Prabh Nair

SUMMARY

• 15 + years of experience in Information Technology industry with specialization in Information Security
• A distinguished information security professional recognized as Chartered IT Professional by British Computer Society, UK.
• All round knowledge of all information security domains from vulnerability assessment & penetration testing to application security
  to security solutions to governance, risk & compliance.
• Experienced in heading global information security operations at US based global IT services provider with presence across 11
  locations across United States, Canada, India and Sri Lanka.
• Well skilled in developing policies, procedures and framework for establishing security operations and operations security.
• Served 100+ organizations across 25+ countries through various short-term assignments.

ENTERPRISE SECURITY

• Ability to simplify security in complex environments.
• Ability to develop enterprise security architecture to meet enterprise business objectives.
• Experienced in implementation & assessment of standards & frameworks such as ISO/IEC 27001:2013/2005, SSAE-16, COBIT 5,
  PCI-DSS, HIPAA and NIST standards.
• Ability to simplify security in complex environments.
• Experienced in development of policies, processes and supporting documentation.
• Experienced in risk management, change management, vulnerability management, incident management and business continuity management.
• Ability to communicate effectively with technical teams as well as executive management.
• Good understanding of technology architecture and enterprise level mitigation strategies.
• Experienced in spreading security awareness across enterprise.

SECURITY SOLUTIONS

• Good knowledge of security solutions like Firewall, IDS/IPS, VPN, DLP & MDM.
• Good knowledge of enterprise IT infrastructure.
• Experienced in design and implementation of enterprise security solutions.
• Experienced in design and implementation of data Centre and delivery Centre security.
• Experienced in development of policies, processes and supporting documentation.
• Good knowledge of virtual & cloud environments.

Certification

SECURITY ASSESSMENTS

• Good knowledge of penetrations testing & security assessments
• Experienced in conducting internal and external vulnerability assessments.
• Experienced in design and implementation of enterprise security solutions.
• Experienced in conducting web application security assessments.
• Experienced in analysing potential threats & attack attempts.

SECURITY AUDIT

• Good knowledge of penetrations testing & security assessments
• Experienced in developing metric based audit programs.
• Experienced in developing audit checklists based on client and compliance requirements.
• Experienced in conducting internal audits, vendor audits and security reviews.

APPLICATION SECURITY

• Good understanding of application security controls & application security architecture.
• Experienced in conducting internal and external vulnerability assessments.
• Good understanding of cryptographic controls.
• Considerable knowledge of web applications & databases.
• Good understanding of software development lifecycle