Mustard

Profile : Ravinder Ahluwalia

Ravinder is a recognised IT security consultant with over 20 year's experience in the information security industry, his key skills are:

  • Writing and implementing security policies and standards based on ISO 27001, PCI DSS, ITIL and the Information Security Forum (ISF) "Standard of Good Practice"
  • Assisting organisations to become ISO 27001 and PCI DSS compliant with audits, vulnerability assessments and focused training and awareness programmes
  • Design/improvement and implementation of an ISMS in compliance with ISO 27001
  • Establish a security framework and its inclusion in the System Development Life Cycle (SDLC)
  • Implementing risk analysis methodology in the SDLC
  • Business Continuity (BIA, BCP and DR plan creation, review and testing)
  • Integration of information security with system business operation, strategy and requirements
  • Establishing and delivering information security awareness and training initiatives and educating workforce
  • Programme and project streams to enable architecture review and operational security impact to be planned at the earliest point in the programme
  • Ensuring that access control, disaster recovery, incident response and information risk management needs of an organisation are met
  • Audit and Compliance, including security audits, vulnerability assessments, penetration tests, fraud investigations, risk assessments and ISO 27001 & PCI DSS compliance
  • Penetration testing, VPN, Surfcontrol, Bluecoat and PKI

Assignments for: Accenture, London Stock Exchange, Ministry of Defence, Sainsbury's

  • Established a security framework and its inclusion in the SDLC
  • Security policies created and maintained to specific needs of the target organisation.
  • Implemented a Security Risk Analysis methodology based on SPRINT in SDLC. Conducted Business Impact Assessments, Risk Assessments and Developed security Plans for new and existing systems/applications
  • Designed, developed and delivered System Security Standards and System Security Operating Procedures
  • Investigated various security breaches. The investigations spanned all of the business areas including misuse of funds, internet abuse and fraud.
  • Developed and delivered tailored security awareness programmes
  • Audits and vulnerability testing of payment systems, applications, systems infrastructure, network infrastructure, remote access and web-facing applications

Assignments for: Abu Dhabi National Oil Company, British Gas, London Computing Centre, City of London Police

  • Designated as the British Gas Eastern Region's Data Protection Officer to advise management and staff of their responsibilities and obligations
  • Formulated, implemented and managed strategic Business Continuity plans and Disaster Recovery Plans.
  • Designed, developed and delivered Security Awareness programmes
  • Project managed the installation of a CRAY XMP-14 Supercomputer and an IBM 4361 system
  • Project managed the consolidation and merging two ICL mainframe services onto a single
  • ICL 3980 mainframe and the decommissioning and disposal of two ICL mainframe systems
  • Established and managed a large computer operations department

Back to consultants

Site Design: Sunwright Computing