sunil shah
B Braun
Around 33 years of experience in IT focused in Project Management, Risk Management, security Analysis, network access control, perimeter security, intrusion detection, penetration testing and security awareness training. Strong skills in Management, security design and analysis, Penetration and Vulnerability testing, UNIX Support, firewall installation and support, Remote access control, VPN Security, and Intrusion Detection. Strong project management, time management, and organizational skills.
Certification: CISSP 5/2003
Checkpoint NG CCSE 6/2004
CEH – Certified Ethical Hacker 8/2008
CISM – Information Security Manager 8/2009
CCNA – Cisco Certified Network Admin 8/2010
ISSAP – CISSP Security Architect 6/2012
ITIL V3 – Service Management 9/2012
Technical Skills
Checkpoint R75, Gaia, SPLAT, ASA, Provider-1, Shell scripting, MDM, Linux, NESSUS, Netscreen, Cisco Router Configuration, Windows 2008, Remedy, TCPDUMP, Tripwire, penetration testing, ITIL V3, Forensic Analysis, Disaster Recovery, ISO 27001/2, implementation of security policy controls, log management.
Professional Experience
IT Security Manager B Braun 11/12 – Present
B. Braun Medical Inc. is a global company in the medical device manufacturing/pharmacy space. We work to implement a global IT security framework based upon the ISO 27001/2 security standards. Responsible for the implementation of Information Security Policies, procedures, standards, technical safeguards, and solutions identified to mitigate or reduce business exposure to information security risks.
• Develop disaster recovery program and business continuity plan for global location. Direct plans for disaster recovery plan test.
• Develop and maintain short term and long term Security Strategy Roadmap.
• Responsible for developing, documenting, maintaining, and communication of the Information Security Program to business segments. knowledge of the IT systems, information security, risk management, compliance and business operations to architect information security solutions to business initiatives.
• Conduct risk and information security assessments for company systems, business processes and third party vendors. This includes the