Ajan Kancharla

• Successful implementation of ISO 27001 and VDA-ISA within the entire organisation, with VDA-ISA Maturity Level 3 within 1.5 years • WirelessCar’s ISMS implementation was recognised as Overall Top 3 Audits for ISO 27001 ever, among the 1000 Audits performed by Intertek’s External Audit Team • Alignment of ISO and NIST Cyber Security Framework Requirements

• Responsible for tactical service delivery of Risk Management, Disaster Recovery, Security Incident Management, Internal Audits, etc. • Assisting with the deployment and ongoing delivery of Information Security projects • Evaluating employee performance, setting goals, developing improvement & competency building plans • Provided leadership to Information Security Consulting Team as well as for clients for resolution of IT Security Issues and implementation of process improvements from lessons learnt.

• Created and launched an M&A (Merger & Acquisition) service for premium clients to help assist their businesses during/post an M&A • Created and launched Payment Card Industry Data Security Standard Compliance (PCI DSS) as a service • Developed best practices for Wi-Fi Security, that could be implemented at SMEs, using NIST & PCI DSS as the baseline • Lead Consultant for a large PCI-DSS Compliance Project for a Software Services Client (~5000 workforce, 4 locations)

• Assisted in the due diligence post the merger of Sigma Aldrich (SIAL) into the Merck Group • Identified the key business processes and the critical information assets and assisted in conducting a Gap Assessment of Legacy SIAL's IT Infrastructure (~15 teams) that is spread across all three regions (NASA, EMEA & APAC) impacting 52,000 no. of work force. • Developed an Enterprise Risk Assessment Framework, with Threat Modelling - in line with Merck and implemented the same.

• Worked as a Web-Application Security Researcher in a Security Software Development Company, replication of web application / network vulnerabilities using open-source tools such as Nmap, Sqlmap, Burp Suite • Worked as an Independent Contractor in a Human Rights NGO to develop & design a responsive Web Application along with an implementation of payment gateway for donations.

- Conducting Vulnerability assessments and analyzing results found and implementing solutions to close gaps found using Qualys. - Scanning system for Trojan detection. - Generating and reviewing Symantec antivirus reports on daily basis. - Working on IDS (McAfee) & Proxy (Bluecoat, Splunk) logs for Intrusion analysis. - Monitoring activities on IDS with tools McAfee IntruShield.

- Worked closely with clients and fellow colleagues to meet the requirements. - Managed all phases of multiple projects across various platforms without affecting performance of the work. - Planned and implemented a documenting process to be submitted to clients on timely intervals. - Developed project implementation plans - Acted as the Single Point of Contact (SPOC) for the clients and the ogranisation.

Security Testing Theory and Practice (Penetration Testing) ; Computer Security (Operating Systems) ; Security Management ; Cyber Crime ; Cryptography and Security Mechanisms ; Network Security