Arun Raj -resume - Skoch Group

1 AArruunn RRaajj || Mobile: + (91) 9562870005 | Email: AArruunn RRaajj CCEEHH,, CCHHFFII,, EECCSSAA,, IISSOO 2277000011 LLeeaadd AAuuddiittoorr CCeerrttiiffiieedd Address: Souparnika, Kondoor, Erattupetta-2, Kottayam, Kerala Mobile: + (91) 9562870005 | Email: IINNFFOORRMMAATTIIOONN SSEECCUURRIITTYY && IINNFFRRAASSTTRRUUCCTTUURREE PPRROOFFEESSSSIIOONNAALL SSeeeekkiinngg cchhaalllleennggiinngg aassssiiggnnmmeennttss ffoorr aa ccaarreeeerr eennccoommppaassssiinngg pprrooffeessssiioonnaall aanndd ppeerrssoonnaall eennhhaanncceemmeenntt - A bright, talented, ambitious and self-motivated IT professional with a strong technical background of information security, hardware, software designing, planning, testing, development and implementation. - Highly qualified with BTech in Information Technology from Mohandas College of Engineering and Technology, University of Kerala and several certifications including ISO 27001 Lead Auditor, CEH, ECSA and CHFI.

2 - Currently spearheading as Senior Consultant and Partner in Losam Technologies and Solutions Pvt Ltd., Kochi, Kerala. - Hands-on experience in designing and implementing wired and wireless networks; Cisco Adaptive Security Appliances (ASA), VPN solutions, WLAN controllers , WMS, routers and switches, RSA SecurID, Lightpointe P2P, Proxim wireless, Sonicwall and Juniper and security solutions. - Experience in design and Implementation of Data Centers including physical Layer (Cat 7 intelligent solutions), Server Infrastructure including Blade Servers , Storage Solutions etc. - Outstanding track record in conducting technical risk evaluation of hardware, software and installed systems and networks. - Extensive knowledge in ISO 27001 : 2005 auditing and compliance, Sarbanes Oxley compliance, certification and auditing (SOX) - A persuasive, educated and skilled professional adept at using initiative to develop effective solutions to problems with an active and dynamic approach to work and getting things done efficiently.

3 CCOORREE CCOOMMPPEETTEENNCCIIEESS - Information Security Management - System and Application Development - Vulnerability Analysis and Penetration Testing - Forensic Analysis, Malware Removal TTEECCHHNNIICCAALL EEXXPPEERRTTIISSEE Framework : Metasploit, SIFT Workstation Security Tools : BackTrack, Nessus, Acunetix, NMAP, Samurai WTF, Burpsuite Languages : C/C++, Python, AutoIT Methodologies : SIEM, OWASP Top 10 Forensic Tools : EnCase, SIFT, AccessData FTK Database : SQL Fundamentals (MySQL, MS SQL, PostGreSQL) Creative : Adobe Photoshop Website CMS : Wordpress, Joomla, Drupal - CCAARREEEERR HHIISSTTOORRYY Technology Expert (Software & Security) Oct 2013 Present Kerala State IT Mission - Responsible for information security of e-tendering platform of Govt of Kerala - Nodal officer for mobile governance - Be a part of Technical Committee for various departments - Implementation of Specialized projects.

4 Senior Consultant and Partner Sep 2011 Sep 2013 Losam Technologies and Solutions Pvt Ltd., Kerala - Responsible for information risk assessment and compliance testing for Government Clients AArruunn RRaajj || Mobile: + (91) 9562870005 | Email: - Carrying out vulnerability assessment, network scanning and penetration testing backtrack and Acunetix web scanner. - Performing computer forensic analysis and proficient in tools such as EnCase Forensic, AccessData FTK, SANS Forensic Investigation Toolkit (SIFT). - Conducting internal network testing and exploit analysis, network, host and application security analysis. - Responsible for social engineering vulnerability analysis and security advisory services. - Accountable for incident management and computer fraud investigations. - Delivering training on ethical hacking and forensic analysis. - Serving as a consultant for ISO 27001 Audit and Implementation, Sarbanes Oxley compliance, certification and auditing (SOX).

5 Lead Consultant Apr 2007 Aug 2011 CDAT Oman - Worked as a contractor for public and private sector organizations for various networking and security projects. - Consulted in information security domain, including experience and domain knowledge of corporate aspects of security. - Responsible for consultancy and implementation of security aspects especially in government and financial sector. - Assisted in the development of access-controls, separation of duties and roles. Conducted technical risk evaluation of hardware, software and installed systems and networks. - Installed and maintained security infrastructure, including IPS, IDS, log management and security assessment systems. - Assisted in design and implementation of physical security solutions such as CCTV, RFID and biometric access controls and data center monitoring solutions. - Worked as a lead engineer for passive networking projects (intelligent networks with Cat6a and Cat 7 products including Itracs systems).

6 - Installed and maintained IP PBX Systems including Digium Asterisk and CiscoUnified communication manager, unity express, IP telephony solutions including GSM gateway integration. - Designed and implemented wireless networks such as Proxim, Lightpointe, and Cisco; mesh and carpet systems. - Designed, installed and maintained Cisco Adaptive Security Appliances (ASA), VPN solutions, routers and switches, Sonicwall and juniper security solutions. - Responsible for designing, installing and maintaining servers, storage systems, Redhat native cluster systems, and storage systems (FiberCAT, iSCSI, NAS, SAN). Lead Implementer Jun 2006 Aug 2006 National Law University, Jodhpur, Rajasthan - Designed and installed Dspace digital library network at the university. - Installed Snort IDS and firewall. AACCAADDEEMMIIAA BTech in Information Technology Sep 2002 Jun 2006 Mohandas College of Engineering and Technology, University of Kerala PPRROOFFEESSSSIIOONNAALL DDEEVVEELLOOPPMMEENNTTSS - EC-Council Certified Ethical Hacker (CEH) - EC-Council Computer Hacking Forensic Investigator (CHFI) - EC-Council Certified Security Analyst (ECSA) - ISO/ IEC 27001:2005 ISMS Lead Auditor IRCA Certified Training - Certified Sarbanes Oxley Expert - Sarbanes Oxley Compliance Professionals Association (SOXCPA) - ISO/ IEC 27002.

7 2005 Information Security Foundation ISFS - RedHat Certified Engineer (training) - VMware Certified Professional (Training) - EMC2 Clarion Host Integration (Training) - Cisco Certified Design Associate (expired) - Fujitsu Certified Expert Support Engineer High End Blade Servers (expired) - Fujitsu Certified Storage Systems Engineer (expired) AArruunn RRaajj || Mobile: + (91) 9562870005 | Email: PPRROOFFEESSSSIIOONNAALL MMEEMMBBEERRSSHHIIPPSS - OWASP Community - SANS Community - Sarbanes Oxley (SOX) Compliance Professionals Association (SOXCPA) References available on request