Varun Nair, CISSP, CSSLP, CEH

Varun Nair, CISSP, CSSLP, CEH

Application Security Architect at Morgan Stanley

London, United Kingdom

Current
Past
Education
  • DA-IICT
  • Gujarat University
  • Prakash Higher Secondary School
Recommended
Varun has 14 recommendations 14 people have recommended Varun
Connections
376 connections
Industry
Computer & Network Security
Websites

Varun Nair, CISSP, CSSLP, CEH’s Summary

I am an experienced information security professional who loves the field of information security for its opportunities and challenges. My expertise lies in the domains of security architecture, risk analysis and management, secure software development, application security, network security, penetration testing, compliance and project management.

In my professional career of more than 5 years I have worked for 2 well-known consulting companies, TCS (Tata Consultancy Services) Ltd. and IBM Global Services, and have led teams of various sizes in both these companies. I have consulted for conglomerates, banks, insurance companies, defence organizations, government agencies and other private firms.

I currently hold the CISSP, CSSLP and CEH certifications. I have also passed the CISM exam and am currently awaiting my endorsement process to be complete before I get certified.

Varun Nair, CISSP, CSSLP, CEH’s Specialties:

1. Security architecture
2. Risk analysis and management
3. Application security / Secure software development
4. Network security
5. Vulnerability assessments / Penetration testing
6. Compliance
7. Project management

Varun Nair, CISSP, CSSLP, CEH’s Experience

  • Application Security Architect

    Morgan Stanley

    (Public Company; ms; Financial Services industry)

    April 2010Present (4 months)

  • Security Architect / Portfolio Manager

    IBM Global Business Services

    (Public Company; IBM; Information Technology and Services industry)

    August 2009January 2010 (6 months)

    Portfolio manager for the threat mitigation portfolio of the Security & Privacy team. Primary duties involved client interaction, project management, requirements gathering, security architecture, application and infrastructure security, risk analysis and management, vulnerability assessments (and penetration tests) and selection and training of new recruits in the team.

  • Security Consultant / Project Leader / Application Security Analyst

    Tata Consultancy Services

    (Public Company; Information Technology and Services industry)

    August 2004August 2009 (5 years 1 month)

    a. Security Architect / Secure SDLC Expert (Jan 2009 – Aug 2009)
    b. Security Architect / Project Leader (Apr 2008 – Dec 2008)
    c. Project Leader - Application Security Program (Apr 2007 – Mar 2008)
    d. Project Leader - Application Security Center of Excellence (Oct 2006 – Mar 2007)
    e. Security Analyst (Feb 2006 – Sep 2006)
    f. Developer / Researcher (Aug 2004 – Jan 2006)

    I have shouldered a number of responsibilities in my 5 years with TCS. These cover the entire gamut from penetration tests to compliance projects. I have led a number of teams of various sizes during this period.

    A brief summary:
    1. Security architecture - Evaluations and design of application and infrastructure security controls.
    2. Risk analysis and management - Risk analysis, security policies and standards, security awareness and training programs.
    3. Application security - Vulnerability assessments (and penetration tests), threat modeling, database security, secure software development, secure change management, source code reviews etc.
    4. Infrastructure security - Vulnerability assessments (and penetration tests)
    5. Third-party security - Third-party security policies, third-party security audits
    6. Regulatory compliance - PCI standards, ISO27001, SOx compliance.

Varun Nair, CISSP, CSSLP, CEH’s Education

  • DA-IICT

    MS (IT) , 20022004

  • Gujarat University

    B.C.A (Bachelors of Computer Applications) , 19992002

  • Prakash Higher Secondary School

Additional Information

Varun Nair, CISSP, CSSLP, CEH’s Websites:

Varun Nair, CISSP, CSSLP, CEH’s Interests:

Information security, web technologies, web design, usability, economics, politics, sociology, and new media

Varun Nair, CISSP, CSSLP, CEH’s Groups:

ISC2, ISACA, EC-Council

  •    Certified Information Systems Security Professionals (CISSP)
  •    The Greater IBM Connection: IBM's alumni program for past and present IBM employees
  •    GE (General Electric)
  •    Open Web Application Security Project (OWASP)
  •    Information Security Community
  •    Delhi Bloggers Bloc
  •    IBM co/ex workers independent group
  •    IBMers
  •    The Web Application Security Consortium
  •    (CEH) Certified Ethical Hacker
  •    DAIICT- Universal
  •    UK Information Security Professionals Group
  •    MS(IT) @ DAIICT
  •    Risk and Network Threat (RANT) Forum
  •    Digital Media Technologies
  •    OWASP London
  •    SC Magazine UK
  •    null0x00
  •    WAST - Web Application Security Testing
  •    The SaltedHash Network

Varun Nair, CISSP, CSSLP, CEH’s Contact Settings

Interested In:

  • career opportunities
  • consulting offers
  • new ventures
  • job inquiries
  • expertise requests
  • business deals
  • reference requests
  • getting back in touch

View Full Profile

Public profile powered by: LinkedIn

Create a public profile: Sign In or Join Now

View Varun Nair, CISSP, CSSLP, CEH’s full profile:

  • See who you and Varun Nair, CISSP, CSSLP, CEH know in common
  • Get introduced to Varun Nair, CISSP, CSSLP, CEH
  • Contact Varun Nair, CISSP, CSSLP, CEH directly

View Full Profile