Gargi (nee Sircar) Mitra, CISA

CAREER OBJECTIVE
Consultant or contract-to-perm for roles in Product Management/Product Marketing, business/alliance development in areas ranging from IT security, risk/compliance management, or any emerging or high-growth market where solid product management skills are an asset.

Possess over 10 years experience in product management/marketing and IT management/implementation. Recent CISA (Certified Information Systems Auditor) certification provides additional expertise to enhance both marketing and IT engagements.

SUMMARY
1. Experienced Group Product Marketing Manager / Product Manager/ IT Manager with engineering degrees and over twelve years combined experience in the financial services/IT and high tech industries.

2. Versatile consultant in variety of roles related to security, risk, and compliance solutions

3. Trained and experienced in product life cycle management (Pragmatic Marketing)

4. Primary differentiator is my ability to communicate effectively to Sales, IT Managers, engineers, and executives by focusing on their unique pain points, leveraging experience as IT Manager on Wall Street

5. Leverage technical knowledge and apply to business problems to develop product/pricing strategy

6. Domain experience in information security, risk and compliance management, appliances, web services

7. International work experience in Singapore, Bangalore, Beijing, Malaysia, Philippines, Hong Kong. Presentation experience with Latin America partners/resellers (in Spanish).

Gargi (nee Sircar) Mitra, CISA’s Specialties:

Product Manager, Product Marketing Manager, IT Manager, IT consultant with domain experience in information security (firewall, VPN, vulnerability management, remediation, Data Loss Prevention), security appliances, and IT compliance initiatives (COBIT, PCI, SOX, HIPAA)

Gargi (nee Sircar) Mitra, CISA’s Experience

Consultant, Product Marketing

Cloudmark

(Privately Held; Computer Software industry)

August 2009 — Present (4 months)

Reviewing offerings and existing messaging for service provider messaging (ISP web/email hosting services, mobile carriers) to write RFP boilerplate for these markets. Client offers anti-spam/anti-abuse solutions for ISP web/email hosting services, mobile carriers, small businesses, end-users through on-premises, hosted, and OEM solutions.
Product Marketing Consultant

Websense

(Public Company; WBSN; Computer Software industry)

February 2009 — Present (10 months)

Full-time product marketing services for data loss prevention product line (datasheets, white papers, customer interviews, field inquiries, presentations, etc.).
President, Firecracker PM, Inc. (Consulting)

<Miscellaneous companies>

(Computer & Network Security industry)

June 2007 — Present (2 years 6 months)

1. Spatial Photonics (Oct 2009 - Present): Managing engineering program management for 2010 release - LCD projector technology.

2. Cloudmark (Aug 2009 - present): Updating RFP boilerplate, competitive analysis for fixed-line and mobile messaging abuse solutions.

3. Log Matrix (July 2009 - Oct 2009): IT controls mapping for FISMA, NERC, SOX, GLBA, HIPAA, PCI - log management solution.

4. Websense (Feb 2009 - Present): Product Marketing Manager for Data Loss Prevention solutions

5. Trend Micro (Oct 2008 - Oct 2009): Compliance white papers for enterprise security, data protection solutions

6. McAfee (Oct 2008-Nov 2008): Solution brief for Avert Labs threat research

7. Symantec (July 2008-Oct 2008): Competitive analysis for Brightmail email security products

8. MLS Listings (April 2008-October 2008): IT consultant research and manage RFPs for strong authentication (SA). Product management services to write PRD for integration of SA solution into web application.

8. Qualys (April 2008-June2008): Sales training, product roadmap for Policy Compliance solution

9. NextLabs (Jan 2008-March 2008): Web content, white paper content for DLP, XACML platform solutions

10. ProofPoint (Jan 2008-April 2008): Solution briefs for PCI, Financial Services, Education for email security and DLP solutions

11. Moka5 (Nov 2007 - Jan 2008): Product Management consultant
- Detailed requirements document for Moka5 mobile productivity and security solution

12. FaceTime Communications (Aug 2007):
- Updated 60+ page RFP boilerplate including analyst reviews, industry articles, competitive analysis, product positioning, product features/differentiators

13. Tumbleweed (August 2007; via Spire Consulting):
- Research data types for PCI DSS (lexicon) for us by Product Management and Engineering in defining feature set for next product release
- Competitive analysis of three vendors in messaging encryption space
Consultant, Project Manager

LogMatrix

(Privately Held; Computer & Network Security industry)

July 2009 — October 2009 (4 months)

Managing an IT controls mapping project with a subcontractor on my staff. Deliverable will enable client to offer compliance reporting packs for their log management solution.
Product Marketing Consultant

Trend Micro

(Public Company; TYO: 4704; Computer Software industry)

February 2009 — October 2009 (9 months)

White papers for messaging security solutions, focused on regulatory compliance/verticals: PCI, Healthcare, Financial Services
Consultant

Trend Micro

(Public Company; TYO: 4704; Computer Software industry)

October 2008 — December 2008 (3 months)

Developed comprehensive messaging document and first white paper on regulatory compliance as a driver for data protection solutions (email encryption, endpoint DLP, email archiving).
Consultant

Symantec

(Public Company; SYMC; Computer Software industry)

July 2008 — October 2008 (4 months)

Evaluated 2 major competitors in the email security and DLP markets using actual demo systems in the laboratory. Final deliverables include 80+ page analysis document and 20+ slide decks with screen shots and analysis.

Scope of analysis included:
1. Detailed review of management interfaces (screenshots, annotations, side by side comparisons)

2. Analysis of key areas:
a. DLP (policies, reporting, compliance templates, enforcement - blocking, encryption)
b. anti-spam (reputation filters, thresholds, filters, policy workflow)
c. anti-virus (3rd party support, zero-day support, custom policies)
d. email firewall, other security (DKIM authentication, traffic control)
Consultant (IT Manager)

MLS Listings

(Real Estate industry)

March 2008 — September 2008 (7 months)

Driving project to select a strong/two-factor authentication solution for broker/agent community with subscription to MLS Listings. Roles involves requirements gathering, vendor analysis, RFP management, pilot design and final recommendations.
Consultant (Product Management)

Qualys

(Privately Held; 51-200 employees; Computer & Network Security industry)

March 2008 — June 2008 (4 months)

Consultant in areas of Product Management and Product Marketing for new policy compliance offering, which includes remote scanning of systems for compliance checks under CIS, ISO, GLBA, and other frameworks or regulations. Role includes developing sales training on compliance and product, reviewing beta customer feedback, customer pitch, and definition of 2.0 release and beyond.
President, Firecracker PM, Inc. (Consulting)

NextLabs Inc.

(Privately Held; 51-200 employees; Computer Software industry)

January 2008 — March 2008 (3 months)

Product Marketing consultant
- Competitive and market analysis on DLP (Data Loss Prevention) industry
- Develop white papers on identity-based DLP, business drivers for Enterprise DLP and Information Barriers
President, Firecracker PM, Inc. (Consulting) at

Proofpoint

(Privately Held; 51-200 employees; Computer Software industry)

January 2008 — March 2008 (3 months)

- Product Marketing consulting: creation of solution briefs for - EDU, PCI compliance and Financial services
- Domain expertise enhanced in network-based solutions for anti-spam, AV and DLP
President, Firecracker PM, Inc. (Consulting)

McAfee

(Public Company; Myself Only; Computer & Network Security industry)

June 2007 — December 2007 (7 months)

Consultant in Product Marketing
- Research and develop content for vendor response to PCI Data Security Standard (Payment Card Industry Data Security Standard) requirements. Includes presentation (customer, sales training), validation with key stakeholders in company, white papers, compliance brief

- Develop new pricing and packaging scheme for risk and compliance management solutions: Involves analysis of field/market requirements for quoting/selling, engagement with analyst vendor, competition

- ‘Battlecards’ for vulnerability management, host-based policy audit/remediation solution to be used as 'ice breakers' for sales force and channel partners

- 'Solution Brief' for McAfee Threat Intelligence Services (MTIS)

- (Product Management) Developed detailed certification requirements for McAfee Security Innovation Alliance program, for partner integration with ePO integration.
President, Firecracker PM, Inc. (Consulting)

Polivec

(Privately Held; 11-50 employees; Computer & Network Security industry)

July 2007 — October 2007 (4 months)

PMM consultant for startup providing Global Risk and Compliance (GRC) platform, focused primarily on manual procedures and tasks that are a key component of demonstrating compliance with many industry regulations, such as PCI (Payment Card Industry) DSS (Data Security Standard).

- Research and develop content for vendor response to PCI Data Security Standard (Payment Card Industry Data Security Standard) requirements (presentation, validation with key industry stakeholders, product demo)
President, Firecracker PM, Inc. (Consulting)

Oakley Networks

(Privately Held; 51-200 employees; Computer & Network Security industry)

March 2007 — June 2007 (4 months)

PM/PMM consulting engagement for Oakley Networks, Insider Threat Mgmt/Data Leakage Prevention vendor:
-- Performed usability assessment on current product and provided feedback to Product Management team for requirements document
-- Wrote Product requirements for 3rd party vendor integration (email/MTA, application proxy)
-- Provided detailed messaging content for Product Marketing, used in overhaul of website and collateral
Group Product Marketing Manager

McAfee

(Public Company; 1001-5000 employees; MFE; Computer Software industry)

June 2006 — March 2007 (10 months)

Responsible for product launch, positioning, field/partner training and other marketing activities related to the new Security Risk Management (SRM) initiative. The SRM offering includes vulnerability management, policy audit, compliance management, remediation, network access control, and data loss prevention. Actively involved in education and training on compliance drivers such as COBIT, ITIL, SOX and HIPAA and how these impact the requirements for IT controls in enterprises.

Role requires knowledge in these solutions and ability to do consultative and solution selling. In addition to training sales force and partners on solution selling, have specific product responsibility for Hercules Remediation Manager and Hercules Policy Auditor.
Senior Product Manager

Symantec Corporation

(Computer Software industry)

2006 — 2006 (less than a year)
Senior Product Manager

FaceTime Communications

(Privately Held; 51-200 employees; Computer Software industry)

November 2005 — June 2006 (8 months)

Product Manager responsible for GEM (Greynet Enterprise Manager) product and portion of RT Guardian security gateway. Wrote PRDs for next-gen GEM products (scalability, performance, centralized policy management), SNMP support in security gateway. Extensive Sales and SE training on products.
Senior Product Manager

Symantec Corp. (through Sygate acquisition)

(Public Company; 10,001 or more employees; SYMC; Computer Software industry)

February 2004 — October 2005 (1 year 9 months)

Accomplishments
- Major Product Release: Delivered Symantec On-Demand 2.5 in April 2005 with new Malicious Code Prevention and Connection Control modules. Direct responsibility for PRD, collateral, product documentation, quality control, demos, launch.
- Management of OEM/Partner/System Integrators: Juniper (co-sell); Aruba, Aventail, Array Networks, Netilla/AEP (OEM); Wipro/PWC (SIs)
- Business Analysis: Analysis of bookings and identification of problem/success areas; Identifying and researching new sales channels, product delivery vehicles, including webmail, ERP apps, ASPs, mobile devices, etc.
- Favorable Analyst Coverage: Contributed via calls, demos, RFP responses to Gartner review (“Access From Anywhere Drives Innovation for On-Demand Security, Gartner, ID Number: G00126242”, March 21, 2005)
- Effective Management of Security Vulnerabilities: quoted in “Google Search Cache Spawns SSL Fear”, http://www.networkworld.com/news/2004/112204google.html?ts )
Senior Product Manager

Sygate Technologies Inc.

(Privately Held; 51-200 employees; Computer Software industry)

February 2004 — October 2005 (1 year 9 months)

Product Manager for new vulnerability/asset management appliance
Product Manager

Visionael Corporation

(Privately Held; 11-50 employees; Computer Software industry)

August 2003 — February 2004 (7 months)

Brief but eventful stint at Vulnerability Management startup as Senior Product Manager for 'Security Audit' product. Providing marketing content and full in-bound Product Management support for solution based on Nessus scanning engine. Required knowledge of CAN/CVE, SANS, IAVA ranking systems for vulnerabilities, probing and discovery tools such as NMAP, and patch management integration (e.g. BigFix).
Senior Product Manager

Sun Microsystems

(Public Company; 10,001 or more employees; Computer Software industry)

August 2000 — August 2002 (2 years 1 month)
Senior Project Manager

esavio

(Computer Software industry)

2000 — 2000 (less than a year)
"Product Manager"

JP Morgan & Co, Inc.

(Public Company; 10,001 or more employees; JPM; Banking industry)

December 1997 — May 2000 (2 years 6 months)

Responsibilities: Manage services, standards development in Corporate Technology Division
Accomplishments
- Managed Deployment of Internet POPs: Design document, provisioning, managed ISP vendor.
- Managed global team (EMEA, APAC) to support existing remote computing services
- Managed budget of about $1 Million for enhancement projects and strategy development
- Achieved Cost Savings: renegotiating Novell Master License Agreement, dialup migration to VPN service
- Contributed to Y2K Effort by managing global NT Workstation pilot to test and patch builds
Graduate Student

Center for Telecommunications Reseach / Columbia University

(Computer Software industry)

1993 — 1995 (2 years )

Gargi (nee Sircar) Mitra, CISA’s Education

Columbia University

MS , Electrical Engineering , September 1993 — January 1995

Activities and Societies:

Teaching Assistant (Electromagnetics, Circuit Theory); Research Assistant (Dept. of Telecommunications Research)
MIT (Massachusetts Institute of Technology)

BS , Electrical Engineering , September 1989 — May 1993

Activities and Societies:

(SWE) Society of Women Engineers, Sigma Kappa (Sorority), Burton Third Bombers (Living Group)
Massachusetts Institute of Technology

BSc , Electrical Engineering and Computer Science - Course 6-1 , 1989 — 1993
South Brunswick High School