We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Contact
nlenfrde
nlenfrde

Information System & Cyber Security

Home
/
/
Information System & Cyber Security
ID : 1243
Education level  : Bachelor's degree
Work experience level  : Expert- (more than year 7)
Work experience in total  : Years
Job type  : Online
Job time  : Maandelijks
Last date of registration :
2022-12-09
Nu contact opnemen
Profile description

To progress as a professional, working in a challenging environment would enable me to enhance & utilize my skills and innovative abilities in the professional & corporate sector successfully.

Work experience In details :
Job position
Job description

Executive, Information Systems Security - National Savings Bank - (March 2019 - Present)

  • Implementing Information Security Management System (ISMS) (ISO 27001:2013), PCI-DSS, SWIFT CSCF and Baseline Security Standard (Central Bank- SL) standards across the bank.
  • Develop plans and strategies for on boarding new security technologies to the existing infrastructure of the bank ensuring zero-service downtime and key security features on.
  • Perform Business Impact Analysis (BIA) and Risk Assessments in periodic basis to ensure the up- to-datedness of the recovery strategies in Business Continuity Management regime.
  • Perform the Data Scanning and Classification exercises in periodic basis and responding to the alerts triggered by the Data Leakage Prevention (DLP) tool.
  • - Perform the role of Tier 2 Analyst in Bank’s Security Operations Center (SOC).
  • Conduct technology reviews such as firewall reviews, SIEM reviews, WAF and DLP policy reviews etc. in periodic basis.
  • Conduct information security awareness sessions, phishing simulation exercises and induction programs related to security for the bank’s staff in planned intervals.

Consultant - Cyber Security Services - Trustvauli Ltd (Pvt) - (July 2018 - Present)

  • Performing the supervisory role for an OpenVAS vulnerability and remediation project conducted for a US company.
  • Acting as a team member in the project of Sri Lankan Government Website Vulnerability and Penetration Testing initiated by Sri Lanka CERT.
  • Implementing Information Security Management System (ISMS) (ISO 27001:2013) framework and audits to a wide range of local and international clients.
  • Developing ICT strategic plans for clients in the Banking & Finance sector.

Associate Consultant, Cyber Security Services -Trustvauli Ltd (Pvt) - (July 2017 - June 2018)

  • Implementation of Information Security Management System (ISMS) (ISO 27001:2013) for clients in the Banking & Finance, Manufacturing, Insurance and Payroll sectors.
  • Conducting ISMS internal reviews and security audits for clients in Telecommunication and Manufacturing streams.
  • Performing vulnerability assessments and penetration testing to scan designated hosts.

Analyst, Information Risk Management - KPMG Sri Lanka - (May 2015 - July 2017)

  • Development of Division budgets for each engagement under each portfolio and ensure that the team members maintain their allocated time within the budget.
  • Coordinate and conduct kick-off meetings and Review report discussion meetings with the clients, as well as other required engagement progress meetings with the client officials so as to achieve the project deadlines.
  • Be responsible for the timely completion of time sheets of staff while ensuring 100% utilization of budgeted hours for each engagement.
  • Train team members on the performance of the review activities or identify training needs which can be fulfilled by other team members /Managers within division during knowledge sharing sessions.
  • Evaluating application system controls in the fields of tele- communication, Banking & Finance, Revenue Assurance, Hospitality, Stock Brokering and Manufacturing by providing adequacy controls in information systems including IT Governance.
  • Ensuring processes and procedures are performed in compliance with organizations Information Security Policies and procedures.
  • Conducting information systems audit engagements for various organizations analysis against the industry accepted standards (ISO 27001) and providing recommendations.
Hard skills
Soft skills
  • Performance oriented & hard work.
  • A good team player and ability to work with different kinds of people.
  • Quick learner.
Achievements
  • Certified Information Systems Security Professional (CISSP) – (License No: 784332).
  • Certified Information Security Manager (CISM) – (License No: 2049443).
  • Certified Ethical Hacker v9 (EC-Council).
  • ISO/ IEC 27001:2013 Lead Implementer.
  • Comptia Network +
Special notes

Implementing Information Security Management System, Perform Business Impact Analysis, Risk Assessments, Data Scanning and Classification exercises, firewall reviews, SIEM reviews, WAF and DLP policy reviews, Conduct information security awareness sessions, phishing simulation exercises and induction programs related to security

Contact

Meer person

ID : 2042
Associate Software Engineer
Education level: Bachelor's degree
Work experience level: Intermediate- (2-4 year experience)
Lees meer
ID : 2041
System Engineer IT
Education level: Bachelor's degree
Work experience level: Experienced- (4-7 year experience)
Lees meer
Mis geen enkele belangrijke kennisgeving houd jezelf update
Begin met chatten!
Wij staan u graag te woord!
Hallo 👋
Kunnen we je helpen?