Ch Kumar
Cyber & Data Security | Risk & Compliance Analyst
Technology / Internet
About Ch Kumar:
- Over 6 Years of experience in Information Security, Endpoint System Security and IT Risk & Compliance Management. Extensive knowledge in the areas of Vulnerability Management and compliance scanning tools in addition to identifying risk, remediation and recommending security improvements.
- Expertise in Data and Endpoint Security with deep Knowledge of Data Loss Prevention (Force Point & Proofpoint), IDS/IPS technologies (TrendMicro), Compliance & Endpoint Security (Symantec Tools, Bit locker, Force Point) and SIEM (Splunk, ArcSight. QRadar) with recommended information assurance policies and standards.
- Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks.
- Performed Risk Assessment, Gap analysis & created a Risk Mitigation plan and Assisted the GRC team in integrating regulatory compliance requirements (e.g., PCI, NIST, CIS) into the organizational security roadmap.
- Experience with VM identification, analysis, and metrics, as well as processes enabling proper Governance, Risk and Compliance (GRC)
- Proficient in understanding the DLP policies, Due Diligence Questionnaire (DDQs) and System Organizational Control (SoC)
- Excellent knowledge of FISMA, HIPAA and NIST, GDPR, PIPEDA, PIA Compliance usage, rules and regulations
- Deep technical skills, knowledge of network protocols and network communication principles, and understanding of vulnerabilities and remediation techniques.
- Knowledge of risk, compliance & Vulnerability Assessment using Qualys, Uptycs, Demisto, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
- In-depth experience with internal, external, network & application vulnerability assessments utilizing Qualys Guard and FireEye
- Strong experience in all phases of the Software Development Lifecycle (SDLC) using Waterfall, Agile/Scrum, and Software Testing Life Cycle (STLC).
- Hands-on gathering requirements and creating Business Requirement Documents, Functional Requirements, User Requirement Specifications and Content Management Systems documents.
- Experienced in conducting Cost-benefit analysis, ROI analysis, SWOT analysis, and User Acceptance Testing (UAT).
- Proficient in creating (Unified Modeling Language) UML Diagrams, ER Diagrams, and Web Page Mock-Ups using Rational Rose and MS Visio.
- Hands-on with business process analysis, process improvement, strategic planning, assessing business needs and implementing optimal solutions.
- Analytical, methodical and resourceful approach to Problem Solving, Root-Cause Analysis, Conflict Resolution, Negotiation Strategies and providing corrective actions to meet business requirements.
- Clarified client requirements, business needs, and project objectives, via client meetings, and brainstorming sessions in collaboration with all stakeholders.
- Supporting Project Delivery Manager in Preparing Global Reports for multiple projects – Project-wise, Monthly-wise, and Resource-wise.
Experience
- Over 6 Years of experience in Information Security, Endpoint System Security and IT Risk & Compliance Management. Extensive knowledge in the areas of Vulnerability Management and compliance scanning tools in addition to identifying risk, remediation and recommending security improvements.
- Expertise in Data and Endpoint Security with deep Knowledge of Data Loss Prevention (Force Point & Proofpoint), IDS/IPS technologies (TrendMicro), Compliance & Endpoint Security (Symantec Tools, Bit locker, Force Point) and SIEM (Splunk, ArcSight. QRadar) with recommended information assurance policies and standards.
- Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks.
- Performed Risk Assessment, Gap analysis & created a Risk Mitigation plan and Assisted the GRC team in integrating regulatory compliance requirements (e.g., PCI, NIST, CIS) into the organizational security roadmap.
- Experience with VM identification, analysis, and metrics, as well as processes enabling proper Governance, Risk and Compliance (GRC)
- Proficient in understanding the DLP policies, Due Diligence Questionnaire (DDQs) and System Organizational Control (SoC)
- Excellent knowledge of FISMA, HIPAA and NIST, GDPR, PIPEDA, PIA Compliance usage, rules and regulations
- Deep technical skills, knowledge of network protocols and network communication principles, and understanding of vulnerabilities and remediation techniques.
- Knowledge of risk, compliance & Vulnerability Assessment using Qualys, Uptycs, Demisto, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures.
- In-depth experience with internal, external, network & application vulnerability assessments utilizing Qualys Guard and FireEye
- Strong experience in all phases of the Software Development Lifecycle (SDLC) using Waterfall, Agile/Scrum, and Software Testing Life Cycle (STLC).
- Hands-on gathering requirements and creating Business Requirement Documents, Functional Requirements, User Requirement Specifications and Content Management Systems documents.
- Experienced in conducting Cost-benefit analysis, ROI analysis, SWOT analysis, and User Acceptance Testing (UAT).
- Proficient in creating (Unified Modeling Language) UML Diagrams, ER Diagrams, and Web Page Mock-Ups using Rational Rose and MS Visio.
- Hands-on with business process analysis, process improvement, strategic planning, assessing business needs and implementing optimal solutions.
- Analytical, methodical and resourceful approach to Problem Solving, Root-Cause Analysis, Conflict Resolution, Negotiation Strategies and providing corrective actions to meet business requirements.
- Clarified client requirements, business needs, and project objectives, via client meetings, and brainstorming sessions in collaboration with all stakeholders.
- Supporting Project Delivery Manager in Preparing Global Reports for multiple projects – Project-wise, Monthly-wise, and Resource-wise.
Education
B.Tech In Information Technology
Professionals in the same Technology / Internet sector as Ch Kumar
Professionals from different sectors near Scarborough, Ontario
CAD$ 22 per hour
Nowshin Rashid
Developmental Service worker
Home Services / Social Care
Ajax, Ontario
Other users who are called Ch
Jobs near Scarborough, Ontario
-
We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture ...
Toronto2 days ago
-
Dawn InfoTek Inc. is a professional IT consulting team that partners with major financial institutions, investment firms and government sectors. · ...
Toronto4 weeks ago
-
+ Job summary: We are currently looking for team members to join our Cyber Risk and Data Protection practice. The candidate will work with teams of cybersecurity and privacy staff in a wide variety of systems environments. · ...
Toronto3 weeks ago