Jan 2022 – Apr 2022 · 3 mos

• Cloud Security Leadership:
• Led a global security team responsible for securing Coupa’s business spend management SaaS platform, overseeing security implementations across multi-cloud environments, including AWS, Azure, and GCP.
• Security Operations:
• Managed security monitoring, investigations, incident response, and proactive threat hunting activities, optimizing processes through automation to reduce response times and improve detection accuracy.
• Conducted in-depth vulnerability assessments and network penetration testing of corporate assets, ensuring proactive risk mitigation.
• Deployed and managed security tools to strengthen security posture across cloud and on-prem infrastructure.
• Ensured strict adherence to compliance frameworks such as PCI-DSS, FedRAMP, and SOC, consistently achieving successful results in external security audits for two consecutive years.
• Designed and implemented Prisma Cloud to enhance cloud security, enabling continuous compliance monitoring and risk management across cloud environments.
• Spearheaded the deployment and operationalization of SIEM, integrating advanced log analysis and real-time monitoring capabilities to enhance security event visibility and forensic investigations.
• Supported engineering teams in implementing CIS security benchmarks, enforcing OS and service-level security hardening best practices, thereby elevating the overall infrastructure security maturity.
• Security Enablement & Mentorship:
• Provided mentorship to junior security professionals, fostering a knowledge-sharing culture and improving incident analysis capabilities within the team.
• Led the onboarding of Wipro as an MSSP partner, successfully augmenting security operations and improving detection and response efficiency through managed services.
• Evaluated and recommended security solutions aligned with organizational needs, ensuring cost-effective and scalable security implementations.

Feb 2021 – Dec 2021 · 10 mos

Jan 2019 – Jan 2021 · 2 yrs

Jan 2018 – Dec 2018 · 11 mos · Pune, Maharashtra, India

• Team Leadership and Global Security Operations:
• Led a team of Security Analysts to secure Vodafone infrastructure across 80+ countries, managing one of the world's second-largest security deployments.
• Part of the Global SOC (GSOC) catering to 80+ Vodafone direct business and partner countries for security operations and engineering purposes.
• Quality Assurance and Subject Matter Expertise:
• Performed quality assurance reviews and served as an SME for security threats and vulnerability management.
• Provided expertise in enriching event context and conducting advanced threat analysis.
• SIEM Management and Enhancement:
• Managed and enhanced the ArcSight SIEM deployment, improving incident detection capabilities and streamlining threat hunting processes.
• Integrated SIEM with IDS, IPS, Akamai WAF, Manage Engine for 24x7 Vodafone infrastructure uptime, and Security Telemetry Monitoring.
• Advanced Threat Detection and Analysis:
• Utilized Arbor DDoS suite for correlated event analysis.
• Utilized IDS, IPS detection for threats/APTs.
• Tweaking detection policies for high fidelity detections.
• Conducted active advanced monitoring and triage, enriching the context of security events.
• Operational Efficiency and Incident Response:
• Contributed to the success of CSOC 24x7 operations, significantly improving incident detection capabilities and response efficiency.
• Streamlined security processes and implemented best practices to enhance operational efficiency.

Sep 2014 – Jan 2018 · 3 yrs 4 mos · Pune, Maharashtra, India

• SIEM Architecture and Implementation:
• Architected and deployed AlienVault SIEM for on-premises and cloud environments.
• Integrated diverse log sources for comprehensive security monitoring, ensuring real-time visibility and threat detection.
• Incident Response, Threat Detection and Hunting:
• Deployed Cybereason MalOps/Hunting platform, significantly enhancing threat detection and response capabilities.
• Conducted advanced threat hunting activities, identifying and mitigating potential security incidents proactively.
• Endpoint Detection and Response (EDR):
• Led the deployment and policy creation for Cylance EDR, enhancing endpoint security across the organization.
• Configured and managed ForeScout NAC for network access control, ensuring only authorized devices could access network resources.
• Log Analysis and Security Information Management:
• Integrated Splunk for advanced log analysis, providing detailed insights into security events and incidents.
• Conducted in-depth log analysis to identify and respond to potential security threats.
• Managed Security Services:
• Oversaw security operations in collaboration with DELL SecureWorks MSSP, ensuring comprehensive managed security services.
• Regularly performed malware analysis, identifying and mitigating malware threats effectively.
• Security Operations and Policy Development:
• Conducted weekly reviews to enhance detection and remediation capabilities.
• Developed and enforced robust security policies, ensuring continuous improvement of the organization's security posture.
• Security Enhancements and Governance:
• Implemented enhancements in detection and remediation capabilities, improving overall security incident response.
• Ensured adherence to security governance standards, maintaining compliance with industry regulations and best practices.
• Customer Base:
• Automotive, Aerospace, Defence industries.

Feb 2012 – Nov 2013 · 1 yr 9 mos · Pune Area, India

• Engineered and managed incident response, monitoring, and malware analysis.
• Worked on perimeter security, troubleshooting and documentation of security incidents.
• Provided network support and system administration to ensure seamless operations.
• Enhanced operational efficiency through systematic and technical approaches.
• Customer-base:
• Insurance, FMCG, Finance, Agricultural, Mining

Feb 2011 – Feb 2012 · 1 yr · Pune Area, India

• Provided 24x7 internet security surveillance and resolved technical problems in a data center environment.
• Engineered network security configurations.
• Responsible for Network Security Monitoring.
• Conducted vulnerability testing, enhancing the overall network security posture through detailed technical assessments.
• Customers:
• Textile, Banking & Finance, Aviation