Sandamali S.

• Develop adequate policies and procedures to streamline the DFCC IT environment processes based on the ISO 27001 and other security requirements and government requirements. • Maintain process quality of the IT service which provided by the DFCC Group IT team based on the ISO 9001 • Conduct Information security review and provide required security measures for new system implementations • Providing support to IT team to conduct the periodic BCP drills and monitor and review the drill outcomes. Further, provide recommendation to improve the process. • Provide support to IT operation team to improve the information security within the DFCC IT environment • Provide support to IT team for implementation of external review recommendations • Reviewing system logs, firewall logs and network monitoring logs to identify and evaluate the suspicious activities. Provide support to analysis the suspicious security breaches and take necessary actions to minimize it. • Conduct and participate to security drills which conducted by security partners • evaluate possible risks encountered during the security reviews and process monitoring stages

Main responsibilities: • Perform engagement planning and finalization of review procedures before start the reviews • Conduct initial review meetings with relevant user department • Perform internal Information System audits in accordance with industry standards and best practices. • Conducting data center related audits in accordance with industry standards and best practices. • Provide support in implementing IT Security Infrastructure and IT Security Program • Develop final reports based on the review findings and communicate to senior management with appropriate/ feasible recommendations to mitigate risks identified. • Provide consultancy support for new system implementations and conduct pre-implementation reviews. • Provide consultancy support for ISO 27001/ ISO 9001 certifications and conduct pre-certification/ internal reviews for same • Provide consultancy support to develop corporate information security manual and IT related all manuals/ policies/ procedures. • Provide the adequate consultancy support to improve the organization IT controls/ Information security management. • Provide support to develop the company Business Continuity Management • Provide IT knowledge support to department team to carry out their day today works • Hand on experience in working with Oracle business objects (BO reports) and Structure Query Language (SQL) for analyzing data and develop required reports in various systems. • Participate to Amadeus Ticketing and Reservation system training • Conducted reviews : Internet booking engine, FlySmiles system, Call centre Fraud management system, Pricing system, HR system and finance systems, ISO 27001 and ISO 9001 pre-implementation and internal reviews