Mithilesh Singh Cisa, Cism, Crisc, Cbcp, Hyderabad Area, India

Company Name

Wave Crest Group (Financial Services)

Position Held

Global Head - Information Security

Dates

0000 - Present

Details

Head of Information Security for the next generation payment technology, prepaid program management, specialized payment processing, merchant acquiring, BIN sponsorship, white label, Payment Gateway, Payment as a Service (Cloud Solution), Mobile Payment and e-money.Responsibilities also include:* Stakeholder Management on IT Governance and Information Security related regulatory compliance requirements (PCI DSS, SSAE16, ISO27001, ISO20000) for Wave Crest Payment Technology. * Implement Risk Management Framework to strengthen the Technology and Process related operational controls supporting the compliance requirement at Wave Crest Group Holding. * Develop and implement the Information Assurance framework based on industry standards (ISO27001, ISO20000, COBIT, ITIL etc.).* Develop and implement information security related policies, procedures and guidelines for the Information Security Management System (ISMS) framework across the Wave Crest Group. * Work closely with the Chief Technology Officer (CTO) & Chief Information Officer (CIO) for development of Secure Solution (SS) and Secure Infrastructure (SI) Strategy Framework. * Manage relationships for the security and its regulatory compliance related aspects of the e-payments value chain, including issuers, processors, payment networks, distributors and regulatory authorities. * Accountable for managing the internal and external IT Audit for Wave Crest Group Holding.* Manage all kind of relationships with various external agencies (Police, Cyber Cell, Law & Enforcement Dept., DR Cell etc…) in order to address any security incident and disaster recovery related requirements for the Group.* Develop, implement, operate and manage the Business Continuity Management (BCM) and IT Disaster Recovery for the Wave Crest Group.* Develop and operate the Security Operation Centre (SOC) in order to meet the Computer Security Incident Response Team (CSIRT) of Wave Crest Group Holding.

Company Name

Capgemini (Information Technology and Services)

Position Held

Security Architect

Dates

0000 - Present

Details

HMG security clearance (SC)He was responsible for defining, designing & delivering Enterprise Security Architecture for IT systems and supporting their formal accreditation in line with regulatory requirements (ex. HMG policy).Writing Risk Management Accreditation Document Sets (RMADS) in line with HMG policy. Responsible for delivering RMADS for HMG departments across UK.As an SME he is resposible for delivering ISO27001 Standard, ISMS Framework, PCI DSS, Virtualization & Cloud Services Security across multifaceted business environment.Directing the strategy, policy, standards and procedures to comply with regulatory (CPNI, CESG Memo’s etc) and contractual requirements, and ensuring that these support the business and management needs around Information Security.As a Program Manager (June 2010 - Dec 2011) he was responsible for delivering ISO27001 Certification Program for IT Services of one of the largest UK Government department. He has also implemented the Information Risk Management, Internal Audit, Information Assurance & Supplier Assurance Framework for the client. As an Information Security Officer (July 2007 - May 2010), he led the team of security professionals responsible for delivering Information Security, Business Continuity & Data Security Compliance for Capgemini India.

Company Name

Capita (Outsourcing/Offshoring)

Position Held

Manager (Information Security & Business Continuity)

Dates

0000 - Present

Details

Responsible for setting up ISMS & BCM for CAPITA, India Pvt Ltd. Developed the team of Information Security professionals responsible for Information Security, Data Security, Business Continuity and Security Compliance Management.