Sapna Duggal
Ingle Farm,Australia
Summary
Focused Cyber Enthusiast with extensive knowledge of Network and Information Security. Leverages expertise in security software and products to build solid IT security infrastructure. Detail-oriented and proactive communicator dedicated to safeguarding the realm of digital security with a focus on safeguarding sensitive information and combating cyber threats.
Overview
8
8
years of professional experience
1
1
Certification
Work History
Cyber Security Engineer
NTT
02.2022 - Current
- Responsible for delivery of CyberSecurity Governance for all the managed clients.
- Identifying and Managing Risk Registers.
- Report sharing with the Client on monthly Half-Yearly and Quarterly Basis.
- Documenting all security-related incidents, investigations, and actions taken for future reference and improvement.
- Automated certain processes to save time and resources
- Conducting risk assessments to identify potential security risks and developing risk management strategies to mitigate them effectively (by adhering the ISO Controls)
- Collaborated with cross-functional teams to develop a standard approach for processes followed with different clients.
- Managing multiple Stake holders working with NTT
Senior Executive – Information Security
PayU
08.2020 - 08.2021
- Assess the effectiveness of key controls related to technology & information risk based on ISO27001, PCI-DSS etc
- And promote a healthy control environment, reduced timeframes to identify control failures and continuous improvement in design and operating effectiveness
- Liaise and assist external and internal audits in the performance of all relevant compliance plan audits, licensee audits and compliance process and procedure audits
- Developed a detailed plan to address and remediate the identified vulnerabilities
- Collaborate with relevant teams (e.g., IT, development) to establish a timeline and allocate resources for the fixes
- Drafted reports to deliver information to upper management and stakeholders
- Responsible for providing specialist 2nd line Risk advice, oversight and challenge on Data, Information Security and Risk management practices across PayU
- Provide expert advice to business managers in relation to technology and information risk and compliance and its relationship to business strategy
- Created an inventory of all assets within the defined scope
- This includes servers, workstations, network devices, applications, databases, and any other components relevant to the organization's infrastructure.
Security Engineer
British Telecom
01.2016 - 01.2020
- Configuring and Implementing changes on the security devices like firewalls, load balancer, proxies
- Plan and implement large scale network infrastructure deployments
- Prepare documents like Low Level Design, High Level Design, Plan of Action, etc
- As required by customers
- Worked on incident management with a strong track record of swiftly detecting and responding to cyber threats, ensuring organizational resilience against security incidents
- Had an opportunity to transition 200 ASAs to Palo-Alto devices
- Analyzed the identified vulnerabilities and assign risk ratings based on factors such as severity, potential impact, and exploitability
- Develop documentation for maintenance procedures for network infrastructure
- Customers: Banks, International Logistics company, Multinational Consumer Good corporation.
Education
Bachelor of Technology in Electronics Engineering -
Kurukshetra University
India, Delhi06.2012
Skills
- CISM
- Information Security Standards: ISO 27001, Payment Card Industry Data Security Standard (PCI-DSS)
- Firewalls: Palo Alto, Cisco ASAs, FMC, FTDs, Checkpoint
- Load Balancer: F5 Big IP
- ITSM Service now
- Microsoft 365
- Risk Assessment
- Self-Motivated
- Project Management
- Google Cloud
Accomplishments
- Achieved Standardization across multiple clients.
- Acknowledged by the Love Awards for the past two years during my tenure with my current employer.
- Recognized by multiple clients for streamlining reports and proactively addressing risks.
Certification
- CISM
- Palo Alto - PCNSE
- Cisco - CCNA
- Qualys - Vulnerability Assessment
- PRISMA -SASE
- CCSE
- ISO 27001:2013 Lead Auditor
- PCI-DSS
Timeline
Cyber Security Engineer
NTT
02.2022 - Current
Senior Executive – Information Security
PayU
08.2020 - 08.2021
Security Engineer
British Telecom
01.2016 - 01.2020
Bachelor of Technology in Electronics Engineering -
Kurukshetra University
Similar Profiles
RAYHANUL ISLAMRAYHANUL ISLAM
Technical Sales Specialist | Outbound Tele Sales at NTTTechnical Sales Specialist | Outbound Tele Sales at NTT
Jonathan KanamugireJonathan Kanamugire
Insurance Claim Examiner at NTTInsurance Claim Examiner at NTT
Tanawat RattanarachTanawat Rattanarach
Staff at NTTStaff at NTT
Ahmed AmriAhmed Amri
Level 3 Network Engineer at NTTLevel 3 Network Engineer at NTT
Cowan VosCowan Vos
Snowboard Instructor at Mt Buller Ski And Snowboard SchoolSnowboard Instructor at Mt Buller Ski And Snowboard School