Profiles search
Vishon Ganesh, CISSP, CISM
Senior Manager - Information Security - Security Operations Center at IAC
New York, NY, United States
Details
Experience:
- Lead and mentor the SOC team of analysts to proactively detect and mitigate potential threats, conduct thorough investigations, execute incident response protocols, engage in threat hunting, and escalate incidents as required.
- Spearhead the establishment and maintenance of cutting-edge security processes, controls, and standards across multiple domains, including Third Party Risk Management, Vulnerability Management, Change Management, and Asset Management.
- Develop and deliver comprehensive updates on cyber threats, activities, and trends to technical and executive stakeholders, ensuring effective communication of information security objectives and initiatives.
- Foster effective collaboration with business unit managers throughout the organization to effectively convey information security goals and drive alignment with new programs.
- Actively participate in security-related internal and external audits (e.g., GDPR, PCI DSS, SOX), ensuring compliance with regulatory requirements and industry best practices.
- Oversee and coordinate security-related testing initiatives, including purple team exercises, penetration testing, and bug bounty programs, to enhance the overall security posture of the organization.
- Evaluate and optimize departmental budget allocations, strategically managing costs associated with SOC tools and technologies.
- Champion a culture of security awareness by facilitating engaging and informative training sessions for employees, promoting a proactive and vigilant approach to cybersecurity.
2023 : Present
IAC
Senior Manager Information Security - Security Operation Center
- Manage the SOC team of analysts to identify potential threats, perform investigations, perform incident response, threat hunt & escalate as necessary.
- Maintain and establish new security processes, controls and standards in various areas, including Third Party Risk Management, Vulnerability Management, Change Management and Asset management.
- Develop and present regular updates for technical and executive audiences on cyber threats, activities and trends.
- Communicate information security goals and new programs effectively with other business unit managers within the organization.
- Participate in security-related internal and external audits (GDPR, PCI DSS, SOX, and more).
- Manage security-related testing (purple team, pen test, bug bounty) within the Organization.
- Evaluate department budget and costs associated with tools within the SOC.
- Facilitate security awareness training for employees.
2021 : 2023
IAC
Information Security Manager - Security Operations Center
• Lead the SOC team of analysts to identify potential threats, perform investigations, & escalate as necessary.
• Lead Evaluation, Implementation and Management of Security tools including Next-Generation SIEM, Security Automation and Orchestration (SOAR), Vulnerability Management etc.
• Develop threat trend analysis reports and metrics.
• Contribute to the ongoing architecture, design, configuration, integration & enhancements of a home grown SIEM.
• Provide support for compliance with GDPR, PCI DSS, SOX, and more.
• Lead the development of policies & documentation to support ongoing SOC activities (play books, procedures, processes etc.)
• Develop & present regular updates for technical and managerial audiences on cyber threats and activities.
Monitor threat landscape for emerging threats; communicate threat information to businesses.
2019 : 2021
IAC
Team Lead - Security Operations Center (SOC)
• Ensure the development, testing and implementation of appropriate security plans, products and control techniques. Help identify protection goals, objectives and metrics consistent with the corporate strategic plan
• Guide Stakeholders, leadership, and managers on information security strategy, architecture design and incident response, proactively addressing the needs of the internal client community in order to consistently meet or exceed defined levels of security
• Coordinate information security initiatives with IT, Legal, Operations and Privacy stakeholders
• Act as the liaison between CBS Information Security Group and stakeholders, coordinating the research, evaluation, design, testing, and implementation of new or improved information security systems
• Coordinate vulnerability assessments of deployed software applications and enterprise systems, to include penetration testing, architecture reviews and patch management
• Aide implementation of security in the media supply chain, and high-profile applications such as subscriber-facing applications as well as scheduling and broadcast systems and systems that manage pre-air content
• Participate in the activities of the internal and external content protection groups and assess third parties receiving pre-air content
• Work with production teams to identify risks and implement security controls to mitigate them
• Assist in security compliance activities to ensure business units are able to meet internal audit, legal and regulatory requirements
2018 : 2019
CBS Corporation
Senior Business Information Security Advisor
• Build internal systems to model and analyze active threats against company properties
• Build/Enhance internal tools that detect and respond to security issues
• Perform analysis of large attacks and threat datasets to minimize risk exposure
• Perform malicious code analysis and document results
• Provide security guidance on a constant stream of new projects and technologies
• Monitors and performs investigative activities related to information security policies, standards,
directives and exceptions
• Advise business units on risk and mitigation strategies
• Perform host platform vulnerability assessment using defined hardening standards and
methodologies.
• Investigate suspicious security event activity.
• Provide data to the Forensic, eDiscovery and Incident Response teams.
• Ensure that all monitoring and activity reports run successfully.
• Review and modify the security technology rules and filters to better detect and prevent security
incidents.
• Develop and implement automation and logic for security correlation purposes.
• Participate in escalated security incidents via post incident review meetings.
• Research new and emerging threats to gain insight and understanding of the evolving threat landscape.
• Develop, document, and present general and technical presentations on security operations.
2014 : 2019
CBS Corporation
Senior Information Security Analyst - Engineering, Threat Intelligence and Vulnerability Management
- Spearhead the establishment and maintenance of cutting-edge security processes, controls, and standards across multiple domains, including Third Party Risk Management, Vulnerability Management, Change Management, and Asset Management.
- Develop and deliver comprehensive updates on cyber threats, activities, and trends to technical and executive stakeholders, ensuring effective communication of information security objectives and initiatives.
- Foster effective collaboration with business unit managers throughout the organization to effectively convey information security goals and drive alignment with new programs.
- Actively participate in security-related internal and external audits (e.g., GDPR, PCI DSS, SOX), ensuring compliance with regulatory requirements and industry best practices.
- Oversee and coordinate security-related testing initiatives, including purple team exercises, penetration testing, and bug bounty programs, to enhance the overall security posture of the organization.
- Evaluate and optimize departmental budget allocations, strategically managing costs associated with SOC tools and technologies.
- Champion a culture of security awareness by facilitating engaging and informative training sessions for employees, promoting a proactive and vigilant approach to cybersecurity.
2023 : Present
IAC
Senior Manager Information Security - Security Operation Center
- Manage the SOC team of analysts to identify potential threats, perform investigations, perform incident response, threat hunt & escalate as necessary.
- Maintain and establish new security processes, controls and standards in various areas, including Third Party Risk Management, Vulnerability Management, Change Management and Asset management.
- Develop and present regular updates for technical and executive audiences on cyber threats, activities and trends.
- Communicate information security goals and new programs effectively with other business unit managers within the organization.
- Participate in security-related internal and external audits (GDPR, PCI DSS, SOX, and more).
- Manage security-related testing (purple team, pen test, bug bounty) within the Organization.
- Evaluate department budget and costs associated with tools within the SOC.
- Facilitate security awareness training for employees.
2021 : 2023
IAC
Information Security Manager - Security Operations Center
• Lead the SOC team of analysts to identify potential threats, perform investigations, & escalate as necessary.
• Lead Evaluation, Implementation and Management of Security tools including Next-Generation SIEM, Security Automation and Orchestration (SOAR), Vulnerability Management etc.
• Develop threat trend analysis reports and metrics.
• Contribute to the ongoing architecture, design, configuration, integration & enhancements of a home grown SIEM.
• Provide support for compliance with GDPR, PCI DSS, SOX, and more.
• Lead the development of policies & documentation to support ongoing SOC activities (play books, procedures, processes etc.)
• Develop & present regular updates for technical and managerial audiences on cyber threats and activities.
Monitor threat landscape for emerging threats; communicate threat information to businesses.
2019 : 2021
IAC
Team Lead - Security Operations Center (SOC)
• Ensure the development, testing and implementation of appropriate security plans, products and control techniques. Help identify protection goals, objectives and metrics consistent with the corporate strategic plan
• Guide Stakeholders, leadership, and managers on information security strategy, architecture design and incident response, proactively addressing the needs of the internal client community in order to consistently meet or exceed defined levels of security
• Coordinate information security initiatives with IT, Legal, Operations and Privacy stakeholders
• Act as the liaison between CBS Information Security Group and stakeholders, coordinating the research, evaluation, design, testing, and implementation of new or improved information security systems
• Coordinate vulnerability assessments of deployed software applications and enterprise systems, to include penetration testing, architecture reviews and patch management
• Aide implementation of security in the media supply chain, and high-profile applications such as subscriber-facing applications as well as scheduling and broadcast systems and systems that manage pre-air content
• Participate in the activities of the internal and external content protection groups and assess third parties receiving pre-air content
• Work with production teams to identify risks and implement security controls to mitigate them
• Assist in security compliance activities to ensure business units are able to meet internal audit, legal and regulatory requirements
2018 : 2019
CBS Corporation
Senior Business Information Security Advisor
• Build internal systems to model and analyze active threats against company properties
• Build/Enhance internal tools that detect and respond to security issues
• Perform analysis of large attacks and threat datasets to minimize risk exposure
• Perform malicious code analysis and document results
• Provide security guidance on a constant stream of new projects and technologies
• Monitors and performs investigative activities related to information security policies, standards,
directives and exceptions
• Advise business units on risk and mitigation strategies
• Perform host platform vulnerability assessment using defined hardening standards and
methodologies.
• Investigate suspicious security event activity.
• Provide data to the Forensic, eDiscovery and Incident Response teams.
• Ensure that all monitoring and activity reports run successfully.
• Review and modify the security technology rules and filters to better detect and prevent security
incidents.
• Develop and implement automation and logic for security correlation purposes.
• Participate in escalated security incidents via post incident review meetings.
• Research new and emerging threats to gain insight and understanding of the evolving threat landscape.
• Develop, document, and present general and technical presentations on security operations.
2014 : 2019
CBS Corporation
Senior Information Security Analyst - Engineering, Threat Intelligence and Vulnerability Management
Company:
IAC
About
Demonstrating an established leadership role in cybersecurity, proficiency is shown in designing and implementing enterprise-wide solutions. These solutions consistently enhance operational stability, efficiency, and profitability. An ability to adapt and learn quickly in dynamic, fast-paced environments speaks volumes about the extensive experience in the industry.
Renowned for the skill in building and nurturing relationships, success is marked by partnering with various business leaders and motivating teams towards achieving key business initiatives. Adept communication skills enable engagement with diverse audiences and cater to end-users at all organizational levels.
People skills form the foundation of this leadership style. As a committed team player, exceptional patience is exercised to facilitate harmonious working relationships. Noted as a critical thinker, known for practical yet imaginative approaches to workflow management and process improvements.
Consistently deploying projects within set time and budget parameters ensures minimal disruption to vital business processes. Proficiency with enterprise-level reporting and monitoring tools underscores effectiveness in project management and execution.
Throughout career, an unwavering commitment to achieving organizational objectives is maintained, and continual advancements within the cybersecurity landscape are strived for.
Profile Photo
