Professional Documents
Culture Documents
mailsengupta@gmail.com
+91-8296481109/8014324921
Bengaluru
● A proactive and passionate Information Security specialist worked in almost all fields of security
domain starting from Application Security, Network Security, Data Security, Compliance & Auditing
as well as in Risk Management and therefore have the ability to understand Security Loopholes from
different perspectives. ● Always an eager learner in security domain and well networked with
security big names to follow every minute changes in this industry. ●Have worked with diverse
security critical sectors (Government, Telecom, Banking and IT) to learn the various demand of
today’s think-tank for a future security safe heaven. ● Proven success, key opinion leader & subject
matter expert in the following disciplines:
AREAS OF EXPERTISE
Risk Management Knowledge on Nessus, Nexpose, Metasploit
Information Security Governance and reporting AppSpider, Acunetix Web App Security Scanner
ISO 27001 implementation & Auditing Network Infrastructure Security Mechanism
PCI-DSS, NIST standards on Cyber Security Threat and Vulnerability assessment
OWASP 2013 and Secure SDLC standards Penetration Testing
Business Continuity Planning Proactive research on latest threats
Developing Security Policies and Procedures Cryptography Algorithms
Security architecture design and review Knowledge on reviewing firewall rulesets, IDS,
IPS
EDUCATION
Masters in Advanced Computer Science (Computer Security): University of Manchester: UK
(2013). Modules: Cryptography, Network Security, IT Governance. (Equivalent to M.Tech in
India)
EXPERIENCES
FIS (Fidelity Information Services) From May 2016
At FIS (a Fortune 500 company), I am working in its Risk as A Service line of business which works as
cloud source security services to Banking Sector. Being a part of its Red Team, I have
Performed Vulnerability Management, Penetration Tests and doing Risk assessment for
different banking sector clients as required.
Performed secure code reviews
Performed static code scanning and direct issue remediation
Enforced additional security policies with technical teams·
Maintained and govern software and component inventories
Worked with Security Analysts and Production Support to monitor security tools
Communicated and enforce additional security and development policies and procedures
My job is to support CISO (Director of Directorate of Information Technology) with all the relevant
consultation for the betterment of State Data Center Security process. Successfully implemented ISO
27001:2013 standard in SDC and raised the awareness of all stakeholders of State IT Departments
regarding Information Security. Successfully overcame the challenge of Creating Security Awareness
among Government Employees and implemented a robust Network security structure with 60%
reduction in security implementation flaws.
Accomplishments:
Remodeled implementation of security environment in State Data Center (SDC) based on the
existing standards and frameworks such as IS027001, NIST and ensured adherence and
implementation of e-governance security frameworks and ISO security standards over 60
State IT Departments.
Liaise & coordinated with internal and relevant external agencies (both government and non
government) to ensure that the security standards are adhered to on all the initiatives.
Identified security gaps in current implementations at all the layers of application/ ICT
infrastructure devices, cryptographic algorithm and develop solutions and create
implementation methodology to plug the gaps.
Accomplishments:
Accomplishments:
Technology Skills:
ASP.NET 2.0,C# 2.0,WCF,Visual Studio 2005/2009, SQL server 2005, SQL Server Reporting
Service, SQL server Integration services, BizTalk Server 2004.