Prakash Selvarajah
Mississauga,ON
Summary
Looking to retain a role as IT Security Manager and utilize my leadership skills to motivate staff and production team to improve productivity and meeting organization objectives by delivering projects on time with in target budget.
Overview
24
24
years of professional experience
1
1
Certification
Work History
Team Lead / Cloud and Endpoint Security
GOEASY
01.2022 - Current
- Develop and implement comprehensive security strategies and plans to safeguard company assets, personnel, and information
- Conduct risk assessments to identify potential security threats and vulnerabilities
- Collaborate with cross-functional teams to integrate security measures into business processes
- Oversee day-to-day security operations, including access control, surveillance, and incident response
- Monitor security systems and technologies, ensuring their effectiveness and addressing any issues promptly
- Coordinate with external security vendors and law enforcement agencies as needed
- Develop and enforce security policies and procedures in compliance with industry regulations and standards
- Stay abreast of the latest security trends, threats, and technologies to continuously improve security measures
- Conduct regular security training for employees to enhance awareness and adherence to security protocols
- Foster a culture of security consciousness and responsibility among all staff members
- Lead and coordinate incident response efforts in the event of security breaches of emergencies
- Conduct thorough investigations into security incidents, providing detailed reports and recommendations for improvement
- Manage and mentor the security team, fostering a collaborative and high-performance work environment
- Ensure proper staffing levels, training, and development of security personnel
Sr Information Security Analyst
Burlington Hydro Inc
09.2021 - 01.2022
- Provide vision and leadership for developing and supporting security initiatives
- Assess risks and internal control dependency on systems by identifying areas of non-compliance and evaluating risks related to key technology processes
- Coordinate timely activities as it relates to internal, external, and regulatory audit requests including SOX, SOC1, SOC2
- Conduct and review business impact analysis, implements and coordinates disaster recovery planning and disaster recovery exercises where required
- Conduct risk assessments and supports the stakeholders in determining the appropriate treatment of identified risks; identify appropriate action plans for risk remediation
- Inventory, assess significance, assign accountability, and develop appropriate monitoring for the control environment
- Conduct IT compliance reviews including user access reviews, risk assessments, control objectives monitoring, and vendor assessments
- Liaise with Information Privacy Assessment Office and identify IT compliance requirements and assist with creation and maintenance and coordinate IT responses to regulatory audits
- Work with and supports the development of the risk and compliance practice with IT management and the leadership team
- Assist in the creation and maintenance of the information security risk register, audit requests, and vendor assessments
- Assist in gathering information asset inventory, including identification and valuation, including any strategies and methodologies around loss scenarios
- Lead complex analysis and generates KRIs/KPIs, validates compliance and develops actionable recommendations
- Stay abreast of current technologies, trends and directions, specifically around industry best practices and standard frameworks
- Utilize and maintain a depth of understanding for any applications and tools required for risk execution and reporting needs
- Development, administration, and implementation of IT risk policies, procedures, guidelines, and standards
- Support the stakeholders in understanding and applying IT risks, security best practices and processes framework
- Perform consultation and development of the IT objectives and requirements of the risk program
- Partner with IT managers and team members to ensure risk and compliance issues are identified, defined, communicated, and addressed
- Provide effective mentoring and guidance to other IT personnel and may assist in developing policy, standards, and procedures
- Collaborate in change management communications and processes, with focus on facilitating risk and compliance training for all affected staff
- Document, track, and investigate information security events, requests, and incidents
- Implement and review information security policies, guidelines, procedures, training materials, awareness campaigns, internal bulletins, and portal contents
- Business Continuity and Disaster Recovery program administration including conducting impact assessments, disaster recovery plans development and coordinating disaster recovery exercises
- Manage Ontario cyber security framework-administration, corporate cyber security policy/procedure
Sr Information Security Specialist/Analyst
TD Bank
10.2020 - 08.2021
- Detect, prioritize and remediate vulnerabilities, and monitor using dashboards
- Perform Vulnerability Scan – Ad-Hoc, On Demand OS scan, HPSA and DLP using Qualys and Symantec
- Guide and advise partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents
- Engage in assessments related to risk, controls, implemented control procedures, vulnerability etc
- Lead or contribute to risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy
- Actively contribute to the definition, development, and oversight of a global security management strategy and framework
- Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats to TD
- Develop on-going technology risk reporting, monitoring key trends and defining metrics to measure control effectiveness for your own area
- Apply a teamwork philosophy with technology and partners, service or platform owners to integrate all technology security components and address control gaps
- Consult on regulatory compliance requirements, reporting and questions
- Provide support and consulting for Audits, help compose management responses and appropriate remediation activities
- Participate in computer security incident responses relevant to business (or enterprise wide), represent your respective position to the business while conveying their needs to the incident response team
- Adhere to policies, procedures, technology control standards and regulatory guidelines
- Contribute to internal activity and process review, flag windows for improvement
- Adhere to advise, oversee, monitor, and enforce enterprise, frameworks and methodologies related to technology controls/ information security activities
- Influence behavior to reduce risk, foster a strong technology risk management culture
- Define, develop, implement, and manage standards, policies, procedures, and solutions that mitigate risk and maximize security, service availability, efficiency and effectiveness
- Manage relationships with other technology/business/corporate/control functions
- Provide training to employees on BAU activity and created documentations
Sr Infrastructure and Information Security Specialist/Analyst
Burlington Hydro Inc
03.2020 - 09.2020
- Supports the CIO in the creation and execution of roadmaps outlining the investments in infrastructure that will enable the Company’s strategic plans and deliver high availability IT resources
- Planning and implementation of enterprise IT security system, business operation, and facility defenses against security breaches and vulnerability issues
- Perform auditing existing systems, while directing the administration of security policies, activities, and standards
- Raise awareness of all levels of the organization regarding security best practices
- Constantly review procedures for security failings and disaster recovery
- Take leading role in originating/maintaining security policies and strategies
- Take leading part to ensure compliance with security plans/standards
- Using KnowBe4, train users on phishing, vishing, suspicious email, malicious email
- Managing SSL digital certification management renewals
- Produce KPI statistics report for corporate quarterly security team meeting
- Directs, prioritizes, and expedites multiple work assignments in accordance with scheduled IT service commitments
- Completes hardware and software upgrades in alignment with Vulnerability and Patch Management best practices
- Implemented Cavelo-DLP, Auvik-Asset Management, O365 administration, exchange online, share point online, configuration and azure cloud security management and working on SaSS, IaSS and PaSS and SOC 2 type one and type 2 report
- Develops and facilitates training to lead one or more operation support team members with RSA archer tool
- Worked on endpoint protection, filtering, Anti-Spam, Anti-Virus and Data Loss/Leakage prevention using Qualys, Symantec, Carbon black, trend micro and Deep Security, Nessus and RSA archer
- Effectively conducts IT infrastructure support in compliance with information security best practices
- Administers corporate user profiles/accounts and their access permissions in alignment with Identity Access Management best practices
- Demonstrates a results-oriented posture with a strong sense of accountability and ownership resulting in on-time, on-budget task completions
- Remains current with relevant advancements in technology
- Remains current with relevant technology advancements and recommends new technologies and best practice solutions (cloud, remote managed services, digital transformation)
- Assists in the development, implementation, maintenance and management of the Corporate Disaster Recovery Program and all related remote processing capabilities
- Contributes to the Corporate Cyber Security Program in tandem with the IT Infrastructure Security Specialist
- Deployed 2FA for all users
- Acts as a trusted business partner and collaborative colleague with peers and leaders, focused on influencing change and delivering solutions
- Assist in the development of the operating and capital budget and ensure the department operates within the approved budget
Sr. Network and Infrastructure Specialist
Kohl and Frisch Ltd
08.2019 - 02.2020
- Worked on infrastructure and cloud technologies and migration to O365
- Ensured network infrastructure and related platforms are available 24/7 and performing optimally
- Monitored and analyzed alerts and logs to identify potential issues with network infrastructure systems
- Applied operating system security updates and change configuration management
- Advised management about maintaining infrastructure equipment to be at the latest version to protect from vulnerability
- Providing answers to and assisting peers and users with technical queries
- Troubleshooting and resolving infrastructure problems as per established SLAs
- Escalating, in a timely manner, any issues requiring management’s attention
- Installing and configuring new hardware, software, storage and virtual servers for new projects
- Adhering to IT policies and procedures
- Making recommendations on process improvement by sharing knowledge and expertise and creating training materials, troubleshooting procedures and providing hands-on training sessions
- Remediating the threats to network infrastructure identified from audit reports
- Providing daily support of IP telephone systems, including Cisco Call Manager, Cisco Unity voicemail systems and fax
- Optimizing the availability of network systems architectures to deliver cost-effective improvements that, in turn, deliver tangible business benefits
- Providing 24/7 on-call support for network-related infrastructures on a rotational basis
- Maintaining and updating infrastructure diagrams while maintaining documentation up to date to meet audit recommendations
Sr. Information Security Specialist
TD Bank
11.2018 - 06.2019
- Worked on Information Protection: Symantec Endpoint Protection (SEP) (moving from version 12 to 13), Messaging Gateway (SMG), ATP Gateway, and cloud
- Worked on information Protection: Symantec Data Loss Prevention Suite (DLP) & Encryption (PGP): EDLP, NDLP, Web prevention, Email prevention, Symantec GTW, MacAfee GTW, Echo Worx (Email Encryption) TITUS data classification, AIP/ADRMS, MSPKI, Guardium, Qualys, SPLUNK and e-discovery also expose to SaSS, IaSS and PaSS
- Using Guardium – identify and resolve database filling up issues and identify and resolve sniffer issue with buffer
- Participated in DR and BCM planning and testing, penetration testing, vulnerability testing, security assessment, compliance review, risk assessment, engineering security assessment
- Worked on tickets and request from customers using service now
- Perform controlled incident resolution including prioritization and escalation, involving business and technology partners as appropriate
- Service applications and systems, provide application, systems, operational availability levels meet or exceed standards and service levels already established, while minimizing operational risk
- Strive to improve production environment stability by working with others to set up, maintain and monitor applications and systems, while meeting availability targets
- Provide prompt, effective day-to-day support, accurately identify and resolve issues, perform controlled and timely incident resolution all while making client satisfaction a top priority
- Assume incident management role (Communicator, tracker, escalator, driver, etc)
- Monitor system life cycles, ensure both specs and functionality support business objectives and architecture decisions, re-develop as required
- Follow established processes/standards, business technology architecture, risk and production capacity guidelines; plan, monitor and escalate issues as required
Sr. Network Security Specialist – Access Network
RBC – Royal Bank of Canada
10.2017 - 10.2018
- Implemented port security on L2 switches worldwide RBC to avoid the risk of any potential cyber threat
- Implemented, deployed and managed port security on RBC locations worldwide
- Created MoP (method of procedure) and CR (change records) to make changes on network
- Implemented NAC(Dot1x) project on RBC worldwide
- Design wireless network for various RBC locations using Ekahau
- Liaison between Level 2 Service Design and Level 1 Global Integration Network Services (NOC) for all operational considerations related to Implementations and Change Mgmt
- I.e
- Review MoP’s, Diagrams, Net Mgmt, PRP’s etc
- Liaise with L2 Service Integration to ensure documentation is current as it relates to network changes, i.e
- Problem Resolution Procedures and Operation Manuals, diagrams/schematics etc
- Report and analyze overall performance and capacity management of the global network infrastructure for future planning
- Provide senior level technical support in resolving various network related issues
- Utilize all available resources to perform trouble shooting e.g
- Network Management tools, documentation, contacts, etc
- Manage incidents/problems according to Incident/Problem Management Process
- Identify and/or escalation of any major operational/networking problems to the L3 Architecture and Engineering teams, providing possible recommendations for best practices
- Managed CPPM (clear pass), Airwave, Infoblox, SPM (switch port manager) Aruba Wireless Network worldwide RBC
- Monitor/Update Network using NetMRI, Net brain, Cisco works, SPM, archer tool, azure security
- Proficiency on HPSM (HP service manager) to manage ticket request
RF Planner/Solution Engineer - Access Network
Freedom Mobile
09.2016 - 09.2017
- Performed Post Processing of Drive test logs for LTE/3G/4G network
- Post processing using Actix, NQDI, Wind Catcher
- Worked with technologies such as ALU/NSN/Huawei RAN
- Managed E911 management system
- Supporting wireless Internet (WiFi) access, hand-held computers, vehicle location equipment, satellite systems and related equipment
- Prepared Reports for Benchmark using NQDI
- KPI's related to Site performance
Sr. Network Infrastructure Engineer
Humber River Hospital
04.2015 - 09.2016
- Managed Network for the First Digital Hospital in North America with 2 Datacenter to maintain 100% uptime
- Installed, configured, and maintaining data center
- Managed vulnerability and patch management
- Managed Infrastructure Life Cycle Management
- Establish reporting and transparency for senior and Risk management
- Manage internal and external vulnerability
- Plan, Design, implement, operate, monitor, and troubleshoot complex data network
- Setup Nexus 7K,5K,2K series core switch, 20 FEX, VDC and UCS Manager, cisco 29xx, 37xx, 38xx, 35xx and 2960
- Setup Palo Alto FW, Juniper FW, Fortinet FW, and Cisco IPS, Cisco ACE, Cisco CSS, experience with F5 LB
- Installed, Configured, and managed more than 500 access switches
- Setup and managed WLAN Controller 5520 with1200 Cisco, HP, Aruba access points, RTLS, FRID, Wi-Fi, BYOD
- Installed and managed 3000 VoIP phones and all hospital equipment on the network with more than 400 vlans
- Proficiency in design and operations of complex LAN/MAN/WAN networks
- Configured and support more than 400 VM servers (2008 and 2012)
- Managed monitoring tools - SolarWinds, Cisco prime, Cisco works, Cisco assistant, NetFlow, Wireshark and NetBrain
IT/ Sr. Network Infrastructure Administrator
Schaeffer lnt’l Canada
12.2011 - 09.2014
- Infrastructure planning, designing and implementation of Network for new locations in Mexico locations
- Infrastructure Planning, designing and implementation of Wireless Network as requested in Canada locations
- Worked on Wireless Survey and created the documentation with layouts as requested in USA locations
- Upgrading Network and VoIP (cisco, Avaya, siemens) phone system on existing plants in 10 locations
- Core/Access switch config, Hardware Specs, IOS Upgrade, Ciscoworks, Naming conventions and IP management using QIP
- (cisco 2960,3550,3560,3750,3850,4500,6500)
- Manage more than 20 remote locations and 20 MPLS sites with 6500, 4500, 4500x-VSS, 2960x, 2960s, 3750x, 3750, 1700, 2800, 3700 series routers and 3500, 3700, 800 series switches
- 2800 ISR, Cisco 877, Cisco ASA 5500, Check Point, IPS, Cisco 4400 Wireless Controllers, Creating/updating maps, setting up new devices, H-reap, converting to LWAPP, Cisco ACS, TACACs Servers, Site surveys using special tools (Ekahau)
- Worked on network monitoring tools – Isarflow, Nagios, Cacti, Sniffers, solar wind, NetFlow Analyzer and Cisco Prime Tool, NetFlow, Wireshark
- Worked with vendors on Data Closets setup, Cable, and components specs
- Cisco VOIP switch config and QoS, Debugging Advanced knowledge of CUCME, CUCM, Call Manager 8.x, Cisco Unity Connection
- Managed Cisco ACE, Cisco CSS, Cisco ASA Firewalls and Palo Alto FW
- Assist in administration of Citrix server and hosted facilities
- Using MPLS tools for analyzing, Riverbed setup, monitoring, global management, WAN optimization and WAN acceleration
Sr. Field/Infrastructure Engineer
DHL Int’l Canada
09.2000 - 11.2011
- Setup Configure and Maintain LAN and Wireless Satellite Network
- Setup, Configure and Maintain network for more than 60 ADSL sites with checkpoint fire wall
- Plan solutions-based network configurations that involved heterogeneous hardware and operating systems, connectivity, and inter-connectivity tools, etc
- Monitor and analyze alarms and status of all network alarms
- Interface with third party carriers
- Assist in the implementation and testing of new services and platforms
- Ensure performance indicators are strictly adhered to
- Assist field technicians and carrier companies during routine test and troubleshooting activities
- Act as interface to Network Operations Groups, Engineering, and Customer Facing Groups
- Perform network and Server 2003,2008 systems tuning and troubleshooting
- Manage AD/Exchange/Proxy/DHCP/DNS servers
- Manage and resolve all network and application problems directed to the Information Technology Department by end users
- Ensure all problems are solved in a timely, courteous, effective manner and are followed up for completeness
- Respond to and log telephone calls, e-mails, voicemails and drop-by’s for technical support in a timely manner
Education
Diploma -
Computer Electronics and Programming
Skills
- Attention to detail
- Conflict resolution
- Customer focus
- Coaching and mentoring
Certification
- CISA
- CISM
- CISSP
- Splunk Enterprise Security
- Azure
- AWS
- Google Cloud
- Azure Security Engineer
- Azure Fundamentals
- CCNP
- MCSE
- Unix/Linux
- ITIL
- Aruba Clear Pass/Airwave Professional
- Diploma in Computer Electronics and Programming
Special Training
- IT/Network Specialist – Germany
- IT/Network Specialist – USA
- IT /Network Expert – Toronto
- Aruba Clear Pass Policy Manager Professional – Toronto
- SAN Storage – IBM Toronto
Awards
- Two Times Everyday Hero Winner – 2010
- First Choice Award for Team achievement – 2011
Security Tools Experience
- Sentinel One
- Qualis
- Tenable
- CNAPP
- Splunk Cloud
- MS Azure
- Azure Advisor
- Zero Fox
- SALT
- Splunk SOAR
- Fresh Service
- Service Now
- Netskope
- Cloud Flare
- O365 Admin
- Email Security
- Knowbe4
- Palo Alto FW
- Fortinet FW
- Cisco ASA
- Microsoft AI Copilot for Security
- Sentinel One Purple AI
- Azure Sentinel
- Splunk Enterprise Security
- SD-WAN
Timeline
Team Lead / Cloud and Endpoint Security
GOEASY
01.2022 - Current
Sr Information Security Analyst
Burlington Hydro Inc
09.2021 - 01.2022
Sr Information Security Specialist/Analyst
TD Bank
10.2020 - 08.2021
Sr Infrastructure and Information Security Specialist/Analyst
Burlington Hydro Inc
03.2020 - 09.2020
Sr. Network and Infrastructure Specialist
Kohl and Frisch Ltd
08.2019 - 02.2020
Sr. Information Security Specialist
TD Bank
11.2018 - 06.2019
Sr. Network Security Specialist – Access Network
RBC – Royal Bank of Canada
10.2017 - 10.2018
RF Planner/Solution Engineer - Access Network
Freedom Mobile
09.2016 - 09.2017
Sr. Network Infrastructure Engineer
Humber River Hospital
04.2015 - 09.2016
IT/ Sr. Network Infrastructure Administrator
Schaeffer lnt’l Canada
12.2011 - 09.2014
Sr. Field/Infrastructure Engineer
DHL Int’l Canada
09.2000 - 11.2011
Diploma -
Computer Electronics and Programming
Similar Profiles
Aleya WightAleya Wight
User Acceptance Tester at GoeasyUser Acceptance Tester at Goeasy
Chhavi SaraswatChhavi Saraswat
Leasing Specialist at GoeasyLeasing Specialist at Goeasy
Mohammad NizamuddinMohammad Nizamuddin
Loan Servicing Analyst at GoEasyLoan Servicing Analyst at GoEasy
Stephanie WagnerStephanie Wagner
Branch Manager at GoeasyBranch Manager at Goeasy
Cassandra MandapCassandra Mandap
Nursing Clinical Student Practical Nurse at Humber River Hospital- Inpatient Surgery UnitNursing Clinical Student Practical Nurse at Humber River Hospital- Inpatient Surgery Unit