Profile

Recruiters: To view this profile, please Register / Login

Jobseekers: To make your profile available to Recruiters for free, opt for Premium Membership

Sri Rekha .S Kumar

Candidate ID: 1650565

Career Summary

Management Post Graduates with 18 years experience in Engineering functional area

Skill Set

security management, ISMS,CYBER SECURITY,soc MANAGER

Professional Information

Total Experience : 18

Nationality : United Arab Emirates

Qualification Level : Management Post Graduates

Job Function : IT - Software

Work Location Preference : UAE

Detailed Profile


SriRekha RameshKumar, MS(IT) MBA CISM CEH
•LinkedIn: https://www.linkedin.com/in/rekha-ramesh-cism-ceh-ict-head-7a047577/
•Blog: https://rekhastechblog.com/



Sr.Divisional Engineer, Head-Information Technology Division, Dept.Of.IT &Telecommunication-Govt Of India Enterprise



INFORMATION TECHNOLOGY SENIOR DIVISIONAL ENGINEER
Specialized in Cyber/Information Security Management. Technical lead in project and program-management in
Multiple platforms in Information-Technology in line with the company’s strategic and financial goals.

PROFESSIONAL PROFILE

. Senior Divisional Engineer IT reporting to the Deputy General Manager & Principal General Manager-DOT, Managed IT and Information systems/cyber security teams. Core tasks involved assessing, planning and implementing required upgrades on security system to protect the data and information, maximize development, delivery, and technical support of multi crore, technology-based business that constituted 29 field Units, 35 sales offices in Coimbatore Secondary Switching Area alone, with 2,100 unit staff strength at India’s largest state owned, Telecommunication Service Provider.

. Meet end-user requirements, cost, and quality objectives through timely development and execution of information system functions, computer operations, and programming systems.

• Have a total of 14 years in IT and 8 years of Information Security -Combined in the same Organization totaling to 22 years of IT,ISMS and Computer/Mobile Network Experience.
AREAS OF EXPERTISE-SKILL SETS

1.ISMS 9. IT Eqpt Inventory Management 17. Roles, Authorizations -ERP
2.Incident Management 10.Patch Server Upgrades-Compliance Monitoring 18. ERP BASIS CORE TEAM
3.High End Migration
Both Server side & Client side 11.SaaS – Cloud Service 19. Installation of Servers. Co-Ordinate at Makeover & GoLIVE.

4. Technical assessment
penetration Testing 12.Network Management 20. Program Management.& Process Design
5.Risk Management, Firewall installation 13. Oracle SQL Reports, Java,PHP,ASP.NET 21. CRM-SEIBEL CLOUD
6.Risk & vulnerability assessment, Malware Analysis 14. Software Program Development 22.Administration-Team/Office
7.Security Implementation. 15. . In-House Application Development, PHP5 INTRANET PortaI Design 23. PO,AMC Finalization
8.Linux Server Management. 16. EETP Training/CYBER SECURITY TRAINING FOR ENGG College Students. 24.Contracts , Tender, Cost Benefit Analysis. Convener of Steering/PO Committees


ACADEMIC QUALIFICATIONS

ISACA: CISM-2019-USA
CEH V9 CERTIFIED 2018 VALID TILL DEC-2020.
CISM CERTIFIED SINCE MAY 2019 TO 2024.
Massachusetts Institute Of Technology:Professional Engineering-BOSTON USA
Specialized Professional Course on Cyber Security –Technology & Policy -2015
MSME-INDIA
Six Sigma Lean -2014-2015 Certified
NIBM-INDIA
2-YR MBA IN CRM, E-BIZ -2012-2014
IIM-LUCKNOW
Executive Program for Business Management-2012
Bharathiar University
Masters in Software Application (IT): June 2004
Bharathiar University-INDIA
Bachelor of Science in Physics, May 1996.

PROFESSIONAL EXPERIENCE
IT TEAM HEAD ( PROJECT & PROGRAM DEVELOPMENT, CYBER/INFORMATION SECURITY MANAGEMENT) DoT(Govt.Of.India) 2014 to Present

CYBER/INFORMATION SECURITY MANAGEMENT

Information Security Management System : ISO 27001
? Update, maintain & review information security policies and procedures to ensure adequate information security assurance and meet all regulatory requirements.
? Conducting Gap Assessment and preparing report.
? Create, maintain, implement & review ISMS Risk Management Methodology.
? Implement plans & programs on information security awareness/training for employees and vendors
? Facilitate all periodic independent reviews of ISMS conducted internally or in coordination with a third party.
? Ensure that non-conformities are closed on time and the analysis of the non-conformities are reported on a timely basis to the ISMS Internal Audit team.
? Stay informed about all latest developments in the field of information security----member of the CERT Team.
? Performing Risk Assessment and Identifying all risk related to Information Security Management System.
? Coordinated with support team for implementation on standard as approved by the steering committee.
? Developing and ensuring technology baselines for the secure management of systems across all platforms such as Operating System, Data Bases, application etc.
? Configuring and conducting infrastructure baselines compliance tests.
? Advising, and recommending security features and appropriate levels of security controls for all IT systems and infrastructure.
? Implemented security guidelines to meet company’s standard in projects.
? Providing technical guidance to IT Department staff about risks and control measures associated with new and emerging information systems technologies.
? Monitoring market developments on IT security providing recommendations to business on new initiatives.
Incident Management & Malware Analysis
? Experience in Security Incident Management & Malware Analysis.
? Analyzing and Identifying the web or email based malware discovered on Enterprise systems. Take lead focus on enhancing the malware detection capabilities of the systems.
? Establish and supervise an organization wide security incident management framework to ensure coordinated and effective response to all kinds of security incidents
? Experience in SIEM (Security Information and Event Management).
? Identifying and analyzing malware activities before severely disrupting the business server systems and investigating the security incidents.
? Investigating security incidents, identify & report root causes, related weaknesses and recommend remedies to mitigate or control / prevent malicious activity taking place / reoccurring.
? Teamed up with Symantec for all security hack free maintenance of network and servers and client machines
? Developed Information security processes and frameworks to have a hassle free Business Continuity.
? Co-ordinated with All India Cert team and fool proofed our entire servers & workstations during the WANNACRY Ransomware attack which had a major impact in India.

Technology Security
? Administration and troubleshooting of Email gateway security solutions/strengthening Proxy server with current clamav updates.
? Review a range of emails containing web-link to misused file types. Identify the suspicious emails and take necessary action to block email on gateway.
? Quarantined Client, Business requirement emails need to be release on Email gateway. Email domain for fine-tune.
? Created security baseline documents for systems such as firewalls, various operating systems, databases, etc.
? Participated in the pre-production review of applications/technical systems in order to ensure that all security requirements are incorporated prior to system going “live”.
Technical Assessment
? Mapping client's requirements and providing best IT solutions involving evaluation and definition of scope of project and RFP, Business Scope.
? Performing POC to finalization the project requirements
? Conducting periodic vulnerability assessments and penetration test.
? Evaluating information systems bug reports, security exploit reports, and other information security notices issued by information systems vendors, CERT and makes recommendation to IT Department technical staff to take precautionary measures.
? Reviewing firewall rule changes and validating the implementation.
? Performing research on patch updates for technology used in the EPG and reclassify based on criticality .Participating in the Patch Management Working Group meetings.
? Implementing best practices for Disaster Recovery and Incident mgmt and review of the lessons learned.
? Formation of incident response and Disaster Recovery teams-conducting stress tests/pen tests to train the team for Incident preparedness.
PROJECT & PROGRAM DEVELOPMENT

? Direct and prioritize application support activities of 9 Tech associates/Business Partners DELL/KBS/TCS/WIPRO/CISCO/TCS/3COM supporting 20+ business applications in SOFTWARE MANAGEMENT, CRM, finance, human resources, operations, ERP, and custom client service.
? Develop, manage, and achieve objectives of $4 million per annum- financial year annual budget for IT procurement, upgradation ,consulting and other services.
? Negotiate software purchases, Create Budget Estimate, Revised Estimates for IT and consulting services totaling more than $8.5 million per year; initiate, develop, and maintain relationships with business partners, software consultants, and professional services vendors, ensuring alignment among businesses needs, IT resources, and vendor contract provisions.
? Lead and direct IT Purchasing Department/floating E-Tender with purchasing activities of contracts with multiple vendors.
? Maintain high standards in managing internal staff and team with employee-development objectives; conduct weekly status meetings; provide coaching in communication, problem solving, quality assurance, team building, prioritization, and project management.
? Oversee developing and integrating in house developed project, including performance testing, risk mitigation, defect resolution, quality assurance, error handling, and data architecture.
? Annually reduced manual process costs by INR 14L by managing and building a software based solution, including optimizing expenditures to enhance internal application development and support capabilities.
? As SDE IT, managed 15 end to end servers and 411 client end points on MADM with negligible downtime.
? Increased internal customer satisfaction by in-sourcing strategic functions and reducing out-sourced vendor cost by 39 percent during multi-year expansion of internal application development and support function.
SriRekhaRameshKumar-pg2


IT Project Roll Out Manager/Software Engineer, DoT(Govt.Of.India), 2009-2014

? In co-ordination of Boston Consultancy Group USA., worked as Project /Product roll-out manager heading a team of 20 members for the whole of BSNL-Coimbatore for implementation of WiMax and 3G technologies, FTTH.
? Facilitated, prioritized, and communicated functional, technical, and scheduling requirements of large-scale end point distribution, installation of telecom products like ISDN Leased Lines,3G services commissioning, Broad Band provisioning; serve as liaison between customers and staff.
? Used BCG standard in house developed Project to manage planning and scheduling; regularly reported project status to team members, clients, and senior executive management.
? During this time Coimbatore topped the ALL-INDIA TEAM PERFORMANCE on revenue generation for TWO consecutive years thanks to the support given to me by team and senior management. Was awarded the best team Leader for two consecutive years by the Chief General Manager-Chennai –South Zone.
? Developed software codes, test plans and test cases in both highly structured and loosely structured development environments that addressed areas including functional needs, data validation, browser compatibility, load, stress, performance, acceptance, ACCESS permissions.
? Trained Engineering Students in CYBERSECURITY and CISCO Router Configuration under the govt EETP programme and All India Council For Technical Education for 30 batches, was voted the BEST TRAINER by the students through an Online Poll.

Systems Engineer, Intelligent Networks, Mobile Networks-DOT-2005 to 2009

? Working at Gateway Mobile Switching Centre ,switch based, Nortel Networks/ZTE/HUAWEI Systems
? IN platform for switch based functions using GUI Ericsson Switch
? Traffic Analysis and measurement in the Signaling Control Point.
? Pulling raw data from Service Data Point for Call reports & analysis
? Various system load measurements like Link loads ,Peak loads, Processor loads analyzing system architecture

CRM-Mobile Networks-IT PLATFORM, DOT(Govt.Of.India),2004-2005

? Served Mobile Customers for Creation, Deletion, addition, modification of postpaid and prepaid mobile numbers under Siemens/Ericsson Technology Switches
? Provided Voice and Voice & Data Services viz.., SMS,GPRS and Voice
? Worked on modular functions like SIM swapping, Dummy SIM replacement, conversion of Prepaid to Postpaid Numbers and vice versa, Call Detail Record etc and also various modifications as per customer requirements like STD,ISD provisions, Closed User groups, Scheme Provisioning etc..,

Software Development Centre-Junior Officer/Incharge, DOT(Govt.Of.India),2000-2004

? Designed and developed Intranet and Internet homepages for Tamilnadu Telecom Circle,India.
? Maintained network file system (NFS) mounts.
? Implemented and administered network information services (NIS) for multiple domains.
? Developed applications on ASP for automation for e-complaints,e-management of Training Centres like online training packages. Complete automation of Office administration systems like file tracer, Inventory management etc.
? Conducted training classes educating staff towards automation, e-learning.
? Debugged software package problems.
Awards & Recognitions:
1. Honoured by Principal General Manager-DoT for being fastest and first Team to implement ERP across all the modules in Coimbatore SSA in comparison with other South Zone Teams.
2. Awarded the Best Instructor under the EETP Program Training in IT and Cyber Security, and for generating revenue of the order of for the company-2015
3. Awarded the best Team Leader for highest Revenue Generation on All India Basis during Project Roll-out of Wimax,3G Technology implementations-for the year 2013.
4. Awarded the best Team Leader for highest Revenue Generation on All India Basis during Project Roll-out of FTTH,P3 Broad band, NGN Technology implementations-for the year 2014.
5. Honoured with a Letter of Appreciation by Dy.General Manager Regional Telecom Training Centre/Software Development Centre for the implementation of ISO in our software Development Centre with NIL Non-Conformaties-2009.
Member of Groups and Voluntary Org:
1. Tedx Member, Delegate -Tedx & TieCon Coimbatore.
2. Delegate of National Cyber Security Forum and participated in National Conference in Cyber Security in 2014-October-PSG TECH COIMBATORE.
3. Delegate of National Cyber Security Forum and participated in National Conference in Cyber Security -CUSAT COCHIN-2018, ANNA UNIVERSITY 2019, Cyber Security-IIT MADRAS 2019.
4. An alumina of MITx-BOSTON CSAIL from 2013-till date.
5. Was a keynote speaker in IEEE-forum on Broadband for Sustainable Growth on World Telecom Day-2015 in PSG COLLEGE OF TECHNOLOGY-COIMBATORE.
6. ISACA UAE/CBT CHAPTER Member-CERT-IN Member.
7. Was a delegate in the GCC CyberSecurity OT&IT Conference-SUMMIT DUBAI UAE conducted by ANFICON.
8. TECH BLOGGER:www.rekhastechblog.com
9. Research Paper on INCIDENT MANAGEMENT BEST PRACTICES published in NCSSS annual e-magazine. Link: https://emagazine.ncdrc.res.in/