S

Shivendra S.

CEO

Dubai, United Arab Emirates16 yrs 3 mos experience
Most Likely To SwitchAI Enabled

Key Highlights

  • Led security strategy for multiple high-growth startups.
  • Built security teams across multiple geographies.
  • Recipient of multiple industry awards for security innovation.
Stackforce AI infers this person is a seasoned leader in Information Security across EdTech and FinTech sectors.

Contact

LinkedIn

Skills

Core Skills

Information SecurityGovernance, Risk And Compliance (grc)Network SecurityApplication Security

Other Skills

AI GovernanceAI risk managementAlipayAmazon Web Services (AWS)Application Security ArchitectureBug bountyBusiness ContinuityCEHCISSPCloud SecurityCode ReviewComputer ForensicsComputer SecurityCyber-securityCybersecurity

About

As a Chief Information Security Officer, I lead with a security-by-design mindset. My career spans high-growth startups and global platforms, leading security strategy and IT transformation at Emeritus, Lazada (Alibaba Group), Shopify, Ameriprise Financial and Dream11. Recognized for Excellence: Recipient of multiple industry awards for driving security innovation, compliance leadership and scalable architecture. Security Architecture, AppSec & IT Leadership: - Built security teams from scratch across geographies (India, China, Singapore, Canada, UAE), embedding secure SDLC and shift-left principles into development culture - Led the security architecture for integrating Alipay with Lazada’s e-commerce platform, ensuring PCI DSS compliance and regional data protection alignment across Southeast Asia - Designed secure API frameworks and tokenization protocols for cross-border payments, mitigating fraud and enforcing end-to-end encryption - Embedded security controls across ML Ops pipelines from data ingestion to model deployment, enforcing traceability and integrity of ML artifacts - Led IT operations and transformation initiatives, aligning infrastructure, endpoint security and identity architecture with business growth - Owned budgeting and P&L for security and IT functions, optimizing spend across cloud, SaaS and vendor ecosystems while maintaining compliance and performance Threat Management & AppSec Execution: - Led enterprise-wide threat modeling initiatives, aligning attack surface analysis with business-critical workflows and risk appetite - Operationalized secure code reviews and static analysis tooling across engineering teams, embedding security into daily development practices - Directed penetration testing programs across cloud, mobile and web platforms, driving remediation and executive-level reporting - Launched and scaled bug bounty programs, fostering ethical disclosure and continuous hardening of public-facing assets - Built and matured incident response playbooks, leading cross-functional war rooms for real-time containment, root cause analysis and post-mortem reviews Compliance & Governance Expertise: - Delivered enterprise-grade compliance across PCI DSS, SOC2, ISO 27001, PDPA and GDPR, tailoring controls to regional requirements - Embedded privacy and security guardrails aligned with the emerging EU AI Act, ensuring responsible AI deployment - Architected scalable governance frameworks for secure data handling, audit readiness and regulatory alignment in fintech and edtech environments

Experience

Emeritus

Chief Information Security Officer

Aug 2023Present · 2 yrs 7 mos · Dubai, United Arab Emirates · Hybrid

  • As the Head of Information Security and IT at Emeritus, I lead the global technology backbone that enables world-class online education delivery.
  • My focus is twofold: building resilient,
  • scalable systems and ensuring they remain secure in an increasingly AI-driven landscape.
  • I’ve embedded application security deep into our development culture, adopting a shift-left approach across engineering teams to catch vulnerabilities earlier and deploy safer code faster. From secure SDLC to automated threat modeling, security isn’t just an afterthought - it’s part of our build pipeline.
  • On the GRC front, I lead a cross-functional team that drives global compliance across ISO 27001, ITGC and PCI-DSS, transforming governance into a business enabler rather than a checkbox exercise.
  • Our Security Operations Center leverages AI to supercharge threat detection and incident response - allowing us to move from reactive firefighting to predictive risk management.
  • From behavioral analytics to automated playbooks, our SOC is designed for speed, context, and control.
  • I also co-own P&L responsibilities for enterprise IT-balancing innovation with cost control and ensuring every tech dollar delivers value.
  • This includes optimizing SaaS portfolios, and forecasting investments in future-ready infrastructure.
  • Emeritus is growing fast. So is the threat landscape. My job is to make sure the first never outpaces the second.
AI risk managementAI GovernanceInformation SecurityGovernance, Risk and Compliance (GRC)

Apna

2 roles

Head of Security - Sr. Director of Engineering

Promoted

Sep 2022Aug 2023 · 11 mos · Bengaluru, Karnataka, India · Remote

  • At Apna, I led the security team, overseeing application security, network security, governance, risk and compliance (GRC), automation, and the Security Operations Center (SOC). My responsibilities included managing the Web Application Firewall (WAF) and implementing security measures to protect our digital infrastructure. I worked closely with my team to identify and address vulnerabilities, ensuring our systems and data remained secure. By fostering a culture of security awareness and using advanced technologies, we effectively safeguarded Apna's platforms and user information. Leading the SOC team, I ensured timely detection, response, and mitigation of security incidents, further enhancing our organization's resilience.

Head of Security - Director of Engineering

Apr 2022Sep 2022 · 5 mos · Bengaluru, Karnataka, India · Remote

Network SecurityGRCCloud SecurityDLPSecure SDLCDevSecOps+8

Dream11

Director - Application and Offensive Security

Sep 2021Apr 2022 · 7 mos · Mumbai, Maharashtra, India · On-site

  • At Dream11, I was responsible for ensuring our applications were secure throughout their development and deployment.
  • My role involved working closely with developers to integrate security best practices into each stage of the software development lifecycle.
  • By conducting regular security reviews, identifying potential vulnerabilities, and implementing necessary fixes, I helped protect our platforms and user data from threats.
  • Additionally, I led a talented team of application security leads and engineers, promoting a culture of security awareness and providing training to ensure everyone understood the importance of building secure applications.
Application Security ArchitectureWeb Application FirewallApplication Security

Shopify

Application Security Engineering Manager

Aug 2020Sep 2021 · 1 yr 1 mo · Ottawa, Ontario, Canada · Remote

Security AwarenessGRCFinTechApplication Security ArchitectureWeb Application FirewallE-Commerce+1

Lazada group

2 roles

Vice President, Application Security

Apr 2018Apr 2020 · 2 yrs · Singapore

Secure SDLCFinTechBug bountyAlipayApplication Security ArchitectureE-Commerce+1

Senior Manager, Application Security

Sep 2015Apr 2018 · 2 yrs 7 mos · Singapore

Application Security ArchitectureE-CommerceApplication Security

Snapdeal

Security Team Lead

Aug 2014Sep 2015 · 1 yr 1 mo · Gurugram, Haryana, India · On-site

Application Security ArchitectureE-CommerceApplication Security

Ameriprise financial services, inc.

Senior Associate, Information Security

Aug 2012Aug 2014 · 2 yrs · Gurugram, Haryana, India

Application Security ArchitectureApplication Security

Info edge india ltd

2 roles

Senior Security Engineer

Feb 2012Aug 2012 · 6 mos · Noida, Uttar Pradesh, India

Application Security ArchitectureApplication Security

Security Engineer

Jul 2011Feb 2012 · 7 mos · Noida, Uttar Pradesh, India

Application Security ArchitectureApplication Security

Infosys

Systems Engineer (Security)

Aug 2009Jul 2011 · 1 yr 11 mos · Bengaluru, Karnataka, India

Application Security ArchitectureApplication Security

Education

Maharishi Dayanand University, Rohtak, Haryana

Engineer’s Degree — Computer Science

Jan 2005Jan 2009

Stackforce found 100+ more professionals with Information Security & Governance, Risk And Compliance (grc)

Explore similar profiles based on matching skills and experience

Mohit Sharma

Mohit Sharma

Accumulated Expertise

at Career-Wide Experience

India0 mo exp
Omair .

Omair .

Director, Offensive Operations

at Krash Consulting

Hyderabad, India19 yrs 9 mos exp
Penetration TestingSecurity
Rashi Sharma

Rashi Sharma

Information Security Specialist

at TD

Toronto, Canada6 yrs 3 mos exp
Parth Malhotra

Parth Malhotra

Research Team Lead

at ProjectDiscovery.io

Jaipur, India0 mo exp
NITIN RATHI

NITIN RATHI

Executive Director

at Asizure xtech private limited

Ghaziabad, India8 yrs 6 mos exp
Subhojit Mukhopadhyay

Subhojit Mukhopadhyay

PL/SQL Developer - L2

at Globtier Infotech Limited

Gurugram, India2 yrs 1 mo exp
Open-Source Development
Vikram Mehta

Vikram Mehta

Founder & CEO

at Cy5.io

Gurgaon, India19 yrs 11 mos exp
Application Security
GS

Gurpreet Singh

Software Engineering Leader, Security

at NVIDIA

United States30 yrs 3 mos exp
Cloud SecurityCybersecurity