Profiles search
Pranjal Nagar
Information Security Governance, Risk, and Compliance Program Manager @ LinkedIn
Seattle, WA, United States
Details
Experience:
2022 : Present
LinkedIn
Staff Information Security Policy & Governance Program Manager
Providing support for ISACA Puget Sound Chapter's Education initiatives
2022 : 2023
ISACA
ISACA Puget Sound Chapter - Education Committee Member
Provide program and project leadership for security governance, risk, and compliance initiatives for the organization.
• Leading the Policy Governance and Enforcement program within T-Mobile. Responsibilities include program management effort to stand up an initiative within the enterprise to measure organization’s conformance to policies and standards, and drive remediation for non-conformance.
• Leading the security policy and compliance assurance program. Responsibilities include establishing, maintaining, and implementing organization policy and compliance vision, strategy, and roadmap.
• Fully deployed compliance tool across the organization for automated compliance monitoring of applications against Payment Card Industry (PCI) standards and industry security benchmarks (DISA STIG).
• Providing program management for building and maintaining T-Mobile’s policies and standards management lifecycle
• Leading effort to identify, assess, prioritize, communicate, and monitor security risks within the engineering organization. Oversee security risk and maturity assessment based on NIST CSF, and identification of threats and vulnerabilities using techniques like threat modeling.
• Defining the process to integrate security requirements into the Engineering Software Development Lifecycle (SDLC).
• Defining and leveraging Security Metrics and reporting to gain situational awareness and enable continuous improvement
2015 : 2022
T-Mobile
Sr Ent Information Security Manager
Responsible for managing the SiteMinder certification team, comprising of 12 engineers. Worked on adding support for new and existing versions of third party components used by SiteMinder. Worked with support engineers and product managers in US to drive customer requirements. Worked with customers directly to handle escalations.
• Led transition of the certification team from off-shore site to the India Development Center(IDC).
• Interviewed, hired, trained and mentored engineers to build a new 12 member certification team in IDC.
• Ensured delivery of features was not disrupted during and after the transition
• Managed program with broad responsibilities such as : maintaining budget (forecast and actuals); establishing infrastructure and project processes; status reporting and monthly reviews with Sr. Mgmt and communications with stakeholders.
• Drive road mapping, strategy documentation, and capabilities assessments.
• Helped prioritize requirements to meet customer and business needs
• Evolved processes followed by engineers which helped optimize execution and improved efficiency of the team
• Helped automate deployment of infrastructure components used during the certification process
• Revamped test cases which helped reduce time taken to execute tests run as part of certification.
• Played the role of a liaison between India engineering team and the US cross-functional teams to drive completion/maintenance of certifications to customers.
Key Achievements :
o Successfully planned and delivered customer escalated and time critical certifications resulting in big financial deals and win over competitive rivals.
o Worked with engineering to design and add support for new versions of third party web servers & application servers
o Worked with engineering and executive management to reduce third party product gap in CA SiteMinder by 30% in 2 years
o Conceptualized strategy and defined new model which helped increase CA SiteMinder new platform certifications
2007 : 2014
CA Technologies
Software Engineering Manager
2004 : 2007
NetApp
Member of Technical Staff
Staff Information Security Policy & Governance Program Manager
Providing support for ISACA Puget Sound Chapter's Education initiatives
2022 : 2023
ISACA
ISACA Puget Sound Chapter - Education Committee Member
Provide program and project leadership for security governance, risk, and compliance initiatives for the organization.
• Leading the Policy Governance and Enforcement program within T-Mobile. Responsibilities include program management effort to stand up an initiative within the enterprise to measure organization’s conformance to policies and standards, and drive remediation for non-conformance.
• Leading the security policy and compliance assurance program. Responsibilities include establishing, maintaining, and implementing organization policy and compliance vision, strategy, and roadmap.
• Fully deployed compliance tool across the organization for automated compliance monitoring of applications against Payment Card Industry (PCI) standards and industry security benchmarks (DISA STIG).
• Providing program management for building and maintaining T-Mobile’s policies and standards management lifecycle
• Leading effort to identify, assess, prioritize, communicate, and monitor security risks within the engineering organization. Oversee security risk and maturity assessment based on NIST CSF, and identification of threats and vulnerabilities using techniques like threat modeling.
• Defining the process to integrate security requirements into the Engineering Software Development Lifecycle (SDLC).
• Defining and leveraging Security Metrics and reporting to gain situational awareness and enable continuous improvement
2015 : 2022
T-Mobile
Sr Ent Information Security Manager
Responsible for managing the SiteMinder certification team, comprising of 12 engineers. Worked on adding support for new and existing versions of third party components used by SiteMinder. Worked with support engineers and product managers in US to drive customer requirements. Worked with customers directly to handle escalations.
• Led transition of the certification team from off-shore site to the India Development Center(IDC).
• Interviewed, hired, trained and mentored engineers to build a new 12 member certification team in IDC.
• Ensured delivery of features was not disrupted during and after the transition
• Managed program with broad responsibilities such as : maintaining budget (forecast and actuals); establishing infrastructure and project processes; status reporting and monthly reviews with Sr. Mgmt and communications with stakeholders.
• Drive road mapping, strategy documentation, and capabilities assessments.
• Helped prioritize requirements to meet customer and business needs
• Evolved processes followed by engineers which helped optimize execution and improved efficiency of the team
• Helped automate deployment of infrastructure components used during the certification process
• Revamped test cases which helped reduce time taken to execute tests run as part of certification.
• Played the role of a liaison between India engineering team and the US cross-functional teams to drive completion/maintenance of certifications to customers.
Key Achievements :
o Successfully planned and delivered customer escalated and time critical certifications resulting in big financial deals and win over competitive rivals.
o Worked with engineering to design and add support for new versions of third party web servers & application servers
o Worked with engineering and executive management to reduce third party product gap in CA SiteMinder by 30% in 2 years
o Conceptualized strategy and defined new model which helped increase CA SiteMinder new platform certifications
2007 : 2014
CA Technologies
Software Engineering Manager
2004 : 2007
NetApp
Member of Technical Staff
Company:
LinkedIn
Spoken Language:
English, Hindi
About
Senior information security program manager with notable success managing a broad range of cyber security initiatives in areas of cyber risk, compliance, and security governance.
Areas of focus:
• Program and Project Management
• Security Policy Governance & Management
• Cyber Maturity Assessment
• Process Improvement & Metrics
• Security Risk Management
• Strategy & Roadmap Development
• Security Compliance Management (NIST CSF, NIST 800-53, PCI)
• Governance, Risk, and Compliance (GRC)
• GRC Tools (RSA Archer)
• Critical Infrastructure Cybersecurity & Resiliency
Profile Photo
