May 2022 – Present · 3 yrs 10 mos

• Partner with Product Development and Business Leaders in developing and implementing Security strategy for Xylem Product Portfolio in Emerging Markets( APAC, Middle East and Africa).
• Lead and manage a diverse security engineers and subject matter experts responsible for implementing product security strategy and goals.
• Establish leadership and technical skills towards identifying and forecasting security threats with the ability to communicate impact to business.
• Consistent and successful delivery of complex, transformational security initiatives focused on product security design standards, defining and contributing the content for new development lifecycle and continuously overseeing existing security controls and providing recommendation to minimize security risks.
• Partner with Emerging Market business units and stakeholders in setting commitments to security plans to include integration of the Security Development Lifecycle program across all products, identify security processes and tools, defining and supporting the security training program.
• Lead and implement risk based analysis and mitigation through Threat Modelling and other related techniques and ensure control mappings to critical industry standards (CIS Standards, IEC/ISA 62443, BIO, KRITIS and more).

Jan 2020 – May 2022 · 2 yrs 4 mos

• Security architecture for implementing new solutions, products and modules.
• Develop, implement and maintain product security strategy for the entire business unit product portfolio covering IoT and, Smart-device suites
• Know the product portfolio in depth and understand the key risks presented to systems from a variety of factors across availability, integrity, and confidentiality
• Conduct complete lifecycle security architecture and technical assessments for a wide range of products, including embedded devices, software solutions, and cloud hosting
• Engage in application and domain-specific risk/threat modeling and attack surface analysis and reduction
• Provide guidance and leadership on best practices regarding security in software and firmware development
• Champion the Security Systems Development Lifecycle, including security testing and risk management of vulnerabilities in software/hardware on products
• Manage the implementation of common security controls
• Provide training and education to engineering teams on security best practices
• Support commercial teams by building customer trust in the security of Xylem products
• Work closely with all product development teams to assist them on improving the maturity of their Secure Software Development Lifecycle
• Provide feedback to development teams about the security of their applications
• Assist in tracking the security maturity of all products and solutions pertaining to and in support of Secure Software Development Life Cycles
• Investigate reported vulnerabilities, provide information about defect types, steps to recreate, exploitation likelihood, impact, risk, etc.
• Improve security testing methodologies and productivity
• Actively champion and participate in the perpetual improvement of the organization’s Product Security Assurance Program
• Leading a team of Security Engineers, support hiring and team building

Aug 2018 – Dec 2019 · 1 yr 4 mos

• Automating the manual and tool based scans using Java, Python and JavaScript and supporting DevSecOps
• Perform Security testing and analyse the results and assist developers in fixing the defects
• Improve security testing methodologies and productivity
• Security Training for the developers