Chirag Panchal

• Implement and maintain Security and Privacy controls as required by business and regulatory requirements
• Ensure Secure software development there by reducing vulnerabilities introduced during development
• Implement Cloud Security controls to ensure security and privacy of data
• Conducting risk assessments to identify potential security threats, vulnerabilities, and impacts organization's assets and operations
• Risk Management by way of assessing, and prioritizing potential security risks to organization's information assets and infrastructure
• Conducting comprehensive vulnerability assessments across organization's systems, networks, and applications to identify potential weaknesses and security gaps including automated pentesting tools and manual validation.
• Vulnerability management by prioritizing them based on severity and potential impact, and then collaborating with relevant teams to develop and implement effective remediation plans
• Implementation of Security tools – File Integrity Monitoring (FIM), Host based Intrusion Detection (HIDS), Data Leak Prevention tool (DLP), Firewall (L3 and L7), Audit logging and monitoring, SIEM, SAST
• Maintain corporate wide business continuity program to address disaster recovery, business continuity and emergency response management
• Developed, maintained, and revised Information Security policies and procedures for operation of compliance program and its related activities
• Due Diligence of all vendors to ensure that they are provide secure products and services

• Implement and maintain Security and Privacy controls in accordance with business and regulatory requirements
• Ensure Secure software development there by reducing vulnerabilities introduced during development proves by providing regular training to development team
• Ensure security of Application and Cloud infrastructure by performing regular security review of releases, Automated/manual reconnaissance, regular vulnerability scans and Penetration tests
• Implementation of Security tools – File Integrity Monitoring (FIM), Host based Intrusion Detection (HIDS), Data Leak Prevention tool (DLP)
• Implemented Risk Assessment and Risk Mitigation as per industry best practices
• Maintain corporate wide business continuity program to address disaster recovery, business continuity and emergency response management
• Developed, maintained, and revised Information Security policies and procedures for operation of compliance program and its related activities
• Due Diligence of all vendors to ensure secure products and services

• Risk Management by way of assessing, and prioritizing potential security risks to organization's information assets and infrastructure
• Vulnerability management by prioritizing them based on severity and potential impact, and then collaborating with relevant teams to develop and implement effective remediation plans
• Maintain corporate wide business continuity program to address disaster recovery, business continuity and emergency response management
• Developed and maintained Information Security policies and procedures for operation of compliance program and its related activities
• Providing security trainings to all employees
• Guaranteeing company's compliance with relevant standards by conducting routine internal audits

• Formulating and implementing strategic plans to enhance organization's overall security posture.
• Identifying potential security risks and vulnerabilities, conducting risk assessments, and developing mitigation strategies to safeguard against threats.
• Designing and implementing robust security architectures that align with business objectives while ensuring confidentiality, integrity, and availability of critical assets.
• Ensuring compliance with relevant regulations and standards (such as GDPR, HIPAA, ISO 27001) through policy development, audits, and adherence to industry best practices.
• Establishing proactive monitoring systems, analyzing security logs and events, and staying updated on emerging threats and vulnerabilities through threat intelligence feeds.
• Educating staff on security best practices, raising awareness about potential threats, and promoting culture of security throughout organization.
• Assessing and selecting security tools and technologies, overseeing their deployment, and optimizing their use to enhance overall security effectiveness.
• Establishing proactive monitoring systems, analyzing security logs and events, and staying updated on emerging threats and vulnerabilities through threat intelligence feeds.

This role involves managing IT infrastructure and operations comprising Windows 2003/2008, Google Apps for Business. It also includes maintaining Cisco Routers, Firewall, leased internet, and data links. IT budgeting, IT roadmaps,Management reporting, managing IT security, ensuring data confidentiality and adherence to IT policies.

This role involves overseeing complex IT infrastructure and operations across multiple locations, including Windows 2008 on IBM servers, VMware, Symantec NetBackup, SQL servers, and Exchange 2010.