate levels of security
Ensure that contractual requirements for security are satisfied and that opportunities to improve security are
identified
Coordinate with the Legal Counsel team on all business related requirements and exceptions and provide
solutions compliant with contractual agreements
Work with the application development and engineering teams and build security into the environment
Ensure that comprehensive documented security processes are implemented
Perform security review and acceptance testing for all the applicable projects
Ensure compliance to HIPAA, ISMS, PCI DSS and IBM Data security policies
Identify the security requirements and recommend solutions to the clients. Some of the solutions implemented
were Symantec VIP, CyberArk
Perform audits to check compliance against legal and regulatory controls and standards
Provide appropriate mitigation controls for all the active list of risks and ensure continuous implementation
Review the risks and potential security findings monthly with the CISO
� Ensure the findings of the vulnerability assessments are followed up with the respective projects and the
findings closed within the timelines as applicable to the severity levels
Provide support for Change Control process by reviewing Change Requests for security implications where
applicable
Lead investigations in the eventuality of security incidents within the region
II. ACCENTURE, BANGALORE, INDIA
Information Security Lead – Governance, Risk & Compliance (31st May 2012 – 06th Jul 2015)
Delivers information security risk assessments (Certification and Accreditation) of projects, new technologies,
external service providers, and IT changes. Guides staff and managers on the appropriate risk mitigation
strategies
Conduct internal audits as per the IT Control framework
Managed the security program for major health insurance clients and ensured compliance to HIPAA and client
security policies
Provided consulting services to banking clients and ensure compliance to SOX across all delivery centers
Work with the Technology Standards team in building policies and standards for all applicable technologies
and technology devices like workstation, server security, FTP, DHCP, Auditing & Logging, Infrastructure
Security, Remote access, Encryption Security and many more
Perform audits and reviews as per the standards – ISO 27001, PCI DSS and SOX
Coordinate the Business Continuity planning activities across the line of business
Review the Metrics and Dashboard for Information Security - Strategy and Policy
Responsible for ensuring penetration testing and vulnerability assessments are carried out as per the plan
rolled out for the respective projects
As an advocate of information security, works closely and proactively with IT project team leaders, service
providers, and business units to provide security-related technical solutions. Identifies opportunities to
improve business practices or IT security-related processes
Manage various operations part of the Accenture SOC team and ensure response timelines are met across all
the verticals in the Organization
Work with the Client Data Protection team to ensure appropriate controls are in place to meet the data privacy
requirements
Prioritizes, monitors, and assesses compliance and audit recommendation results to ensure they are
comprehensive, robust, and of high quality
Coordinate with other delivery centers and stakeholders for joint delivery of security services
Ensure project deliveries within specified timelines
Ensure deliverables are completed and signed off
Contribute broad and deep knowledge in Information Security across a broad operational framework/range of
projects
III. KNOAH SOLUTIONS PVT. LTD, HYDERABAD, INDIA
Assistant Manager – Compliance & Operations (09th Aug 2010 – 29th May 2012)
Implemented ISO 27001 across multiple functions, for both internal and client facing accounts
Built policies and standards in line with the Organization and Client security requirements
Conducting gap analysis, risk assessments to identify vulnerabilities
Represent the Internal Security Auditors group. Ensure the Organization and the specific client projects are
compliant to the security policies as per ISO 27001, PCI DSS
Conduct Security Audits to identify weaknesses in the implemented system and plan for remedial actions
Performing Network Vulnerability Assessments and review findings with the Clients and implement solutions
including policy remediation and selection
Member of the Internal Security Auditors group. Ensure the Organization is compliant to the security policies
as per ISO 27001
Represent the Security function in the Change Advisory Board
Assist in Business Continuity Planning and Implementation
Single point of contact for all the Client Interactions and Partner Performance Reviews
Conducting Security Awareness Training to new hires
Coordinate with the support teams to ensure smooth functions across Operations
Ensure the optimum utilization of the available manpower to meet the staffing
Share the NC & Observations with the respective stakeholders and build preventive measures
Conduct Performance and Annual Appraisals for the Team Leads and Supervisors
� IV. UNISYS GLOBAL SERVICES INDIA, HYDERABAD, INDIA
SSR2 – Application Support (01st June 2009 – 03rd August 2010)
Work directly with the Client IT to ensure the required infrastructure needs are met
Ensure the patches and the antivirus definitions of all the workstations are updated as per the timelines. Also
to ensure Workstations and Servers are hardened as per the security requirements and are kept in compliance
to the company standards
Ensure Access Control Logs are implemented across all support functions and are audited in a periodic
manner
Service Desk Incident Management and Reporting
POC for the incidents escalated by the Level 1 team and the web incidents submitted
Ensure that the team makes a follow up on all the pending incidents and report the trends to the offshore team
on a daily basis
Coordinate and work with the location IT team to understand the root cause of a problem and help in building
a permanent solution to the problem
V. KNOAH SOLUTIONS PVT LTD., HYDERABAD, INDIA
Senior Team Leader – Network Operations Center (5th Sep 2005 – 14th May 2009)
Lead a team of network engineers to perform the server updates and maintenance activities on client
infrastructure
In case of any network downtime, coordinate with the respective support functions at the Client end and
ensure the service is restored in the least possible time
Ensure the updates are rolled out to the identified servers in a timely manner
Responsible for maintaining the change control process
Coaching the team members on a weekly basis and set them new targets and action plans while monitor them
closely on a daily basis
Represent Knoah for all Client Interactions related to Operations Performance, Business Strategy, Network
Downtime and Vendor Management
PASSPORT DETAILS:
Passport Number : M1609765
Place of Issue : Bangalore, India
Date of Issue : 27th Aug 2014
Date of Expiry : 26th Aug 2024
PERSONAL DETAILS:
Father’s Name : C. P. MEERAN KOYA
DOB : 30-08-1985
Nationality : Indian
Religion : Islam
Marital Status : Married
Languages Known : English, Hindi, Malayalam and Telugu
Permanent Address : S/O C.P.MEERAN KOYA
ENGATTIL HOUSE
MURUKALLINGAL
(PO) CHALIYAM, CALICUT
KERALA – 673301, INDIA
(SHAHEER MOHAMMED PUTHANVEETTL)
