Professional Documents
Culture Documents
ISC Confidential
ISC Confidential
ISC Confidential
ArdentStart
ROHAN Consultancy
TUKARAM JUNGHARE
info@ardent-start.com
Electronics and telecommunication Engineer (B.E)
Navi Mumbai, 400706
Email: rohanjunghare13@gmail.com
CONFIDENTIAL
MOB: +91-9372218923
Overview:
Industry Experience:
05 years in Infosec Audit and Compliance with 04 years of experience in Infrastructure audit & Governance,
IT/Internal infosec audit, cybersecurity risk assessment and management and security risk advisory
consulting BFSI/Finance/ Insurance/ Banking Domain.
Responsible for the implementation and control testing of the ISO27001 controls within the
account as per the framework requirements.
Gathering evidence, testing controls, highlighting exception/issues to the client and documenting the
controls pertaining to ISO and client frameworks.
Participate in the privacy risk assessments, DPIA, privacy program development support business continuity
planning and Disaster Recovery planning.
Developing the security and compliance strategy Delivery of and reporting on the status of all information security
audit recommendation
Experience in Information Security General Controls – Adept at ISO 27001, ISO22301, ISO27701, ITIL framework,
GDPR, PCI DSS, PA DSS
Experience on Cloud Security, application security, GRC, Security Audits
Perform audit of information security controls across all domains
Manage internal, External and customer audits, firewall rule review, configuration audit, access
review etc.
Business process audits to improve HR, Admin, IT and other departments audits.
Provide IT & Cyber risk management (IT, Cyber, Operational Resilience) advisory and guidance
to the stakeholders involved.
Inspira Enterprises India
February 2021 – June 2022
Key Objectives as a Cyber Security consultant:
Pro-efficiently Established procedures for identification and classification of business critical & most important
information assets.
Pro-efficiently derived the existing business processes and technology used to ensure that the
business follows regulatory requirements.
Conducted the various information security risk assessment programs associated with various key assets of the
organization
Communicated and present concisely and effectively across various levels of stakeholders
Advised management of critical issues that may affect the risk posture of the organizational information assets
Pro-efficiently Define the cyber security policies & procedures, cyber security strategies, conducted various
cyber risk/Gap assessment in terms of PPT (People, process & technology) as a part of Internal audit as well
as external/Third party audits.
Conduct risk assessment as per the client risk assessment methodology (ISO27001 ISMS) to identify gaps and
areas requiring management intervention to prevent misappropriations, ensuring that objectives of the
organization are achieved efficiently and effectively.
Pro-efficiently Established Cyber Security Operations Centre (C-SOC) for proactive monitoring using
sophisticated tools as per the NIST cyber security framework for detection, quick response and backed by tools
for data analytics
Good to Assist operations in performing the risk assessments for applications/infrastructure and business continuity
as per ISO 27001.
Able to Prepare metrics/reports when asked for by the management on various aspects of audit management,
including information security policy overview.
Proficient in implementing IT security tools like firewalls, IPS, WAF, Endpoint protection, Network Security etc.
IT Auditing certification like ISO27001, ISO22301 etc.
hands on exposure on security solutions, tools, vendors like SIEM- SOC, WAF, Proxy, etc.
Good Understanding of Patching, Vulnerability Assessments and Penetration Testing [VA-PT], App Risk
Assessments, Network security risk reviews etc.
Generated SOP on multiple IS topics and to assist senior management identify risks by conducting risk analysis.
Academics/ Education:
(Rohan T. Junghare)