About Me
Highly accomplished Senior Information Security Officer with over 8 years of progressive experience in IT Service Management, Cyber Defense, and Risk Management. Expert in developing and implementing robust security policies, conducting comprehensive risk assessments, and enhancing organizational security posture, as demonstrated by leading initiatives at Quadient. Proven ability to advise on secure architectures, penetration testing, and compliance, holding a Master's in Cybersecurity and key certifications including CISM (in progress), SEC 504-GIAC, and ISO 27001 Lead Auditor, with specialized expertise in GDPR, data privacy, and enterprise risk management.
Work Experience
Remote, Germany, Germany
→
Summary
Led comprehensive security initiatives at Quadient Technologies, driving the development and implementation of robust security frameworks, risk management strategies, and incident response protocols to safeguard organizational assets.
Highlights
Spearheaded the development and implementation of security policies, standards, and procedures, ensuring alignment with industry best practices (e.g., ISO 27001) and regulatory requirements.
Directed regular security risk assessments and audits, identifying critical vulnerabilities and recommending strategic enhancements to strengthen the overall security posture.
Designed and deployed comprehensive security awareness training programs, significantly enhancing employee understanding and adherence to information security protocols.
Managed the full lifecycle of security incidents, from monitoring and analysis to investigation, containment, and resolution, minimizing impact on organizational operations.
Orchestrated vulnerability management, including assessments, penetration testing, and patch management, to proactively remediate security weaknesses across the enterprise.
Maintained and updated disaster recovery and business continuity plans, ensuring organizational resilience and continuous operation during security incidents or system outages.
Collaborated cross-functionally to embed security requirements into system development and procurement processes, enhancing security-by-design principles.
Conducted internal and external security audits as a certified Lead Security Auditor, ensuring compliance with ISO 27001 standards and industry best practices.
Prague, Czechia, Czechia
→
Summary
Delivered expert information security consultancy at DHL IT Services, integrating security best practices throughout the development lifecycle and providing architectural guidance to enhance organizational resilience.
Highlights
Provided critical consulting and technical security reviews across the secure development lifecycle, ensuring adherence to security standards for all projects.
Conducted comprehensive penetration tests and vulnerability management activities, identifying and mitigating security issues to strengthen system defenses.
Facilitated risk-based decision-making by proposing effective mitigation strategies for identified vulnerabilities, reducing potential security exposure.
Served as a Subject Matter Expert in secure application development, advising on secure architectures and reviewing system designs for compliance and best practices.
Supported compliance assessments, particularly for ISO readiness and data protection, ensuring regulatory adherence and maintaining high security standards.
Participated in change and configuration management processes, conducting technical security reviews to approve network setups and system architectures.
Mentored and trained junior team members on security tools and best practices, enhancing team capabilities in threat intelligence and vulnerability management.
Prague, Czechia, Czechia
→
Summary
Oversaw incident detection, response, and security policy implementation at DHL, leveraging SIEM tools and cloud security expertise to mitigate threats and enhance overall security posture.
Highlights
Led the detection, triage, and escalation of security events and incidents, providing critical second-level support and analysis for complex threats like phishing, malware, and DDoS attacks.
Managed ArcSight SIEM, developing and implementing rules and filters to enhance security monitoring and threat detection capabilities.
Supported internal teams by ensuring adherence to security policies and processes, effectively maintaining and reducing organizational security risk levels.
Implemented strategic changes to security policies, proactively mitigating existing vulnerabilities and preventing future security incidents.
Provided expert RUN support for critical security technologies, including IPS and DDoS, ensuring operational stability and effective incident handling.
Contributed to incident response and threat handling as a Subject Matter Expert, utilizing expertise in Microsoft Azure and AWS environments.
Trained and mentored junior team members on security tools, report preparation, and incident resolution, improving overall team proficiency.
Prague, Czechia, Czechia
→
Summary
Monitored and responded to security incidents, conducted in-depth analysis of security events, and contributed to maintaining a robust security posture through policy implementation and SIEM management at DHL IT Services.
Highlights
Conducted daily and weekly monitoring of security logs and reports, efficiently detecting, triaging, and escalating security events and incidents.
Provided critical second-level support and in-depth analysis for security incidents, including sophisticated phishing campaigns, malware outbreaks, and DDoS attacks.
Assisted in the management of ArcSight SIEM, contributing to the creation of rules and filters that enhanced threat detection capabilities.
Supported internal teams in adhering to security policies and processes, playing a key role in maintaining and reducing the overall security risk level.
Contributed to the implementation of security policy changes aimed at mitigating existing vulnerabilities and preventing future security incidents.
Provided operational (RUN) support for various security technologies, including IPS and DDoS, ensuring continuous protection and incident resolution.
Assisted in training junior team members on security tools, report generation, and effective resolution of security issues.
Prague, Czechia, Czechia
→
Summary
Acted as the primary technical analyst for customer network operations at Ribbon Communications, ensuring network stability and efficient incident resolution in accordance with ITIL frameworks.
Highlights
Provided first-line defense for customer networks, proactively identifying and resolving network problems to minimize service disruption.
Managed the full lifecycle of network incidents using a trouble ticketing system, from creation and resolution to escalation, ensuring timely and effective problem management.
Executed routine scheduled maintenance activities, optimizing network performance and ensuring system reliability.
Ensured strict adherence to ITIL framework for process and procedure management, enhancing operational efficiency and service delivery.
Contributed to event and incident management processes, maintaining network configuration and supporting continuous operational improvement.
Languages
English
Proficient (C2 Listening, C2 Reading, C1 Writing, C2 Spoken Production, C2 Spoken Interaction)
German
Basic (A1 Listening, A1 Reading, A1 Writing, A1 Spoken Production, A1 Spoken Interaction)
Gujarati
Native
Hindi
Native
Czech
Proficient
Skills
Cybersecurity & Risk Management
Security Policies & Standards, Risk Assessment & Management, Vulnerability Management, Penetration Testing, Incident Response & Handling, Threat Intelligence, Security Audits & Compliance (ISO 27001, GDPR), Data Privacy, Enterprise Risk Management, Disaster Recovery & Business Continuity Planning, Secure Software Development Lifecycle (SSDLC), Application Security Consultancy.
Security Technologies
SIEM (ArcSight ESM), Intrusion Prevention Systems (IPS), Firewall Management, Web Application Firewall (WAF), Antivirus Solutions, DDoS Protection, Snort, CheckPoint, Fortinet, Cloud Security (Microsoft Azure, AWS).
Networking & Infrastructure
OSI/TCP/IP Model, Network Protocols (TCP/IP, HTTP, DNS, SNMP), Packet Analysis, Linux Administration, Windows Administration, Configuration Management, IT Networking.
Scripting & Automation
Bash Scripting, Python Scripting.
IT Service Management
ITIL Framework, Process & Procedure Management, Change Management, Vendor Management, Trouble Ticketing Systems, Event Management.
Professional & Leadership Skills
Strategic Planning, Cross-functional Collaboration, Stakeholder Management, Technical Documentation, Team Leadership & Mentoring, Problem Solving, Communication (Oral & Written), Prioritization & Organization, Time Management, Decision Making, Adaptability to Dynamic Threats, Report Writing.