Few recent projects handled at RiskSekPerformed end-end security assessment for an API store application hosted on Azure for a UK-based client. Assessment includes Security Architecture Review, Risk Assessment, Configuration Review, Vulnerability Assessment.Performed end-end security assessment for a US-based Fintech company, and addressed 500+ cloud configuration issues and 50+ Security issues at their Design and Architecture phase. Performed entire Product Security Assessment for an India-based product company.

Comerica Bank (NYSE: CMA) is one of the leading banks in Michigan. ● Lead various projects and provide end to end security for the applications in various domains. ● Provide advice to the application teams and help them architect secure applications.● Work with product owners and Application Service Providers (ASP) to evaluate overall product security, identify risks and suggest possible solutions. ● Evaluate security of AWS services. ● Perform security review of applications and in depth risk analysis. ● Perform threat modelling, collaborate with other security teams and analyze the impact of potential risks. ● Perform security testing and code reviews. ● Review high critical risks with CISO and domain CIOs. ● Collaborate with policy team and define standards. ● Ensure proper standards are followed to comply with PCI, SOX, AIBE. Few Projects Implemented Security architecture and Risk Management for various projects: ● Led the implementation of new Payments platform that was used by 45,000 users and that generates $43M dollars in revenue per year. ● Led the upgrade of Teller infrastructure across 320 banking centers. ● Led the migration of Comerica Business Connect Portal application into AWS cloud which is accessed by about 50,000 users.

Credit Acceptance (NASDAQ: CACC) has a network of automotive dealer-partners and gives consumers the opportunity to re-establish their credit. Security Strategy ● Assist the Director of Information Security to develop Security policy, built processes, plan security initiatives and resources. ● Provide strategic technical recommendations, manage Risk and Cost analysis, assist in developing security budget and create ROI. ● Identified opportunities, built road map and convince the management to implement on my ideas. Compliance & Risk Management ● Implement Security Awareness programs. ● Coordinate with legal team and review compliance requirements. ● Manage sensitive incidents and forensic data handling. ● Support audit activities sponsored by internal & external audit teams. ● Manage vulnerability assessments and external penetration tests, identify and mitigate risks. ● Perform security assessments for third party vendors and cloud service providers. Security Architecture and Operations ● SME on all security related projects and handle customer escalations. ● Liaison with business leaders and architects to ensure secure integration of the applications and data protection. ● Mentor team members, review project and implementation plans. ● Led vendor licensing, procurement, support contracts and renewals. Few Projects Implemented ● Actively involved in ISO 27002 audit process with external auditors. ● Led the implementation of password policy across all the applications. ● Evaluate new technologies, architect and deploy various security tools. Key Accomplishments:● Improved security posture on all public facing applications accessed by 1 million+ active customers. ● Mentored the team to gain working level proficiency in less than 3 months. ● Proposed Checkpoint appliances which saved $200k on 5yr support costs. ● Analyzed third party monitoring services, negotiated pricing and saved $100k on 5yr support costs.

Took additional responsibility to manage operations at Meritel.● Manage the offshore team, setting up direction, work prioritization and project delivery. ● Mentor the team to seek for new tools, technologies & initiatives. ● Provide liaison between clients and application teams. ● Interact with clients for requirements analysis, budgeting projects. ● Proposed & designed time tracker application that helped management to monitor the projects and teams’ work load. ● Proposed & implemented team structures, employee recognition program, work perks that greatly improved team morale, project delivery & timelines.

● Acted as a single point of contact for Data, Voice and Security infrastructure projects and issues. ● ROI analysis, architect and implement Network and Security infrastructure for about 50 clients. ● Managed project transition plans and site relocations that scale up to 300 users. ● Create RFPs, understand project goals, key components, dependencies, risk analysis and Disaster Recovery planning. Few Projects Implemented ● Vulnerability assessments for various clients. ● Multiple network infrastructure upgrades that includes project planning, risk analysis, bandwidth analysis, network and security design and implementations, backup and redundancy plans, VPNs. ● Establish data & voice connectivity, network design, cost analysis, connectivity to multiple vendors and business partners, VoIP installation using Avaya IP Office, vendors management. Key Accomplishments● Proposed and migrated to Cisco firewalls during a critical downtime of core network. ● Assumed additional responsibility to support VoIP infrastructure, learned within 2 weeks and successfully implemented end-end VoIP solutions for multiple clients. ● Minimized organization costs and improved efficiency through product standardization and implementing standard operating procedures. ● Proposed and implemented network monitoring tools, change management and security policies.