Upwork home
Sign up
Secondary
Suraj Kumar S.
Abu DhabiUnited Arab Emirates

Manager in Information Security - policy writer, CISM,CRISC,CISA,CISSP

Cyber Security Professional Certified on CISSP-ISSAP, ISSMP, CCSP, CSSLP, CCISO, CISM, CISA, CRISC, CGEIT, CIPM, CIPT, CDPSE, TOGAF, CEH, ECSA, ACSE, MCITP, RHCE, ISO 27001:2013, FSCA, CSSA, CompTia CySA+, Security+ Able to handle and Support any cyber security requirement exclusively on GRC, Strategy, RoadMap, Documentations etc. Always open to discussion. I have specialized in information and cybersecurity policy writing, IT security risk, IT audit and compliance with 14 years of experience, and proven ISO 27001 Lead Implementation practice. I can help organizations with ISO 27001, SOC 2, or other compliance framework preparation, implementation, creating and updating policies, and procedures. If your company need to update its policies and procedures or need to create new ones for: - a due diligence process/RFP security questioner, - you want to be compliant for regulatory reasons (PCI-DSS, GDPR, CCPA) - you are aiming at security certification (ISO 27001, SOC 2, HITURST CSF, HIPAA IRAP, FEDRAM, GDPR), - you just would like to level up your maturity in the security domain - simply just would like to consult and get informed of security best practices and need professional advice. Please don't hesitate to contact me! My knowledge, experience, and skill can help you to achieve your goal and succeed! Please click on the "Invite to Job" button, and let's talk! Over 14 years, I gained knowledge on both sides of the table: Governance, Risk, and Compliance (GRC) and security operation, implementation, engineering. My skills in Information (IT) and Cybersecurity includes: - Information Security Policies based on NIST guidelines or ISO 27001 including Incident Response Plan, Acceptable Use, Encryption Policy, Risk management, Audit logging and monitoring policy, User account and access management, Asset management, Data Classification, Change Management, Vulnerability and patch management, Asset Disposal, Third-party Management, Security Configuration, and many more. - Business Continuity Planning and Disaster Recovery Planning (BCP, DRP) - investigating cyber and information security incidents, - Policy reviews, GAP analysis, - IT audit - Risk assessment, - Evaluation of operation/technology/procedure against current industry best practices or regulatory requirements. - Information security awareness training and training material - Compliance specific training (GDPR, SOC2, NIST. RISK management) I have the following certifications: CISM, CISSP, CISA, PMP (project management), Microsoft, Azure, EC Council, Forescout, Checkpoint, Soniwall, Attivo Networks, RedHat, etc. I'm familiar (I'm actively working with them on a day to day basis) with the following compliance and security frameworks: ISO 27001, SOC 2 TSC, NIST CSF, GDPR, NIST 800-53, ISF SoGP, SANS, HIPPA, HITECH. HITRUST CSF, PCI-DSS You can keep ease of mind after we have agreed on the tasks, with more than 14 years of security industry experience independent operation is guaranteed. All the work is completed by myself; therefore focus and attention to your project are guaranteed.
Suraj Kumar S. has more jobs. Create an account to review them

Skills

  • Cybersecurity Management
  • Information Security Consultation
  • Vulnerability Assessment
  • Database Security
  • Security Analysis
  • Company Policy
  • Web App Penetration Testing
  • Policy Development
  • Policy Writing
  • ISO 27001
  • Procedure Development

Browse similar freelancers