About Me

Rajeev Kumar Nikkumbh (CISM, CISSP, PCIP, ISA)    Profile  Rajeev is an information security consultant with 15 plus years of  experience in managing & executing projects in various security domains in areas of     Application Security, Data Security & Privacy, Security Assurance and Compliance, DLP, Data Obfuscation, Endpoint Security, Security operations and monitoring, n/w perimeter design & security, and information security governance.    He has been involved in the implementation of numerous security and compliance related projects & programs across US for various clients in domains like Banking, Retail, and Storage etc. He has guided several information security transformational engagements based on the nature of business on a multi-phase based approach based on information security standards, processes and technologies.

Education & Certifications ·         Bachelors of Engineering – Electronics and Communication ·        Certified Information Security Manager                                                   ·         Certified Information Systems Security Professional      ·        Payment Card Industry Professional A Few Representative Experiences: Payment Card Industry (PCI) Compliance for a leading Bank in USA: ·         Leading enterprise security compliance work for PCI DSS compliance for different business lines. ·        Subject matter expert on PCI DSS requirements and provide guidance and expertise   to projects or systems that are seeking to be compliant and address request submitted via eGRC archer portal. ·         Worked in the capacity of PCI-ISA and partnered with QSA’s for PCI assessment. ·       Establishing an innovative process and or framework to report on core PCI controls on a quarterly basis. GLBA/SOX/PCI/HIPAA compliance for a major retailer in USA : ·         Risk and Gap security assessment for PDX-EPS application based on security standards. ·     Prepared Access Control Matrix for PDX-EPS application with adherence to security & compliance requirements of the enterprise.  ·   Work with the business, technical, third party, cross functional teams to define security & compliance needs and implement innovative solutions that meet business objectives ·        Executed numerous projects for PCI/GLBA/SOX and HIPAA compliance Security Patch Management for the largest storage company in Canada : ·       Designed entire patch management framework to manage millions of desktops and servers across the globe via automated scanning and patch deployment. ·        Adherence to security and compliance requirement for the enterprise Network security and management for Government of India: ·         Secure network planning and consulting ·         Routing and switching decisions ·     Configuration and Maintenance of Cisco Gateway Router 7500, Cisco Aggregation Router 7200, Remote Access Server (RAS), Cisco PIX-515 firewalls, DNS servers, Mail, Proxy, Radius, Access Control Lists etc. Domain Expertise ·         Information Security Governance & Management Areas of Expertise & Competency ·          Subject matter expert on PCI, SOX, GLBA, HIPAA, ISO 27002/5 and privacy regulations ·          Risk and Gap assessment ·          Threat and Vulnerability assessment ·          Information Security Architecture ·          Access control systems and methodology ·          Application and systems development security ·          Business continuity and disaster recovery ·          Cryptography, Security Architecture & security model ·          Data security