Bhavdipkumar Gadhavi - IT Security & Compliance Manager, Astics Inc - AavGo | TeroTAM

Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app

Network Power100+ people

Roles

✔️44%

🔥32%

Startup Founder

🧨29%

Consulting

Geos

🇮🇳70%

India

🇦🇪5%

United Arab Emirates

🇭🇺3%

Hungary

Work Background

AsticsIT Security & Compliance Manager

Jul. 2023Ahmedabad, Gujarat, India• Implemented and managed a comprehensive IT security program, ensuring compliance with industry standards and regulations (e.g., ISO 27001, PCI DSS, NIST, GDPR, HIPAA). • Led cross-functional teams to conduct regular risk assessments and vulnerability assessments to identify and prioritize security gaps, resulting in a more robust and resilient security posture. • Developed and maintained IT security policies, procedures, and guidelines, effectively communicating them to employees to foster a culture of security awareness and compliance. • Oversaw the implementation and management of security controls, including firewall configurations, intrusion detection/prevention systems (IDPS), and endpoint protection, resulting in a significant reduction in security incidents. • Collaborated with external auditors to conduct compliance audits, successfully achieving and maintaining regulatory certifications and industry accreditations. • Implemented and optimized Security Information and Event Management (SIEM) systems to centralize log analysis and enhance real-time threat monitoring capabilities. • Conducted security awareness training sessions for employees, enhancing the understanding of security best practices and minimizing the risk of social engineering attacks. • Oversaw the development and execution of business continuity and disaster recovery plans, ensuring the organization's ability to respond effectively to potential crises. • Assessed third-party vendor security risks and established vendor risk management procedures, ensuring the security of data and systems shared with external partners. • Coordinated with IT teams to ensure timely patching and updating of systems, applications, and network devices, reducing potential vulnerabilities and exposure to cyber threats. • Monitored industry trends and emerging cyber threats, proactively recommending and implementing security enhancements to stay ahead of potential risks.

WiproCyber Security Analyst

Oct. 2022 - Jun. 2023Delhi, India• Conducted quarterly Vulnerability Assessments on clients' servers and virtual machines, proactively identifying potential weaknesses in their systems. • Conducted bi-annual Penetration Tests on various network devices and servers to fortify security measures and protect against potential cyber threats. • Analyzed and evaluated the test results to determine the vulnerability score, providing actionable insights for enhancing security. • Skillfully identified and resolved false positives, strategically prioritizing vulnerabilities based on the specific needs of each client. • Utilized cutting-edge tools like Tenable – Nessus for comprehensive Vulnerability Assessment scanning, ensuring thorough and accurate evaluations. • Expertly performed Penetration Tests and utilized tools like Metasploit to simulate real-world attacks and bolster defenses. • Maintained proactive communication with clients and internal teams through regular follow-up emails, ensuring a timely and effective remediation process. • Provided clear and concise explanations of the remediation process to related teams, offering guidance and support throughout the resolution phase.

TMedia Business Solution Pvt. Ltd.Cybersecurity Officer & Network Administrator

Jan. 2022 - Sep. 2022Ahmedabad, Gujarat, India• Orchestrated company's comprehensive Bring Your Own Device (BYOD) program, overseeing employee device onboarding and conducting meticulous security assessments to ensure a fortified defense against potential threats. • Implemented robust controls and procedures to safeguard information system assets, proactively mitigating the risks of unauthorized access, modifications, or data breaches. • Monitored networks and network devices with unparalleled diligence, swiftly resolving technical issues leveraging the proficiency of Manage Engine and Lansweeper toolset. • Spearheaded the selection and deployment of cutting-edge intrusion detection system solutions, heightening the organization's cybersecurity posture across all facilities. • Leveraged Center for Internet Security (CIS) benchmarks to verify the effectiveness of ongoing security measures, reinforcing a proactive and adaptive security framework. • Conducted comprehensive vulnerability assessments and penetration tests remotely for a prominent international client, BTL, based in Belize. Leveraged CIS benchmarks for risk assessment and disaster recovery and business continuity planning (DRBCP). • Demonstrated expertise in conducting Vulnerability Assessment and Penetration Testing on the company's critical ERP product, E-Edification, and the Hospital Management System (HMS), fortifying the software's resilience against potential threats.

Rosnac Gwaizdor International Private LimitedWeb Application Penetration Tester

Sep. 2019 - Jan. 2022• Orchestrated collaborative efforts with external vendors to execute penetration tests on network devices, operating systems, and databases. • Spearheaded the development and maintenance of the company's WordPress website, ensuring rigorous testing and robust security measures were implemented. • Implemented and upheld comprehensive Standard Operating Procedures (SOPs) for the Security Infrastructure, ensuring a proactive and secure working environment. • Played a pivotal role in an international project in Yerevan, Armenia, contributing to cross-cultural collaboration and project success. • Took charge of managing and fortifying the company's social media and mailing accounts, safeguarding them against potential threats.

Envision Corporate ServicesWeb Application Tester & Security Analyst

Jul. 2017 - Aug. 2019Ahmedabad Area, India• Delivered comprehensive safety reports and data analysis to managers, facilitating informed decision-making on security processes. • Proactively monitored computer virus reports, ensuring timely updates to virus protection systems to safeguard against potential threats. • Spearheaded research and development efforts, resulting in the creation of innovative computer forensic tools. • Significantly mitigated security risks by 60% through the implementation of enhanced protocols and strict regulatory compliance. • Conducted thorough security audits, successfully identifying and addressing vulnerabilities to fortify the organization's defenses. • Demonstrated expertise in web application security by adhering to OWASP top 10 Standards, effectively bolstering security features.