Abdul Badruddin
Education:
Georgia State University
1999 : 2002
Associate of Science (A.S.)
Mathematics and Science
Porterville College
1996 : 1999
Experience:
At the helm of Khoros' global information security strategy, my leadership has always been geared toward combining innovation, resilience, and cost-effectiveness. Beyond achieving PCI Compliance, ISO 27001, and ISO 27701 certifications, I've championed the implementation of robust tools and high-class security standards, translating into significant cost savings without compromising our commitment to utmost security and resilience.
Key Responsibilities :
• Spearheaded the achievement of PCI Compliance, ISO 27001, and ISO 27701, raising our benchmark in data security and customer trust.
• Pioneered a robust BCP and a comprehensive Risk Management program, ensuring Khoros' adaptability and resilience in an ever-evolving threat landscape.
• Successfully implemented cutting-edge tools and adopted high-class security standards, leading to substantial cost savings while bolstering our security posture.
• Crafted a forward-thinking information security roadmap, perfectly aligned with Khoros' business trajectory and market ambitions.
• Encouraged cross-functional collaboration to foster secure product development and to ensure alignment with global compliance standards.
• Mentored a standout security team, pushing the envelope in innovation, early threat detection, and swift incident resolution.
• Amplified a pervasive security and cost-consciousness culture across Khoros, ensuring teams recognize the value of every security dollar spent.
With an eye on the future, I am dedicated to merging technological advancement with fiscal prudence, ensuring Khoros remains a trusted, resilient, and cost-effective leader in the industry.
2023 : Present
Khoros
Chief Information Security Officer (CISO)
As the head of Information Security and Governance Risk and Compliance at Khoros :
• I design and execute the company's security and compliance strategy, ensuring adherence to regulations and standards.
• I'm instrumental in fostering a robust security culture and promoting risk management best practices.
• Responsibilities encompass security architecture, cloud product security, incident response, and risk prioritization.
• I've launched programs like AICPA SOC 2 (Types 1 & 2), PCI DSS, and ISO27001 Compliance.
• I oversee a global team of security and GRC professionals with a budget of $5M.
• I've implemented major security tools for enhanced cybersecurity and support revenue-generating customer engagements through compliance expertise.
2022 : 2023
Khoros
Head Of Information Security and GRC
Deputy CISO and CPO
2021 : 2022
BeyondTrust
VP of Governance Risk and Compliance
• Designed, Implemented, and Managing a multi-level companywide Governance, Risk, and Compliance programs.
• Worked with the Executive Leadership team to create a Governance, Risk, and Compliance Committee to look after Compliance, Risk, Security, and Privacy Program
• Developed and managing all relevant documentation, policies, standards, guidelines and frameworks, embedding controls into process across the business and technology units.
• Implemented and managing a comprehensive IT Governance and Risk Management program that aligns with the company-wide enterprise risk management framework.
• Planning and implemented the AICPA SOC 2 Type 1 and Type 2 and ISO27001 Compliance Program and certification.
• Ensure effectiveness of internal processes including security management, secure software development, change control and new products.
• Developed and maintained compliance, risk, and security plans, procedures, and other documentation as required
• Advising management through reporting on risk profile and provided insight for decision making
• Managing internal and external audit and testing programs, reporting risks and areas that need correction to the senior management team and prioritizing compliance work.
• Managing responsibility for the setup of environmental monitors and application monitoring and logging.
• Built out a high performing team of risk professionals through recruitment, training, coaching, and performance management
• Organized and led Risk/Privacy/Compliance training programs across departments, in order to educate and inform employees about our practices and standards, raise the level of cooperation and help people to understand the rationale for the rules.
2019 : 2021
BeyondTrust
Director of Governance Risk and Compliance
• Designed and Implemented Security and Privacy program for Deloitte Platforms
• Completed a build out of the Security Operations Center to provide 24/7 support
• Developed and maintained security plans, procedures, and other documentation as required
• Worked with the Executive Leadership team to create a Governance Committee to look after Security and Privacy Program
• Advised management through reporting on risk profile and provided insight for decision making
• Put together and implemented monitoring and compliance processes
• Implementation of the Disaster Recovery, Business Continuity, and Risk Management plans.
• Provided the security subject matter expertise to all products hosted in the managed environment
• Leading the AICPA SOC 2 Type 1 and Type 2 compliance audits
• Implementation of Security related tools such as AV, IPS/IDS, Monitoring, Auditing, SIEM, etc.
• Manageed and lead the remediation efforts for identified risk, issues and incidents.
• Managed responsibility for the setup of environmental monitors and application monitoring and logging.
• Performing vulnerability security scans of systems to help identify and correct infrastructure security issues found in environments
• Provide guidance to the SOC team with troubleshooting security and infrastructure related issue.
• Working with the SOC team on managing incident response
• Manage SOC team performance, with regular 1 on 1’s, ensuring all team members have objectives, personal goals and are performing at a high level
2018 : 2019
Deloitte Consulting
Sr. Security and Compliance Manager (Deputy CISO and CPO Deloitte Innovation Lab)
Company: Khoros
Years of Experience: 27
Spoken Language: English, Urdu
• Ten years’ experience in large enterprise DC IT Operations, Application Support, and Asset management in a large, enterprise, global organization as Manager/Sr. Manager.
• Hire, train, supervise, mentor and evaluate 20 diverse and professional technical Level 3 Systems Administrators
• Managing the 24/7 operations support which consists of different offices within the US,SIN, and UK
• Provide support to leadership teams in Budgeting, Reporting, Policy Creations, and Infrastructure Planning
• Develop and revise relevant policies and procedures in consultation with management and staff, both in and outside of the department
• Implement incident management and response process and procedures
• Introduced and implemented a Change Management System to the organization
• Created various playbooks for vulnerability threat management ensuring defense against our system.
• Establish and monitor internal and external key performance measures ensuring business objectives are being met
• Plan, organize, and implement multi-faceted operation support programs, functions, and activities
• Created 24/7 Security Operations Center for corporate and production infrastructure for Interland
• Planning and documenting disaster recovery procedures and off site backup and recovery; supporting emergency management procedures and policy during Hurricane season for Interland/Peer1 MIA datacenter
• Managed implementing Digital travel distribution software for various customers at Datalex
• Conducted quarterly audit of corporate resources and production security policies
My contact details:
abdul.badruddin@gmail.com
678-571-8278
Feel free to email or call to talk about how I can help you!
I enjoy the challenges of helping grow a business, an active lifestyle, and time with my family