AMAN

Summary

With over 10 years of experience, Aman is a Certified Information Security professional (CISSP), CCSK, and ISO 27001 LA & LI. He has conducted risk assessments and security audits for large banking, manufacturing, telecommunications, and aviation organizations. Aman is adept at following industry standards such as PCI DSS, SSAE 18, ISO 27001, ISO 27005, etc. Additionally, he has provided clients with consulting, auditing, and implementation support worldwide to improve their security and minimize risks.

SKILLS AND EXPERTISE

• Design and consult security solutions for on-premise, cloud (Azure and AWS), or hybrid.
• Conduct security training like PCI DSS, CISSP, CRISC,
• Scope and implement compliance frameworks like ISO 27001, SOC 2 (SSAE 18), PCI DSS, NIST Cyber Security Framework (CSF)
• Identify threats and vulnerabilities to conduct a risk assessment based on ISO 27005 framework and PCI DSS standard.
• Identify security gaps and suggest mitigating controls to minimize the associated risk to an acceptable level.
• Implement, manage, and maintain information security and compliance in-line with formulated project plans / strategic and tactical alignment of resources.
• Proven hands-on experience in security audits in-line with industry-accepted standards like PCI DSS, SSAE 18 ISO 27001, regulatory audits, GDPR, and Business continuity (ISO 22301).
• Exceptional expertise in assessing technologies used in the financial and banking sector, like CBS, CMS, Switch, ATMs, POS machines, etc.
• Hands-on expertise in assessing security/hardening of network devices, firewall ACLs, system health checks, bandwidth, servers, databases, etc.

CERTIFICATIONS AND FRAMEWORKS

• CISSP (Certified Information Systems Security Professional) by (ISC) 2
• CCSK (Certificate of Cloud Security Knowledge) by CSA
• ISO 27001 Lead Auditor and Lead Implementer
• ITIL V3 Foundations
• PCI DSS Qualified Security Assessor (QSA) by PCI Council
• PCI Card Production Security Assessor – Physical and Logical