Rahul Singh

• Manage large-scale projects and introduced new systems,
  tools, and processes to achieve the firm's objectives.
• Recommend and implement successful strategies to
  maximize the cybersecurity maturity in the firm.
• Assist the CISO of PwC New Zealand in handling operations
  of the NZ firm.
• Manage PwC Malaysia, Vietnam and Singapore member
  firms.

• Lead Global cyber security projects/programs for PwC Malaysia and Vietnam member firms
• Support PwC Singapore, New Zealand, Fiji and Papua New Guinea member firms in various cyber security related activities and improve cyber security maturity
• Work with PwC leadership in improving existing risk framework(s), practices, standards, etc.
• Conduct analysis of Line of Service (Business Unit) needs in order to make appropriate decisions for implementation of global security strategy
• Engage local, regional and global security risk teams in the review and re-engineering of key controls and processes to manage and reduce risk effectively and efficiently
• Engage with Line of Service stakeholders to assess security threats/vulnerabilities and manage business risk
• Facilitate business support from security architecture, engineering and Cyber Security Service Management throughout security service lifecycle
• Govern Lines of Service for compliance with PwC's Information Security Policy (ISP) and legal/regulatory frameworks
• Assist the Global Third Party Risk Management team in vendor risk assessments

• Responded to RFQs, RFPs and gave technical as well as executive presentations to clients
• Executed several large and complex projects related to penetration testing, vulnerability assessment, breach/compromise assessment, cyber security maturity assessment and cyber fraud investigation
• Performed several cybersecurity maturity assessments on organizations and rank current state of cybersecurity maturity across various cyber security domains. Delivered report that covered current state, gaps, risks, recommendations and comprehensive roadmap for organization to help it achieve their desired state
• Worked with clients to develop information security roadmaps and strategy, helped them in coming up with immediate, short term and long term plans
• Managed and led any engagement related to compromise assessment, breach investigation, digital fraud, penetration testing & vulnerability assessment
• Led team of consultants & ensured smooth project execution, and provided technical guidance while ensuring quality of deliverables
• Consistently delivered projects as per planned timelines, conducted documentation quality checks across security domain including process and technical activities
• Acted as subject matter expert (SME) for multiple cybersecurity and compliance projects

Part of the Bank's Third Party Risk Management team

• Interacted with all levels of management within the Bank while performing third party security reviews of vendors and outsourced service providers across all of the Bank's markets
• Effectively communicated and managed relationships with stakeholders globally
• Assisted in ensuring compliance with relevant regulations covering third party security risk
• Performed vendor assessments and created reports which included issue & risk statements, risk treatment plan, remediation timeline, etc.
• Maintained register of third party security risks and ensure that deficiencies are mitigated
• Supported any training and awareness initiatives relating to third party security risk

• Project manager for DDoS attack prevention and Mobile Device Management (MDM) projects
• Created new policies (e.g. BYOD, MDM, Wireless Communication, etc.) as per new requirements and modified existing policies to ensure alignment to the group policy
• Delivered several talks on information security awareness and on various other topics related to Information Security
• Performed regular vulnerability assessments and penetration testing activities on network devices and applications
• Acted as an Information Security (IS) Auditor, responsible for performing IS audits on teams responsible for various projects
• Assisted in establishing InfoSec best practices in the company, gap analysis, risk assessment, control assessment, etc. Also involved in training junior team members on technical skills

• Engaged in performing application (off-the-shelf, web based, thick client, mobile apps) security assessments. Part of the team that performed security assessments on a variety of applications
• Involved in external and internal Cyber Threat Intelligence (CTI) diagnostics. Part of the team that was involved in CTI activities, including active threat monitoring, malware analysis, etc

• RSA Archer eGRC Application Development and Customization
  Certified in RSA Archer product and was involved in Archer solution and application creation and customization
• Vendor Security Risk Assessment
  Involved in conducting vendor risk assessment for a multinational client using RSA Archer vendor management suite
• PCI DSS compliance
  Trained on PCI DSS compliance requirements and later assisted the compliance team in various related projects
• SIEM (RSA envision and HP Arcsight)
  Worked on SIEM projects, also assisted in log analysis and correlation
• Practice development related activities
  Involved in improving Information Security practice in the company, assisting in creating policies, identifying gaps, control recommendations, etc

• Performed web application security assessments of web applications for various HSBC banks
• Lead instructor for HSBC Global Technology (GLT) India and trained over 500 developers on secure coding. Also delivered Information Security awareness talks to over 2000 HSBC employees
• Part of project team for HSBC Group wide Data Leakage Prevention (DLP) and Role Based Access Control (RBAC) projects
• Sent by HSBC GLT India management to HSBC GLT Guangzhou, China to train members of the security team