Professional Documents
Culture Documents
PravinkumarJha
PravinkumarJha
Professional Summary:
Over 13 years of experience in cybersecurity, with a strong focus on vulnerability
management and application security
Proven track record of leading and managing multidisciplinary teams, fostering a culture
of security-by-design and continuous improvement
Skilled in implementing secure SDLC processes, conducting threat modeling,
and ensuring compliance with industry standards like ISO 27001, HIPAA, and
PCI.
Experience in researching, evaluating, and implementing new security tools
and technologies, Zero Trust Implementation, Security Automation.
Extensive experience in managing third-party information security risks,
including conducting vendor assessments, reviewing contracts, and ensuring
compliance with security standards
Proficient in technical project management, risk-based prioritization, and
driving remediation of identified vulnerabilities, budget management, and
resource allocation, delivering successful outcomes within established
timelines and budgets.
Led the development of a Supplier Security Questionnaire to improve
security screening of vendors and enhance overall security protocols
Excellent communication and collaboration skills, with experience convincing
stakeholders to remediate vulnerabilities and reduce cyber risks and a proven
track record of effectively liaising with cross-functional teams and external
stakeholders.
Adaptable and solution-oriented, with a passion for tackling complex technical
challenges and delivering impactful solutions.
Seeking a leadership role to drive innovation and enhance technology initiatives.
Skills:
Team Leadership
Vulnerability Management Lifecycle
Risk Based Prioritization
Secure SDLC and DevSecOps
Threat Modelling and Secure Architecture Review
Vulnerability Scanning and Penetration Testing
Stakeholder Management and Relationship Building.
Reporting and Metrics
Technical Project Management Resource Allocation and Adaptability
Software Quality Assurance and Release Management
Budget Management
Product, Application Security, CyberSecurity Operations
Certifications:
Google CyberSecurity Specialization
ISO 27001- Lead Auditor
CSSLP- Certified Secure Software Lifecycle Professional
ICSI | CNSS- Certified Network Security Specialist
API Security
DIAT CIAP- Certified Information Assurance Professional by Defense Institute of Advance
technology.
CSM- Certified Scrum Master
CSPO- Certified Scrum Product Owner
6 Sigma Green Belt.
ITIL V3
ISTQB- Foundation Level, Test Analyst, Test Manager
Generative Al at SAP
Oracle Certified SQL Expert.
Experience:
Manager (Associate Director), I0/2023 - 04/2024
Abbott Healthcare Pvt Ltd.- Mumbai
Spearheaded the establishment of Product Security and Automation Testing teams in
India, focusing on hiring top talent and procuring office space to support team
operations.
Collaborated with cross-functional teams to identify, prioritize and remediate
vulnerabilities based on risk, severity and potential impact
Aligned product requirements and test specifications from the Global Office to ensure
synchronization with local team activities.
Managed the team budget effectively, optimizing resource allocation to meet project
demands and financial objectives.
Conducted performance appraisals, one-on-one sessions, and provided constructive
feedback to team members to foster their professional growth and development.
Led the implementation of security measures and testing processes to ensure product
quality and compliance with industry standards and regulations.
Provided technical expertise and guidance on vulnerability management best practices to
application owners and developers
Collaborated with cross-functional teams to integrate security and automation practices
into the product development lifecycle.
Fostered a culture of innovation and continuous improvement within the teams,
encouraging collaboration and knowledge sharing.
Additional Information:
Familiar with emerging trends, regulatory changes, and evolving threats in the security
and compliance landscape.
Proven ability to prioritize multiple requests and communicate priorities effectively.
Experience in managing projects with diverse groups across multiple geographies.
Capable of resolving conflicts and identifying items requiring senior management
attention.
Experience:
MBA: Information Technology Management, 01/2018
TIMSR - Mumbai
Projects:
OWASP SAMM (6 months): Led the completion of OWASP SAMM Level 3 for
eClinicalWorks, enhancing the organization's software security posture.
ISO 27001 (12 Months): Successfully managed the auditing and implementation process,
resulting in ISO 27001 certification for eClinicalWorks.
Secure SDLC and DevSecOps (36 Months): Spearheaded the implementation of Secure
SDLC practices throughout the development cycle, integrating security measures from
requirement review to deployment. Implemented various security tools including
Sonarqube, Contrast Security, and Imperva WAF to fortify application security.
TMMi (24 Months): Implemented TMMi Level compliance and adherence within the QA
organization at eClinicalWorks, ensuring high-quality software testing practices.
IT & Business Continuity Planning (4 Months): Led business continuity planning efforts
for eClinicalWorks India location, ensuring seamless remote work capabilities for over
3000 staff and 4000 systems. Implemented VPN connections and increased firewall
throughput to support work-from-home initiatives, reducing overall IT costs and
enhancing user awareness through training programs.
Date:
Place: