Harsh Kharera

Review and Develop the Information Security policies and procedures. Monitor and govern the risk assessments for the assets listed in the information security risk register. Act as representative with respect to its security strategy and implementation. Develop and implement compliance reporting on information security policy and implementation. Oversee and support or conduct regular security awareness trainings/measures.

• Offer security advice to Shell and suppliers to assist in resolving questions and issues around risk management. • Provide Subject Matter Expertise for projects and business stakeholders, in combination with the Improvement Program. • Work with the architecture community to review new technology and architecture innovations. • Perform end to end Security Assessment on vendor offerings – New/Leveraging existing (SAAS / PAAS/IAAS) services.

• Established company-wide security best practices and protocols to mitigate risk of data breach. • Performed risk analyses to identify appropriate security countermeasures. • Working within the ISO 27000 series framework for information security risk management to deliver the IT security program and operate an Information Security Management System (ISMS). • Managing of services using established industry best practices such as CIS (Center for Internet Security) critical security controls.

• Security risk assessments of infrastructure projects and major changes to existing infrastructure in the APAC/UK region. • Provide risk assessment reports which include findings, risk and recommendations for issues noted during assessment. • Security consultancies to different stakeholders for advice, guide and enhancement of the security posture of the bank.

• Responsible for providing daily client support to Aladdin Clients. • Vulnerability management - ensuring vulnerabilities are identified and addressed for closure in a timely manner. • Security Administration - managing security controls such as antivirus, DLP controls to ensure compliance with IT & IS security standards. • Incident Management - Analyze and investigate IT security incidents to identify its root cause and to assist in resolution & mitigation actions.

• Group policy objects creation and management. • Evaluation and compliance with security measures such as Disaster Recovery and Emergency operating procedures etc. • Worked on user access/identity management. • Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored and /or transmitted patient data and protect against reasonably anticipated threats and hazards.