Document Sample
Apurva_Resume Powered By Docstoc

 APURVA DHANWANTRI                                                     Contact No: +91 9920125238
 Lead – Information Security                                      E mail:
 Kale Consultants Ltd.                                Visit me:
 Akruti Trade Centre, Andheri

Join a growing professional services Information Security consulting firm led by industry
veterans in a position where my current skills will be tapped into while simultaneously giving
me the opportunity to expand my skills into new facets of information security.


Bachelor of Engineering – Computer Science with distinction – University of Pune.
Sun Certified Java Professional (SCJP) - Core competencies on Vulnerability assessment
Certified Ethical Hacker and Countermeasures Ver. 6.0.1 – EC Council
ISO/IEC 27001:2005 Lead Auditor – BSI
Certified Payment-Card Industry Security Implementer - SISA

Core Competencies:

      ISO/IEC 27001, PCI-DSS – Internal Auditor
      Malware Analysis
      Ethical hacking
      Real- time Security Monitoring
      Vulnerability Assessment and Mitigation – NIST, OWASP, PCI-DSS
      Risk Assessment, Treatment and management

Work Experience: Current Organization – Kale Consultants Ltd.

      Designation: Lead – Information Security

      Tenure: From Aug, 2010 to till date.

Job Responsibilities
      Leading Information security at Kale Consultants Ltd enterprise wide.
      Focused on IT risk Management Services, Application security services, Vulnerability management
       and assessment services.
      Responsible for carrying out Risk Assessments (VA/PT) on Kale’s Network and work on remediation
       plan for same.
      Leading, managing and reviewing ISO 27001 and PCI-DSS Compliance standards at KALE.
      Carrying out Internal Audits on information security management systems (ISMS) and PCI_DSS
      Responsible for updating and reviewing Risk Assessment and Risk Treatment Plan -for all the
       processes so as to adhere to ISO27001:2005.
      Training and Awareness
      Security Review of Firewall, UTM (Unified Threat Management) devices, Routers, IPS/IDS so as to
       bring industry wise best practices within organization.
      Responsible for Vendor Risk Assessment.
      Business Continuity plan and Disaster recovery plan review and updation.
      Malware Analysis.
      Investigating different types of malware with the help of different tools and sending it to the
       vendor for further investigation and then updating the signature database.
      Insider Threat Management.
      Developing mitigation/remediation plan based on outputs of security review and Internal Audit.
      Internal Lead Auditor for ISO27001:2005 and PCI-DSS
      People management.

Previous Organization – Bank of America

      Designation: Sr. Engineer – Information Security

      Tenure: From Aug, 2009 to Aug, 2010.

Job Responsibilities

      Information Security Event Analysis:

              Analyzing critical security events occurring across the organization and maintaining
               decorum within Bank of America, Countrywide Financial and Merrill Lynch and other
               acquired firms in terms of Information security.
              Event Analysis majorly includes Rouge devices identification and disconnection, DOS,
               DDOS, DNS Hijack, Blocking Internet relay Chat, Data Leakage prevention and
               NPI data, IDS ingress/Egress traffic, Virus total , arbor, Teradata server, VPN –
               failed login and etc.
              LOBRA (Line of Business Risk Assessment) and Emergency LOBRA
              Malware analysis through 41 Anti-virus and Anti-malware engines.
      Focused on IT risk Management Services, Application security services, Vulnerability management
       and assessment services.
      Analyzing various Security events on Arcsight case management, taking audit trials.
      Handling Critical events driven SLA and OLA.
      Creating Work Instruction for security related events and providing a feedback loop on simplifying
       the process and procedures.
      Providing Internal trainings to team on various critical security events and managing case in
      Generating events manually for the security related issues which are need to be adhered by SLA.
      Managing and working on Security event Lifecycle from the creation of events to closure.
      Generating reports and taking audit on that.
      Working with various teams such as firewall teams, Desktop teams, proxy team, etc in setting up
       different security rules and addressing security issues.
      Working on IDS and IPS indirectly, understanding the signatures, updating the signature database

       time to time.
      Monitoring of traffic flow on critical e-commerce servers via Arbor dashboard.
      Investigating different types of malware with the help of different tools and sending it to the
       vendor for further investigation and then updating the signature database.
      Risk and Vulnerability Assessments.
Previous Organization: Allied Digital Services LTD.

      Designation: Presales Consultant – RMS & Info. Security
      Tenure: June 2008 to August 2009

Job Responsibilities

      RIM (Remote Infrastructure Management) & Information Security at Allied Digital
       Services Limited.
                Proverbial with the NOC / SOC Implementation and Operations.
                Having a consultancy experience in managing, enhancing, developing & strengthening
                 overall IT Security Posture of Client’s Organization.
                NOC: assuring 99.9X % uptime and availability of network devices.
                SOC: Implementing security Tests on client’s network devices to strengthen their network
     Train users and promote security awareness to ensure system security and to improve
      server and network efficiency.

     Audited and implemented various security projects at organizations from different verticals like
      Media, retail, manufacturing and etc against ISO 27001 Standard.


      Delivered seminar on An Autonomous Decentralized System for Network                      Security.

      Delivered core concepts of security operations to Internal Team in Allied digital.

      Delivered Seminar on Data Leakage protection and management – Countrywide.

      Delivered seminar on Importance of Remote Management services in Indian market to sales
       and Marketing Team in Allied Digital Services Ltd.


      Languages known : C, C++, V.B, JAVA
      Knowledge on LAN/ WAN monitoring, e-mail, anti-virus, anti-spam and content filtering servers.
      Tools :
                Security Incident and Information management: Arc Sight 4.5.1
                Case Response Alert – Ticketing base : Remedy, Heat
                Vulnerability Management: Nessus, Retina, Nmap, Cain and Abel, Zenmap, Wireshark
                Web Application Assessment: Acunetix, NetStalker, Paros , Retina, Webcruiser,
                Malware Assessment: McAfee EPO 8.5i, Virus total, Jotti malware Scan, Hash tools –
                 Fsumfrontend (Integrity checker), PExplorer

               Firewall: Fort iGATE, Watchguard

     Recognized with Galaxy of the Star Award for outstanding Performance at kale Consultants

     Recognized with RISING STAR Award for two Consecutive Quarters for managing Information
      Security at Kale Consultants across Locations.

     Best Performer in Team for Oct, 09 to Dec, 09 at Bank of America.

     Six Sigma “JDIC” certification on “ArcSight - Automated Monthly Reporting” at Bank of

     Recognized with a core value “Trusting and Teamwork” at Bank of America.

     Won Second Prize In IEEE Technical Poster Presentation.

        WON First Prize In ITERA ANIMAX Programming Contest.

        Got First prize & Second prize for two consecutive years at INTERNATIONAL SAARC Competition
         for HOME VIDEO Presentation

         Father’s name      : MR. N.K DHANWANTRI
         Date of birth      : 4th APRIL 1986
         Marital status     : Single
         Languages Known : English and Hindi

I hereby declare that the information furnished above is true to the best of my knowledge.



Shared By: