Sep 2020 – Jun 2024 · 3 yrs 9 mos · Bengaluru, Karnataka, India · On-site

• Executed a road map based on risk based approach for Enterprise Security & SecOps with a phased approach to elevate security posture (People, process & tech)
• Identified and tracked metrics to measure outcomes and maturity
• Assessing identified/reported security issues and determining severity and priority based on impact to business
• Driving our existing SDLC processes to Secure SDLC through consensus building with engineering leaders (SAST, Secrets, Vulnerability Management, Surface Area Management, etc.)
• Managing a private bug bounty program
• Heading and partnering with highly talented folks to drive risk based security culture within the organization
• Strengthened cloud infrastructure on AWS by ensuring best practices are followed to avoid misconfigurations and building guardrails thereby providing freedom to teams and control to the org
• Evaluated multiple tools and promoted adoption to manage security at scale in the organization from a “Shift-Left” perspective
• Leading the incident response practice
• Securing SaaS products and developing guidelines for consuming SaaS within the org
• End user/Device/Data security, Infra/Network security, Logging & Monitoring, Threat Intel management, etc.
• Working closely with Product & IT Teams to assess security impact of their projects and changes
• Supporting internal and external audits

Apr 2018 – Sep 2020 · 2 yrs 5 mos

• This role had 3 facets. Application Security, Network Security & Information Security.
• Securing the Broadcast & OTT business was the primary mandate
• Partnered with the Application teams to ensure that we release internal tools/products after due diligence and validation
• Lead the ISMS (ISO 27001:2013) steering committee and implementation and got both Broadcast & OTT business ISO certified
• Constantly mentoring the application, network & infrastructure teams to secure and harden our posture to meet highest standards
• Assisted other teams in our efforts to become GDPR ready for certain businesses
• Formulating policies and reviewing them periodically to adapt to changing business needs and external risk factors
• Played a pivotal role in driving network segmentation to secure our Broadcast environment which is the crown jewel for any M&E company
• Ensuring overall performance and availability of Network & Security Infrastructure for over 2000 people across 9 locations
• Preparing the annual operating plan in partnership with the Business Finance teams & forecasting based on gaps and plans for mitigating risks

Apr 2016 – Mar 2018 · 1 yr 11 mos

• Responsible for Information & Network Security while ensuring Network uptime and capacity management. In this role i was required to assess gaps in our infrastructure and provide solutions with various options. The evaluation procedure include both technical and commercial evaluation. Basis this information costs were accordingly mapped in Operational Expenditure & Capital Expenditure with strong business justification. During this tenure key focus was on content network capacity management and planning as most of our content delivery mechanisms are now digital. The role required me to address Information Security requirements as well. This included complying to various audit requirements which were result of a gap assessment and risk evaluation.

Apr 2014 – Mar 2016 · 1 yr 11 mos

Oct 2010 – Mar 2014 · 3 yrs 5 mos

• During this period i was responsible for managing both Corporate and Content networks. Responsible for Networking & Network Security across all offices in India. Deployment of network security devices like Firewalls (Cisco, Check Point, Fortigate), APT (FireEye), Email Security (Ironport C-Series), etc. Also implemented Link Load Balancers from Radware. This also included managing Storage Area Networks (SAN) and storage too. Key responsibilities included managing and administration of FC Switches and NAS. I was also an administrator for Broadview (Channel Scheduling Software) and was instrumental in implementing Role Based Access (RBAC) in this system which ensured smooth user management while we grew from 3 channels to 20-25 channels. I was also responsible to represent Viacom18 IT as an auditee during various audits carried by Viacom or Viacom18.

Oct 2009 – Sep 2010 · 11 mos

• Responsible for SQL & Exchange administration while continuing to support and troubleshoot Microsoft Infrastructure like Active Directory, DHCP, DNS, WSUS, etc. During this period i was responsible for setting up entire infrastructure for SUN18 which is now known as Indiacast (Distribution & Syndication)
• During this implementation we delivered the entire infrastructure using Citrix Xen Server & Xen App for the first time and ensured that we adopted virtualisation much before our peers. This infrastructure also served as a private cloud.

Jan 2008 – Sep 2009 · 1 yr 8 mos

• Was responsible for Implementing a new Active Directory, DHCP, DNS, Backup, Microsoft Exchange Installation and Migration from Singapore to India, WSUS, Implementation of SonicWall as primary Internet Gateway, Implementation of HP Tape Library and Veritas Backup Software. Was a key team member for implementing infrastructure for Viacom18 which was recently formed. Before this all IT services were extended to us by MTNASIA in Singapore. The migration activity involved setting up ERP and channel scheduling software as well.

Jun 2006 – Dec 2007 · 1 yr 6 mos · Mumbai Area, India

• Was responsible for managing Active Directory, DHCP, DNS, Backup, Microsoft Exchange, Patching, etc.
• In addition to this, i was also responsible to close tickets which got escalated and required organisation wide changes.

May 2005 – May 2006 · 1 yr · Mumbai Area, India

• Was responsible for managing end user needs and expectations. Key responsibilities include providing timely delivery of IT services to business users.