beBee background
Professionals
>
Technology / Internet
>
Scarborough
Ch Kumar

Ch Kumar

Cyber & Data Security | Risk & Compliance Analyst

Technology / Internet

Scarborough, Ontario

Social

About Ch Kumar:

  • Over 6 Years of experience in Information Security, Endpoint System Security and IT Risk & Compliance Management. Extensive knowledge in the areas of Vulnerability Management and compliance scanning tools in addition to identifying risk, remediation and recommending security improvements. 
  • Expertise in Data and Endpoint Security with deep Knowledge of Data Loss Prevention (Force Point & Proofpoint), IDS/IPS technologies (TrendMicro), Compliance & Endpoint Security (Symantec Tools, Bit locker, Force Point) and SIEM (Splunk, ArcSight. QRadar) with recommended information assurance policies and standards. 
  • Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks.
  • Performed Risk Assessment, Gap analysis & created a Risk Mitigation plan and Assisted the GRC team in integrating regulatory compliance requirements (e.g., PCI, NIST, CIS) into the organizational security roadmap.
  • Experience with VM identification, analysis, and metrics, as well as processes enabling proper Governance, Risk and Compliance (GRC)
  • Proficient in understanding the DLP policies, Due Diligence Questionnaire (DDQs) and System Organizational Control (SoC) 
  • Excellent knowledge of FISMA, HIPAA and NIST, GDPR, PIPEDA, PIA Compliance usage, rules and regulations 
  • Deep technical skills, knowledge of network protocols and network communication principles, and understanding of vulnerabilities and remediation techniques.
  • Knowledge of risk, compliance & Vulnerability Assessment using Qualys, Uptycs, Demisto, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures. 
  • In-depth experience with internal, external, network & application vulnerability assessments utilizing Qualys Guard and FireEye
  • Strong experience in all phases of the Software Development Lifecycle (SDLC) using Waterfall, Agile/Scrum, and Software Testing Life Cycle (STLC).
  • Hands-on gathering requirements and creating Business Requirement Documents, Functional Requirements, User Requirement Specifications and Content Management Systems documents.
  • Experienced in conducting Cost-benefit analysis, ROI analysis, SWOT analysis, and User Acceptance Testing (UAT).
  • Proficient in creating (Unified Modeling Language) UML Diagrams, ER Diagrams, and Web Page Mock-Ups using Rational Rose and MS Visio
  • Hands-on with business process analysis, process improvement, strategic planning, assessing business needs and implementing optimal solutions.
  • Analytical, methodical and resourceful approach to Problem Solving, Root-Cause Analysis, Conflict Resolution, Negotiation Strategies and providing corrective actions to meet business requirements.
  • Clarified client requirements, business needs, and project objectives, via client meetings, and brainstorming sessions in collaboration with all stakeholders.
  • Supporting Project Delivery Manager in Preparing Global Reports for multiple projects – Project-wise, Monthly-wise, and Resource-wise.

Experience

  • Over 6 Years of experience in Information Security, Endpoint System Security and IT Risk & Compliance Management. Extensive knowledge in the areas of Vulnerability Management and compliance scanning tools in addition to identifying risk, remediation and recommending security improvements. 
  • Expertise in Data and Endpoint Security with deep Knowledge of Data Loss Prevention (Force Point & Proofpoint), IDS/IPS technologies (TrendMicro), Compliance & Endpoint Security (Symantec Tools, Bit locker, Force Point) and SIEM (Splunk, ArcSight. QRadar) with recommended information assurance policies and standards. 
  • Strong understanding of enterprise, network, system/endpoint, and application-level security issues and risks.
  • Performed Risk Assessment, Gap analysis & created a Risk Mitigation plan and Assisted the GRC team in integrating regulatory compliance requirements (e.g., PCI, NIST, CIS) into the organizational security roadmap.
  • Experience with VM identification, analysis, and metrics, as well as processes enabling proper Governance, Risk and Compliance (GRC)
  • Proficient in understanding the DLP policies, Due Diligence Questionnaire (DDQs) and System Organizational Control (SoC) 
  • Excellent knowledge of FISMA, HIPAA and NIST, GDPR, PIPEDA, PIA Compliance usage, rules and regulations 
  • Deep technical skills, knowledge of network protocols and network communication principles, and understanding of vulnerabilities and remediation techniques.
  • Knowledge of risk, compliance & Vulnerability Assessment using Qualys, Uptycs, Demisto, Nessus and Nexpose tools to evaluate attack vectors, identify system vulnerabilities and develop remediation plans and security procedures. 
  • In-depth experience with internal, external, network & application vulnerability assessments utilizing Qualys Guard and FireEye
  • Strong experience in all phases of the Software Development Lifecycle (SDLC) using Waterfall, Agile/Scrum, and Software Testing Life Cycle (STLC).
  • Hands-on gathering requirements and creating Business Requirement Documents, Functional Requirements, User Requirement Specifications and Content Management Systems documents.
  • Experienced in conducting Cost-benefit analysis, ROI analysis, SWOT analysis, and User Acceptance Testing (UAT).
  • Proficient in creating (Unified Modeling Language) UML Diagrams, ER Diagrams, and Web Page Mock-Ups using Rational Rose and MS Visio
  • Hands-on with business process analysis, process improvement, strategic planning, assessing business needs and implementing optimal solutions.
  • Analytical, methodical and resourceful approach to Problem Solving, Root-Cause Analysis, Conflict Resolution, Negotiation Strategies and providing corrective actions to meet business requirements.
  • Clarified client requirements, business needs, and project objectives, via client meetings, and brainstorming sessions in collaboration with all stakeholders.
  • Supporting Project Delivery Manager in Preparing Global Reports for multiple projects – Project-wise, Monthly-wise, and Resource-wise.

Education

B.Tech In Information Technology

Professionals in the same Technology / Internet sector as Ch Kumar

Professionals from different sectors near Scarborough, Ontario

See professionals near Scarborough, Ontario

Jobs near Scarborough, Ontario

  • U-Naru Sushi

    cook

    Found in: Talent CA 2 C2 - 5 days ago

    U-Naru Sushi Toronto, Canada

    Education: Secondary (high) school graduation certificate · Experience: 1 year to less than 2 years · Work setting · Restaurant · Tasks · Prepare and cook complete meals or individual dishes and foods · Plan menus, determine size of food portions, estimate food requirements and c ...

  • S&P Global

    Lead II Security Engineer, Vulnerability Management

    Found in: beBee S2 CA - 1 week ago

    S&P Global Toronto, Canada Paid Work

    About the Role: · Grade Level (for internal use): · 12 · The Role : Lead II Security Engineer, Vulnerability Management · The Team : · S&P Ratings Security team focuses on protecting our clients and users from all aspects of modern-day security threats. The mission of our team is ...

  • St Michael's hospital

    MRI Technologist MRI

    Found in: beBee S2 CA - 3 days ago

    St Michael's hospital Toronto, Canada Full time

    MRI Technologist MRI (Job ID: 3934) · Unity Health Toronto, comprised of Providence Healthcare, St. Joseph's Health Centre and St. Michael's Hospital, works to advance the health of everyone in our urban communities and beyond. Our health network serves patients, residents and cl ...