Profiles search

Jayesh S.

Head Of Security, Risk and Compliance at Force Therapeutics
New York, NY, United States
Details

Education: B.A.



Dickinson College

1997 : 2001

Loyola High School

Experience: Manage information security, cloud security, HIPAA / SOC-2 compliance, risk management, vendor management and incident response programs.

- Play key thought leadership and operational role in driving all aspects of information security, risk and compliance management

- Lead security incident response management program

- Manage SOC-2 and HIPAA compliance programs

- Provide operational oversight of SOC

- Manage security and HIPAA awareness and training programs

- Lead Identity and Access Management program

- Complete all inbound security documentation & questionnaires

- Develop and maintain a framework of up-to-date security policies, standards and requirements

- Use threat intelligence to combat any current or future threats

- Manage penetration testing programs

- Review and continuously monitor cloud infrastructure security (AWS)

- Align information security and business continuity plans and exercises

- Create and lead Security Champions program (program design, organization outreach, training and co-ordination)

- Manage security reviews for existing and prospective vendors

2018 : Present

Force Therapeutics

Head Of Information Security, Risk and Compliance

Maintained & optimized AWS-based infrastructure and developed cutting-edge websites.

Used AWS, Linux, Wordpress, PHP, MySQL, JavaScript, CSS, Sass.

2016 : 2017

Bloomberg LP

Sr. Software Engineer

Helped build and maintain, in-house loan origination and servicing platform

Used PHP, Python, Docker, MySQL, JavaScript, Linux & AWS.

• refactored legacy application code, including financial reports

• integrated Docusign for executing electronic contracts

• built dynamic PDF generation framework

• integrated PHP code with financial model APIs

• build deployment scripts using Python and Jenkins

2015 : 2016

Credibly

Sr. Software Engineer

Helped architect and build REST APIs, web dashboards, and an in-house PaaS. Ensured application & system security in role as security champion.



- Built back-end REST APIs, and web dashboards using PHP, Symfony 2, JavaScript / node.js, MySQL, Oracle, MongoDB, Elasticsearch.

- Built in-house PaaS (platform as a service) and supporting tools using Docker, Python, PHP, shell scripting & AWS.

- Built in-house vulnerability scanning and server inventory tool using Python that helped identify servers and software needing urgent upgrades.

- Analyzed software and system architecture for security vulnerabilities and provided recommendations for successful mitigation.

- Implemented application performance monitoring using New Relic.

http : //marketing.rakuten.com/

2014 : 2015

Rakuten Marketing

Sr. Software Engineer

- Design and build innovative PHP-based technology platform bringing 24/7 support to young people in crisis using texting (SMS).

- Use modern frameworks and tools, including PHP 5, Symfony2, node.js, MongoDB, MySQL, JavaScript / jQuery, Git.

- Implement unit tests to increase software quality.

- Develop strong security measures.

http : //www.crisistextline.org

2013 : 2014

Crisis Text Line

Senior PHP Engineer

Company: Force Therapeutics

Years of Experience: 21

Spoken Language: German, Hindi

Skills Agile Methodologies, Amazon Web Services (AWS), Application Architecture, Application Security, Authentication, AWS Security, Back-End Web Development, Carbon Black, Cascading Style Sheets (CSS), Cybersecurity, DevOps, General Data Protection Regulation (GDPR), German, Git, Github, Identity & Access Management (IAM), Information Security, Infrastructure, JavaScript, JSON, Linux, Mobile Applications, MVC, MySQL, Node.js, OAuth, OpenID Connect, OWASP, Penetration Testing, People Skills, PHP, Python, Representational State Transfer (REST), REST APIs, RESTful architecture, Security Assertion Markup Language (SAML), Security Incident Response, Security Information and Event Management (SIEM), SOC 2, Software Development Life Cycle (SDLC), SQL, Team Leadership, Threat & Vulnerability Management, U.S. Health Insurance Portability and Accountability Act (HIPAA), Vulnerability Assessment, Vulnerability Management, Vulnerability Scanning, Web Applications, Web Application Security, WordPress
About SUMMARY

I am an experienced leader in the area of information security, IT, risk and compliance management.

I bring deep technical experience, communication and people skills and can translate fluently between the technical and business worlds.



SKILLS

- Provide information security, IT, and risk management leadership

- 15+ years of information security and software engineering experience

- Management of audits, including pen testing, SOC 2, and other compliance programs

- Perform internal vulnerability assessments

- Serve as internal information security consultant to the organization

- Manage network and cloud security (AWS) and Endpoint Detection and Response (EDR) programs

- Oversee vendor management programs

- Develop & review info-sec policies, procedures, and standards

- Understand network security, networking and firewalls

- Okta Certified Professional



SECURITY TOOLS

- Kali Linux

- AWS Guardduty, Cloudtrail, Cloudwatch, CIS Benchmarks

- OWASP Top 10 /Application Security Guidelines

- SIEMs (building alerts / custom searches)

- SSO / SAML

- Carbon Black Response & other endpoint security tools

- Vulnerability scanning tools (various)



SOFTWARE ENGINEERING / INFRASTRUCTURE SKILLS

- Experience driving security, performance and scalability of high-traffic & mission-

critical properties

- Amazon Web Services (CloudFormation, CloudFront, EC2, S3, SimpleDB, RDS, SNS, SQS)

- Experience with relational (MySQL) and document-oriented databases (MongoDB)



LANGUAGES

PHP, Python, JavaScript, Shell (and a few more)



DEVELOPMENT FRAMEWORKS

Django, Symfony2, Wordpress, Zend Framework, Angular



DATABASES

AWS RDS, MySQL, Microsoft SQL Server, Redis, MongoDB, PostgreSQL



MARK-UP

HTML / XHTML, CSS, Sass, XML



ETC

Linux (RHEL / CentOS / Ubuntu), Mac OS X, Windows, Git