ROHAN AMARAM

• Security Leadership & Guidance
  - Acted as the primary representative for the Security team, offering guidance and approvals for Modern Workplace and Cloud teams.
  - Designed and led a targeted assurance program to identify threats, mitigate risks, and ensure regulatory compliance.
• Collaboration & Stakeholder Engagement
  - Worked with key stakeholders to embed security best practices across the organization.
  - Monitored emerging risks and regulatory changes to ensure ongoing compliance.
• Incident Response & Testing
  - Led incident response testing, including tabletop exercises, simulations, SWIFT reviews, and audits to evaluate and enhance IT security measures.
  - Conducted regular control testing to assess the design and effectiveness of security controls.
• Risk & Compliance Management
  - Provided expert training on risk and compliance requirements to internal teams.
  - Conducted third-party security assessments to ensure vendor compliance with cybersecurity standards.
  - Assessed, reported, and communicated identified cybersecurity risks.
• Performance Monitoring & Reporting
  - Developed and tracked information security key performance indicators (KPIs).
  - Delivered regular reports to leadership and the Risk Management board on the security program’s status and potential risks.
• Remediation & Process Improvement
  - Oversaw remediation of risks identified through penetration testing, security reviews, incidents, and problem events.
  - Led service process improvements, security approvals, and exemptions.

• ISO Auditing & Certification
  - Audited and certified approximately 30 global companies, both large and small, to the ISO 27001 standard.
  - Evaluated current processes and recommended improvement plans to meet ISO 27001 and 9001 requirements.
• Reporting & Decision Support
  - Produced detailed reports to inform business decisions and help leaders manage risk, quality processes, and information security.
• Coaching & Leadership Support
  - Coached business leaders on ISO 27001 (Information Security Management System) and ISO 9001 (Quality Management System) standards.
• Relationship Management
  - Developed and maintained strong relationships with customers and suppliers through account development.
• Team & Resource Management
  - Established and adjusted work schedules based on staff levels and expected workloads.
  - Led audit teams, assigned tasks, and ensured completion within deadlines.
• Cross-functional Collaboration
  - Expanded organizational capacity by collaborating across departments on priorities, functions, and common goals.

• IT Infrastructure & Support
  - Led multiple IT infrastructure setup projects and provided ongoing support for small business IT services.
  - Drafted reports on equipment/property damage, incidents, and audits.
  - Monitored building access using surveillance equipment and logbooks.
• Vulnerability & Compliance Management
  - Conducted vulnerability analysis with tools such as Qualys, Wireshark, Burp Suite, and Nessus.
  - Led ISO:27001 compliance assessments for IaaS, PaaS, and SaaS environments.
  - Maintained the Statement of Applicability (SoA) for ISMS controls, mapping them to the risk register, and developed continuous monitoring procedures.
• Security & Change Management
  - Managed configuration change reports for security infrastructure platforms.
  - Conducted process gap analysis, aligning controls with client certifications.
  - Created service level agreements (SLAs) for IT operations, including help desk support.
• Risk & Issue Management
  - Identified, tracked, and escalated findings, performing impact analysis and prioritizing corrective actions.
  - Managed risk by recommending and executing corrective/mitigating actions.
• Project Planning & Budgeting
  - Contributed to project cost estimates and budget planning based on client assessments.

• IT Infrastructure & Cloud Operations
  - Managed global IT and cloud operations across Australia, India, and the Americas.
  - Led the IT infrastructure merger between Flextronics Australia and Energy Matter Australia.
  - Supervised system administrators and IT support, focusing on AWS cloud security and website protection.
  Compliance & Risk Management**
  - Conducted IT audits and risk assessments, leading GDPR implementation in Australia.
  - Executed SOX control testing and IAM reviews for NetSuite ERP and AWS environments.
  - Ensured PCI DSS compliance for payment systems and worked with legal on contracts.
• BCP/DR & Security
  - Developed and implemented BCP/DR policies, reviewed third-party procedures, and renegotiated SLAs.
  - Supported IoT, ICS, and SCADA security efforts and applied ISO/IEC 27001 security controls.
• Executive & HR Collaboration
  - Collaborated with executive teams to enhance development efficiencies.
  - Worked with HR to update NDAs and refine exit policies.
• Cost Optimization
  - Achieved 80% cost savings by transitioning from on-premise infrastructure to IaaS solutions.
• Reporting & Documentation
  - Produced reports using NIST RMF, NIST 800-53, and Continuous Diagnostics and Mitigation frameworks.

• IT Infrastructure & Support Management
  - Managed Windows desktops, Windows and Linux servers, providing day-to-day networking and support, including PtoV migrations, server builds on VMware, data migration, and desktop rollouts.
  - Proactively monitored IT infrastructure with monitoring tools and administered daily backups.
• Server & Data Migration
  - Migrated physical Windows 2008 R2 servers to virtual Windows 2012 R2 servers using VMware.
  - Implemented SIEM tools like Cacti and generated management reports.
• Security & Compliance
  - Established company-wide security best practices to mitigate data breach risks and conducted security audits to identify vulnerabilities.
  - Recommended improvements to security systems and procedures.
• Vendor & Inventory Management
  - Managed licensing agreements and renegotiated SLAs with third-party vendors.
  - Spearheaded inventory control for IT equipment, supplies, tools, and replacement parts.
• Issue Resolution & Network Monitoring
  - Resolved network and server issues, providing knowledgeable support and quality service.
  - Monitored networks and devices to quickly address technical problems.
  - Maintained flexible hours to respond to after-hours and weekend emergencies.

Technical Expertise & Innovation

• Stayed current on emerging technologies, integrating innovative solutions into existing systems when appropriate
• Analyzed system requirements and developed tailored solutions to meet or exceed client expectations
• Optimized server efficiency using virtualisation techniques and capacity planning

Vendor & Contract Management

• Managed vendor relationships, negotiating contracts for cost-effective hardware and software solutions

Compliance & Auditing

• Conducted regular system audits to ensure compliance with industry best practices and regulatory standards

Strategic Planning & Technology Guidance

• Contributed to strategic planning sessions, providing insights from a systems engineering perspective to guide technology decisions
• Coordinated with stakeholders to gather requirements, ensuring alignment with business objectives

Cloud & Data Management

• Facilitated seamless migration to cloud-based solutions, improving scalability and access
• Designed and implemented comprehensive backup strategies to safeguard critical data

Security & Risk Management

• Enhanced security posture by deploying advanced encryption and firewall technologies

System Upgrades & Optimization

• Recommended and implemented system upgrades to support business growth and future technology needs.
• Optimized system performance through regular hardware and software maintenance.
• Strengthened IT infrastructure by implementing comprehensive network security measures and monitoring systems.
• Established and maintained effective data backup protocols to safeguard critical information.

Hardware & Software Management

• Provided expert guidance on selecting hardware, software, and related equipment based on client specifications.
• Coordinated with vendors to secure cost-effective equipment replacements or repairs while ensuring quality standards.
• Applied software patches and updates to address security vulnerabilities and protect data integrity.

Network & System Assessments

• Conducted thorough assessments of existing client networks, identifying opportunities for improvement or expansion.
• Assisted in migrating legacy systems to modern platforms with minimal disruption to operations.
• Ensured servers and systems remained operational during peak periods to avoid network disruptions.

IT Support & Documentation

• Contributed to the creation of user-friendly documentation for IT support processes and procedures.
• Managed and processed support requests using ticketing systems to ensure timely resolution.
• Streamlined repair processes and updated procedures to maintain consistency in support actions.

Preventive Maintenance

• Developed and implemented preventive maintenance procedures to minimize system downtime.
• Managed systems and servers to keep networks fully operational during peak periods.

Infrastructure & Migration Coordination

• Led infrastructure demerger activities, including migrating servers, computers, user profiles, and email using the Quest Migration tool.
• Assisted in the creation of the SOE for a new Windows 7 environment and resolved related application issues.

Onsite Support & Collaboration

• Traveled to wineries across Australia and New Zealand, working with onsite teams to migrate infrastructure from Fosters domain to Treasury Wines Estates domain.
• Provided hands-on support during migration and demerger phases.

Continuous Improvement & Teamwork

• Supported continuous improvement efforts by offering suggestions and collaborating on problem-solving initiatives to enhance team performance.

Documentation & Reporting

• Produced detailed written communications, reports, and documents to facilitate smooth operations and ensure project progress.

• Project & IT Management
  - Led local and global projects, managing IT infrastructure (servers, PBX, backups, telepresence) and Level 2/3 support across Australasia.
  - Directed office consolidation, server, PBX, and warehouse setups, including global rollouts and call center implementations.
• Security & Compliance
  - Managed server environments (Windows, Linux, VMware) and ensured network security through log analysis, access control, and compliance audits.
  - Implemented Documentum CMS, global helpdesk, and printer rollouts across Australasia.
• Process Improvement & Risk Management
  - Streamlined incident tracking and identified process improvements to enhance security operations.
  - Conducted risk assessments, integrated security systems, and applied CIS benchmarks for performance verification.

• Technical Support & Problem Solving
  Served as an escalation point for complex technical issues, demonstrating product expertise and problem-solving.
  Collaborated with teams to develop solutions for recurring technical problems.
  Provided client training and support during rollout and post-rollout of new systems.
  
• Communication & Collaboration
  Translated technical details for non-technical stakeholders.
  Coordinated with vendors for warranty and repair processes.
  
• Efficiency & Automation
  Improved team efficiency through automation, reducing repetitive tasks.
  
• System Configuration & Maintenance
  Configured, tested, and maintained software, hardware, and network systems.
  Applied patches and updates to address security vulnerabilities.