Skills Matrix at the Bottom of the CV

PUNEET SHARMA
F-117, Dharampura, Najafgarh, New Delhi 110043
Contact No: 9810050898; Email: puneet1981_sh@yahoo.com

INFORMATION SECURITY/ OPERATIONS MANAGER

Seeking managerial level position across network security project management & operations

PROFILE
Offering 12 years of experience across the IT industry, an articulate bachelor of computer application &
backed with CCNA Certification & Bluecoat Certification BCCPSE plus having diploma course in
Electronics and Telecommunication Engineering. Currently associated with Tata Consultancy Services as
SOC Operations Manager.
Having vast experience in setting up and heading Techno-Commercial Operations, System Administration,
Projects in the IT sector with Knowledge of networking security technologies & Information Security
(Firewall, Proxy, content filtering IDS/IPS, VPN, Antivirus, Vulnerability Management, VAPT, WIPS,
SIEM) to provide a powerful combination of analysis, implementation, management and support.
Adequate knowledge of complete Project Management Life Cycle including Project Scoping, Technical
Specifications, Effort Estimates, Cost Estimation and Budgeting, Risk Management, Planning,
Monitoring & Tracking, Reporting & Communication Management, Process Compliance & Management,
Change Management and Resource Optimization
Sound understanding of Network & Information Security Management Systems; an out of the box thinker
with a unique blend of Qualitative and Technical acumen in providing effective customer support,
vulnerability & risk assessment, disaster recovery, etc.
Demonstrated capability of providing end-to-end Strategic IT & Security Solutions; a thorough
professional with solid experience in formulating robust integrated IT strategies while managing & leading
teams for running successful projects and developing Business Continuity Plans, Procedures, SLAs and
Service Standards for driving Business Service Excellence

TECHNICAL SKILLS
Firewall & Proxy Server
IDS/IPS:
AV, Content Filtering Anti Spam:
Bandwidth Optimization & Secure
Gateway
Vulnerability Scanner & PT
Routers
Checkpoint, Netscreen & Microsoft ISA 2006 ENT Edition
McAfee Intrusheild IPS, IPS/IDS IBM Proventia, Real secure ISS
NIDS/HIDS
Trend Micro, Symantec, Mcafee, Bluecoat, Websense and Iron port
Juniper Peribit & Bluecoat
Nexpose, Nessus, Nmap, GFI LANguard, Metasploit
M10, M20, ERX-1440, Basic Routing and Switching

PROFESSIONAL EXPERIENCE

Tata Consultancy Services July2012-Till Date

Tata Consultancy Services (TCS) is an information technology (IT) service provider offering business solutions,
and outsourcing services. TCS as per 2008 Forbes Global 2000 list, was ranked #927. TCS, a Tata Group company,
offers business consultancy and IT enabled services to clients in India and abroad through its redoubtable global
network delivery model. Tata Consultancy Services employed over 200,000 qualified IT professionals spread
over 42 nations.
SOC (Security Operation Center) Operations Manager/Head SOC
Ensuring 100% availability of services handled by SOC, determines appropriate levels of security controls,
infrastructure management, administrating & monitoring techniques by reviewing the sanity and corrections
 of reported data to develop and deliver a comprehensive information security system and maintain high
uptime.
Run Risk & Log assessment & Risk mitigation program for entire TCS, Incident management to safeguard
TCs from emerging threats and Zero Day Malwares.
Responsible for deployment & Management of Vulnerability Assessment and migration program across
TCS, to ensure 100% closure of all vulnerabilities daily.
Ensuring proper execution of daily task list, review of daily trackers and checklist for all the critical tasks and
services managed by SOC to ensure routine tasks completions and alarms for any service or process failure.
Develop & Maintain SLA for SOC, actively involved with team to check, supervise and managing
deliverables, response to mails and ensure timely closure of tickets and change requests
Manage the Operational Risk Program, experience in formulating strategies while managing & leading
teams for running a successful SOC operations
Review and correction of the daily checklists trackers and reports(shift-checklist, Daily backup logs, IPS
reports, Services availability, etc.) of SOC managed infrastructure in more proficient way to identify
gaps/short coming and modifying existing workflow procedures to meet higher standards, services
availability and uptime.
Execute the ownership of creating the information security service monthly reports for circulation with all
the stakeholders and Management.
Incident management & providing the root cause analysis and mitigation strategies on security incidents.
Maintaining & developing the issue tracker/register for SOC, worked with Domain teams to collect and
articulate data for updating issue tracker to record the progress and closure of running issues.
Authoring whitepapers and recommendations on Security findings, assessment of existing infrastructure
and suggestions on optimization of resources to derive enhanced output, exploring scope of improvement
and executing it with proficient planning.
Logs file analysis for the systems maintained by SOC to review existing log management and ensuring
continuous logging without any failure/interruption.
Identifying & closing system wide security vulnerabilities for applications maintained by SOC
Collating data, generating periodic reports & carrying out analysis of reports to facilitate strategy & capacity
planning and creating reference points for management.
Developing pioneering solutions in response to emerging threats, guide team to monitor industry warnings
and messages for all system patches, virus activity, and upgrades to maintain the overall information
security integrity of the SOC infrastructure. Sharing threat information with Stakeholders.
Ensuring on-time availability of periodic reports as requested by QCPA team.
Investigate and prepare a response to issues raised by internal or external Audit reviews
Develop & Maintain the Business Continuity functionality for SOC.
Leading and guiding the team of team leaders and set out performance parameters/ deadlines, hold review
meetings and monitor the progress of the work as per schedule, and ensure timely completion and delivery
of the project.
Acting as a vital connecting link between the management & the team for dispersal of information.

PREVIOUS WORK ASSIGNMENTS

Birlasoft (India) Ltd July2011-June2012

Birlasoft is a Global Information Technology Services provider founded in 1995 and headquartered in India, with
global workforce of over 4000 employees and footprints in 5 continents and delivery centers in Australia, India
and USA. The company provides software and consultancy to the banking, financial services, insurance and
manufacturing industries. The company is part of the CK Birla Group, headquartered in Noida, with offices in
the USA, Switzerland, UK, Germany, Australia, Singapore, Malaysia.
Assistant Manager (Information Security & compliance)
Identify foreseeable information security risks in order to comply with privacy and information security
policies and procedures. Prepares risk mitigation plans.
 Build information security competency and key responsibility is to strengthen Information Security posture
by revisiting technical documents for editing or rebuilding them the industry best practices.
Determines appropriate levels of security controls and infrastructure management & monitoring techniques,
development and delivery of a comprehensive information security and privacy program for the company.
Coordinates with all departments on Information Security Issues and imparts security awareness training.
To assure that the information collected, stored and disseminated by the company is protected from internal
and external threats and is handles in accordance with the ISO 27001 standards and the regulatory
requirements.
Ability to provide feedback and direction for team members, assuring the satisfaction for customers, and
creating a collaborative environment that encourages initiative and problem- solving.
Handles Information Security Incidents Carries out internal audits in line with ISO 27001 standards.

WIPRO LTD Nov08-June2011.

Wipro is one of the largest IT services company in India and employs more than 112,925 people worldwide as of
June 2010. It has interests varying from information technology, consumer care, lighting, engineering and
healthcare businesses..
Assistant Manager (IT Security Operations)
Spearheading efforts across Administration, ensuring high uptime, SLA governance, Vendor management
and availability of IT security services. To safeguard the Wipro network and sensitive information from
various threats originating from internet cloud and from inside network
Played an important role in maintaining security guidelines, project management, service delivery, strategic
planning and negotiating with the vendors for cost effective purchase of services
Reviewing specifications for the procurement of 3rd party specialist services and coordinated the technical
aspects of solution implementation activities
Reviewing operational/support documentation and other documentation; identified, documented and
managed Risks & Issues
Actively involved in manage project execution, monitoring & updating projects, and delivering projects
within the scheduled SLA
Ensuring that team should adhere to the prescribed operational standards (ISO/BS PCI-DSS etc.)
Monitor industry warnings and messages for all system patches, virus activity, and upgrades to maintain the
overall information security integrity of the enterprise. Inform and recommend course of action to Stake
holders
Responsible for Assessment of existing infrastructure and optimization of resources to derive enhanced
output, exploring scope of improvement and executing it with proficient planning. Working on any escalated
or unfamiliar issues to aid team and ensuring high uptime.
Taking care of Evaluation, acquisition, POC and deployment of new technologies to prevent the network and
sensitive information from new emerging blended threats.
Pivotal in implementing ISA proxy, Checkpoint FW, restructuring of Content filtering (Websense)
introducing checklist at the beginning of every shift, cleaning up the unused configuration, configuring
various customized report for business intelligence and working with the Business team and Solutions
Design team to present their solutions effectively.
Involved in Security Policy setting & configuration as per the security requirement in various Segments
Managing & administering installation, up-gradation, configuring, scheduling, testing & troubleshooting the
Checkpoint, ISA, Websense, AV Backup & relative connectivity.
Maintaining a high level architectural view of the Network Security infrastructure and provided technical
input in planning, estimating and design of projects.
Experience in formulating integrated strategies while managing & leading teams for running a successful IT
Security operations and streamline operations by utilizing and implementing standard procedures.
Adroit in handling backend operations for minimizing error level and enhancing productivity and
implementing service strategies according to the set targets & actively involved in controlling service
deliverable as per given SLAs TAT.
 Collating data, generating periodic reports & carrying out value added analysis of reports to facilitate
strategy planning
Distinguishing key areas of obstructions and evolving immediate and long term resolutions
Handling the escalations & high priority customer request & complaints of the team in co-ordination with
other departments to ensure 100% complaint closure with 100% delight.
Accountable for Planning for Security infrastructure procurement/cost for all WBPO locations as well as
responsible for selecting and evaluating effective and efficient systems including hardware, software, etc.
Handling pre-sales and installation technical support viz. setting up demos for complex technical setups,
troubleshooting problems during installation etc.
Ensuring that listed Audits are done for the various compliance levels
Involved in Preparation of site audit report for Mission Critical clients. Ensuring implementation of project
plans within stipulated budgets and deadlines.
Taking care of Process vision and design, enhancement strategy and transition strategy. An acknowledged
key driver for business process design and solution identification.
Selecting and evaluating effective and efficient systems including hardware, software, etc.
Assessing security standards, managing licensing and software standardization issues
Accountable for Negotiating SLAs for large and medium-size business transformation projects.

MICROLAND LTD Sep08-Nov08

Network Security Consultant
Client: EXL Services Pvt. Ltd
Profile Snapshot: Spearheaded efforts across managing Administration and Incident management of IT Security
Infrastructure such as Checkpoint, IBM Proventia, IPS/IDS etc deployed at all sites of EXL Ltd. Involved in Monitoring,
configuration and Management of McAfee EPO for all sites of EXL Ltd. Handled escalated issues, plus responsible for log
co-relation and audit report generation

APARA ENTERPRISE SOLUTION LIMITED Aug07-Aug08

Network & Security Engineer (Post-Sale Implementation & Troubleshooting)
Profile Snapshot: Implemented and supported Network & Security Appliance like Juniper Products - Juniper Peribit,
Juniper CMS, Netscreen, ERX 1440, Cisco Ironport, Bluecoat, and Avocent.

HCL COMNET LTD Sep04-Jul07

Network Security Engineer (Post-sale Implementation)
Profile Snapshot: Implemented and supported network security framework and technologies using products like Trend
Micro Antivirus, IMSS, IWSS, Cisco-PIX and Checkpoint (windows platform, secure platform, UTM 450)

EDUCATIONAL DEVELOPMENT

Bachelor of Computer Application 2007

MKU Tamil Nadu

Diploma in Electronics & Telecommunication Engineering 2004

Father Agnel Polytechnic, Board of Technical Education

Higher Secondary 2001; NOS Delhi

Senior Secondary 1998; C.B.S.E. Delhi

Certifications:
Acquired CCNA Certification in year 2005.
Accomplished Bluecoat Certification BCCPSE

Date of Birth: 31st August, 1981

Reference: Available On Request

Skill Matrix for Infrastrucutre Security

Total Years of Security experience 12

Years of experience in Vulnerability Management 5
Years of experience in Data Loss Prevention 1
technologies
Years of experience in Anti-Malware, Malware 8
Analysis and Anti-Virus
Years of experience in EndPoint Security 8
Years of experience in Cyber Incident Response 4
Years of experience in E-mail Protection, Server
Protection, Network Protection 5
Years of experience in Server Protection, Network
Protection 4
Years of Team Management experience 7

Candidate
Skill/Experience Requirement
Score
Technical Skill
Infrastructure architecture Assessment Mandatory 8
Vulnerability Management and Assessment Mandatory 8
Compliance Reporting and Assessment Preferable 8
Peneration Testing Mandatory 4
Spam Management Mandatory 4
Web filtering Administration Preferable 10
Rogue Software Management Preferable 2
Security Consultancy to Projects Mandatory 7
Cyber Incident Response Mandatory 6
Vendor Engagement and new product POC Mandatory 7
Vendor Risk assessment Mandatory 7
Non Standard Software Management Preferable 2
Security assessment of RFI/RFP vendor response Preferable 7
Developing Security Startegy Mandatory 8
Soft Skill
Excellent Communication Skill Mandatory 8