CISSP, CISM, GSEC Qualified professional having major international event experience such as Asian Games

Highly self motivated committed and professional individual seeking a challenging role in a dynamic environment. Ability to work as a part of a team or on own as needed. Comfortable working in both business and technical environments.

• April 2005 – March 2007
IT Security Officer
Doha Asian Games Organizing Committee, Qatar

Main tasks and responsibilities
o Act as the focal point to all the IT Security related matters
o Security project planning, scoping & strategy formation
o Developing Security Policies and procedures
o IT Security Awareness and training
o Information Security Management, Coordination and implementation
o BS 7799 compliance and IT Security Risk Management
o Security testing (Internal/external), auditing and vulnerability testing,
o Evaluating security technologies/processes and making recommendations to security architecture, selecting IT security technologies.
o Evaluate IT change requests on security perspective.
o Liaise with 3rd party access requests
o Heading the Security Incident Response Team
o Provide inputs to the Disaster Recovery section

• 2001 - 2004
IT Specialist – Information Security
GTZ Sri Lanka German Enterprise Information Project, Sri Lanka

Main tasks and responsibilities:
o Responsible for the Performance, Availability and Security of the Wide Area Network
o Liaise as the Chief Information Security Officer for all the Partner Organizations
o Review Hardware, Software and Human Resources needs of the network and recommend solutions
o Perform the role of Network Manager WAN covering the following areas:
o Network and IT resource management
o Network User Management
o Information security and business continuity
o Develop and help implementing IT policies & guidelines
o Implement IT based policies in relation to IS security and IT application
o Investigate organizational adjustments necessary
• 1996 - 2000
Information Security Officer
Janashakthi Bank, Sri Lanka

Main tasks and responsibilities:
o Liaise as the focal point for IT related issues
o Developing and managing information systems security programme
o Creating security policies and procedures
o IT auditing and compliance
o Responsible for IT Security Awareness
o Responsible for routine IT security operation and administration

• Master of Business Administration (MBA), March 2004
Major: Information Security Management - EIPEL – Sri Lanka: A local resource centre of Irish International University (IIU). The IIU is A non-accredited private university having its International Office at Suit 213, Block F, Phileo Damansara 1, 46350 Petaling Jaya, Malaysia.

• Certified Information Systems Security Professional (CISSP) certification
• Certified Information Security Manager (CISM) - November 2006
Information Security and Audit Control Association,
CISM certification is accredited by American National Standards Institute (ANSI) under ISO/IEC 17024:2003 and also approved by the Department of Defense, USA.
• Global Incident Analysis Centre (GIAC) Certification - January 2004
GSEC Gold Certified Graduate - SANS Institute, Maryland, Bethesda, USA (The SANS - GSEC is certified and 100% compliant with National Training Standard for Systems Administrators in Information Systems Security (NSTISSI 4013 training standards) of National Security Agency of USA.