Jayesh S.
Details
Dickinson College
1997 : 2001
Loyola High School
- Play key thought leadership and operational role in driving all aspects of information security, risk and compliance management
- Lead security incident response management program
- Manage SOC-2 and HIPAA compliance programs
- Provide operational oversight of SOC
- Manage security and HIPAA awareness and training programs
- Lead Identity and Access Management program
- Complete all inbound security documentation & questionnaires
- Develop and maintain a framework of up-to-date security policies, standards and requirements
- Use threat intelligence to combat any current or future threats
- Manage penetration testing programs
- Review and continuously monitor cloud infrastructure security (AWS)
- Align information security and business continuity plans and exercises
- Create and lead Security Champions program (program design, organization outreach, training and co-ordination)
- Manage security reviews for existing and prospective vendors
2018 : Present
Force Therapeutics
Head Of Information Security, Risk and Compliance
Maintained & optimized AWS-based infrastructure and developed cutting-edge websites.
Used AWS, Linux, Wordpress, PHP, MySQL, JavaScript, CSS, Sass.
2016 : 2017
Bloomberg LP
Sr. Software Engineer
Helped build and maintain, in-house loan origination and servicing platform
Used PHP, Python, Docker, MySQL, JavaScript, Linux & AWS.
• refactored legacy application code, including financial reports
• integrated Docusign for executing electronic contracts
• built dynamic PDF generation framework
• integrated PHP code with financial model APIs
• build deployment scripts using Python and Jenkins
2015 : 2016
Credibly
Sr. Software Engineer
Helped architect and build REST APIs, web dashboards, and an in-house PaaS. Ensured application & system security in role as security champion.
- Built back-end REST APIs, and web dashboards using PHP, Symfony 2, JavaScript / node.js, MySQL, Oracle, MongoDB, Elasticsearch.
- Built in-house PaaS (platform as a service) and supporting tools using Docker, Python, PHP, shell scripting & AWS.
- Built in-house vulnerability scanning and server inventory tool using Python that helped identify servers and software needing urgent upgrades.
- Analyzed software and system architecture for security vulnerabilities and provided recommendations for successful mitigation.
- Implemented application performance monitoring using New Relic.
http : //marketing.rakuten.com/
2014 : 2015
Rakuten Marketing
Sr. Software Engineer
- Design and build innovative PHP-based technology platform bringing 24/7 support to young people in crisis using texting (SMS).
- Use modern frameworks and tools, including PHP 5, Symfony2, node.js, MongoDB, MySQL, JavaScript / jQuery, Git.
- Implement unit tests to increase software quality.
- Develop strong security measures.
http : //www.crisistextline.org
2013 : 2014
Crisis Text Line
Senior PHP Engineer
Skills
Agile Methodologies, Amazon Web Services (AWS), Application Architecture, Application Security, Authentication, AWS Security, Back-End Web Development, Carbon Black, Cascading Style Sheets (CSS), Cybersecurity, DevOps, General Data Protection Regulation (GDPR), German, Git, Github, Identity & Access Management (IAM), Information Security, Infrastructure, JavaScript, JSON, Linux, Mobile Applications, MVC, MySQL, Node.js, OAuth, OpenID Connect, OWASP, Penetration Testing, People Skills, PHP, Python, Representational State Transfer (REST), REST APIs, RESTful architecture, Security Assertion Markup Language (SAML), Security Incident Response, Security Information and Event Management (SIEM), SOC 2, Software Development Life Cycle (SDLC), SQL, Team Leadership, Threat & Vulnerability Management, U.S. Health Insurance Portability and Accountability Act (HIPAA), Vulnerability Assessment, Vulnerability Management, Vulnerability Scanning, Web Applications, Web Application Security, WordPress
About
SUMMARY
I am an experienced leader in the area of information security, IT, risk and compliance management.
I bring deep technical experience, communication and people skills and can translate fluently between the technical and business worlds.
SKILLS
- Provide information security, IT, and risk management leadership
- 15+ years of information security and software engineering experience
- Management of audits, including pen testing, SOC 2, and other compliance programs
- Perform internal vulnerability assessments
- Serve as internal information security consultant to the organization
- Manage network and cloud security (AWS) and Endpoint Detection and Response (EDR) programs
- Oversee vendor management programs
- Develop & review info-sec policies, procedures, and standards
- Understand network security, networking and firewalls
- Okta Certified Professional
SECURITY TOOLS
- Kali Linux
- AWS Guardduty, Cloudtrail, Cloudwatch, CIS Benchmarks
- OWASP Top 10 /Application Security Guidelines
- SIEMs (building alerts / custom searches)
- SSO / SAML
- Carbon Black Response & other endpoint security tools
- Vulnerability scanning tools (various)
SOFTWARE ENGINEERING / INFRASTRUCTURE SKILLS
- Experience driving security, performance and scalability of high-traffic & mission-
critical properties
- Amazon Web Services (CloudFormation, CloudFront, EC2, S3, SimpleDB, RDS, SNS, SQS)
- Experience with relational (MySQL) and document-oriented databases (MongoDB)
LANGUAGES
PHP, Python, JavaScript, Shell (and a few more)
DEVELOPMENT FRAMEWORKS
Django, Symfony2, Wordpress, Zend Framework, Angular
DATABASES
AWS RDS, MySQL, Microsoft SQL Server, Redis, MongoDB, PostgreSQL
MARK-UP
HTML / XHTML, CSS, Sass, XML
ETC
Linux (RHEL / CentOS / Ubuntu), Mac OS X, Windows, Git
Profile Photo
