This role requires a strategic mindset, deep technical expertise, and the ability to influence and drive security initiatives across multiple teams and projects. My work ensures that security is not just an afterthought but a fundamental component of our products and services.Security Roadmap Leadership: Develop and drive the comprehensive security roadmap, aligning it with business goals and ensuring that our products and services meet the highest standards of security and compliance.Lead the strategic decision-making process for security across all product lines, balancing risk management with business innovation and ensuring that security is a business enabler.Oversee and implement product security measures, including secure coding practices, vulnerability management, and incident response planning, ensuring our products are resilient to evolving threats.Architect and enforce security measures within service mesh environments, containerized applications, and Kubernetes clusters, focusing on network security, access controls, and container hardening.Ensure robust security practices are in place for cloud infrastructure and data protection, including encryption, identity management, and secure access policies, safeguarding sensitive information and maintaining data integrity.Make informed and timely security decisions on critical issues, providing expert guidance on mitigating risks and responding to security incidents.Lead threat modeling exercises and ensure the integration of security best practices within the Software Development Life Cycle (SDLC), from design through to post-deployment, to preemptively identify and mitigate potential vulnerabilities.

• Founded and built India's first emerging tech community focused on AI/ML, leading a passionate group of professionals in organizing meetups and events.• Collaborated with industry experts to curate engaging content and facilitate knowledge sharing among community members.• Spearheaded strategic partnerships with tech companies to enhance networking opportunities and drive community growth.

• Specialize in building cybersecurity products for Data Security, Web3, and AI models • Lead a team of engineers and collaborate with cross-functional teams • Architect and design robust and scalable systems for data security • Ensure confidentiality, integrity, and availability of sensitive information • Embrace the latest technologies and industry best practices • Develop secure platforms for Web3 and decentralized technologies • Leverage blockchain, smart contracts, and decentralized applications • Integrate AI models for enhanced threat detection and incident response • Collaborate with stakeholders, including product managers and customers • Understand needs, define requirements, and align with strategic objectives • Stay updated on industry trends and research to drive innovation • Drive the R&D team to deliver impactful cybersecurity solutions

Promote public cloud internally to sales and delivery teams to drive growth. Conduct PoC & create Solution Design for various Cloud Security Posture Management (CSPM) & Cloud Workload Protection (CWP) solutions for clients. Be the go to person for Cloud Network engineering. Have a deep understanding and hands on experience of services offered on Public Cloud platforms and understand how to configure these services to support the building of complex solutions.Support the solution architects, and delivery teams in design, build, configuration, testing and deployment on Public Cloud Capture and share best-practice knowledge amongst the Public Cloud solutions architect communityBuild deep relationships with senior technical individuals within customers to enable them to be cloud advocates, and provide advisory around integration of on-premises environments with Public CloudAct as a technical liaison between customers, delivery teams and support.

• Evaluate, architect and lead the teams to implement security-focused tools and services for Cloud, Containers and CICD pipelines, covering application and platform security - docker, container, kubernetes security and integrate with cloud security & posture monitoring, operations and identity and access management solutions like Prisma Cloud, Dom9 etc. • Work with clients to mitigate cyber risk and threats• Organize and deliver services on a cross-section of complex projects• Actively participate in the development of business and vendor relationships• Participate and lead aspects of the proposal development process• Responsible for project(s) financials including development of financial plans• Manages day-to-day interactions with clients and internal Deloitte team• Displays both breadth and depth of knowledge regarding functional and technical issues• Displays leadership and business judgment in anticipating client/project needs and developing alternative solutions• Provide counseling/coaching, oversight, and support for delivery teams and staff

Led various emerging technology projects in domains like Blockchain, Artificial Intelligence & Augmented Reality, IoT, DevSecOps etc. Led and managed multiple vulnerability assessment engagements for financial institutions in Thailand, Malaysia & rest SEA. The scope for these vulnerability assessments including external vulnerability assessments, internal vulnerability assessments, web application vulnerability assessments, mobile application vulnerability assessments, secure code reviews, wireless security assessments, network security architecture reviews and server, database and network device security configuration reviews.Led GDPR & Data Privacy assessment for an e-commerce client Led and managed a cybersecurity focused internal IT audit for a regional general insurance company.Led and managed a security review over a multinational insurance company’s SWIFT infrastructure.Led and managed cybersecurity maturity assessments over one telecommunications company, one manufacturing company and one financial services institution, which involve evaluating client’s current state cybersecurity capability maturity, benchmarking cybersecurity capability maturity to industry peers, developing target cybersecurity capability maturity, and recommending a roadmap for capability increases to one financial institution.Led a cybersecurity incident review at a small/medium sized enterprise (‘SME’).

Responsible for leading advanced cyber security consulting and advice to others on proposal efforts, solution design, system management, tuning and modification of solutions.Regularly leads in the technical assessment and delivery of specific technical solutions to the customer. Provides a team structure conducive to high performance and manages the team lifecycle stages.Provides input to the company strategy moving forward.Engages in technical problem solving across multiple technologies; often needs to develop new methods to apply to the situation.Owns and manages knowledge sharing within a community (e.g. team, practice, or project). Proactively encourages membership and contributions of others to professional community and coaches’ others in the area of expertise. Presents at multi-customer technology conferences.Creates and supports sales activities. Manages bids, or major input into the sales lifecycle. Manages activities and provides qualitative and quantitative information for successful sales. Produces complete proposals for smaller engagements within the area of expertise.Actively grows the company portfolio with existing customers through new opportunities and change management..

Overall responsibility for the customer relationship.Partner with the customer to establish a strategic roadmap for SIEM & other security products deployment, upgrade and potential expansion. Ability to design, discuss and drive reference architectures.Create, document and implement IT Security best practices.Drive early adopters programs.Acting as a liaison between product management and the customer with a focus on communicating the roadmap, guiding customers while planning and managing their implementations and upgrades, and influencing the roadmaps based on customer input.Proactive management of customer satisfaction and supporting the renewals process to minimize customer attrition.Promoting opportunities for two-way communication between the customer and various groups.Ensuring the client takes advantage of best practices and fully leverages customer communities and other resources available as part of product and service contracts.Prioritizing, coordinating resources and driving resolution on escalated customer issues.Collaborate with sales teams to ensure growth attainment and footprint increase through identifying expansion opportunities.Help the customer identify risks to achieving their stated business goals.Efficiently and effectively manage customer related projects that require coordination between the customer, Quick Heal (Seqrite) and its partners.

Leading InfoSec Team and providing subject matter expertise across all Technical, operational security and compliance matters.Responsible for end to end security of the organization & its products. Responsible for ensuring the compliance status of the organization against various compliance standard likes Statutory audits, RBI audits, PCI DSS, ISO27001, etc.Responsible for new initiatives related to Information Security to enhance the security posture of the organization.Managing and reducing Information security risk for the organizationWorking on Cryptography, Authentication and technology related to Public Key InfrastructureHandling Cyber Security Assessments & Managed Security ServicesHands-on expertise in Web Security & Mobile Security and deploying Cyber Security solutions.Handling of security intelligence concepts and technologies and Experience in Performing Threat Modeling Approaches for Cloud and Internet of Things.Real time tool experience in Code Analysis Tools, Identifying Root Causes, Suggesting Countermeasures.Run & Analyze the penetration test (Manual & Automated) and pinpoint the security issues and suggest countermeasures for security improvements.Managing security teams of SOC, Forensic, Audits and ComplianceDesigning IT processes and operational review for the clients for maintaining continued compliance

Key Result Areas: * Executing complex and enterprise application, and infrastructure security testing projects * Ensuring completion of project on time, co-ordination for pre-requisites, tracking delays, etc. * Identifying and infer the business risk posed by the weaknesses identified during the assessments * Engaging with both business and technical teams within and outside the organisation from a project scope definition, project execution, project closure and post-project support perspectives * Tracking errors made by the analysts and develop an improved plan for them

Project: Computer Network Defense (CND) and Incident Response Role: Lead VAPTDuties • Vulnerability Assessment & Penetration Testing (VAPT) Investigating vulnerabilities in software systems and software products  Threat and Vulnerability Analysis  Reverse engineering & Malware Analysis  Wireless and Mobile Applications Security Testing Discovering Zero Day vulnerabilities • Security Consulting Identify and help troubleshoot anomalies. Subject matter expert on security related issues. Working with technical architects and developers on design of security-sensitive features. Participate and assist in identifying and responding to global security incidents.• Incidence Response & Risk Management: Estimating vulnerability risk in context of application, environment and business scenarios.  Provide training and expertise to junior Incident Responders. Participating in leadership groups to plan and test incident response capabilities.Key Achievements:• Hand selected employees from Information Technology department to build Risk Assessment Team charged with analyzing all critical systems, developing reports to document system vulnerabilities, and recommending appropriate solutions.• Created company policies and procedures governing corporate security, email and Internet usage, access control, and incident response• Spearheaded creation of four new information-security departments: Risk Assessment, Vulnerability, Penetration Testing, and Security Engineering services

Job Profile includes• Managed DMZs, VPN and telecommunication technologies such as PBX and VoIP.• Identified network vulnerabilities and explore network security controls such as use of SSL and TLS for transmission security.• Identified the different components of a cryptosystem.• Installed and maintained security infrastructure, including IPS, IDS, log management, and security assessment systems.• Assessed threats, risks, and vulnerabilities from emerging security issuesTechnical Proficiencies Used: X-Ways Forensics, Oxygen Forensic Suite, UFED Cellebrite, EPOC, EnCase, pfSense, Passware Kit Forensics, MS-Office