Aaftab Khan — CEO

Passionate InfoSec Manager and DevSecOps Lead, Aaftab Khan, is a driving force in the cybersecurity and cloud computing space. A CISSP and AWS-certified professional, Aaftab has propelled Novo Platform Inc. to its current valuation of $700M, starting as the 6th employee. Aaftab champions an organization's security by maintaining system and data confidentiality, integrity, and availability. His expertise lies in architecting and implementing robust Cloud infrastructure that bolsters the organization's security posture and scalability. He led the successful achievement of SOC2 compliance, navigating the entire assessment and certification process. A firm believer in continuous improvement, Aaftab initiated the implementation of DevOps practices, streamlining software development and deployment processes. He has also devised and implemented a data pipeline for business intelligence, empowering efficient data analysis and decision-making. Skilled in vendor management, he ensures that third-party suppliers meet the organization's security requirements. As a leader, he has built a cohesive team of security professionals, fostering a positive and inclusive work culture that values collaboration, knowledge sharing, and continuous learning. His proficiency in SecOps practices, aligned with NIST and CIS benchmarks, has enhanced threat detection and response capabilities. Aaftab's deep understanding of information security principles, best practices, frameworks, and industry standards such as ISO 27001, NIST, CIS, PCI-DSS, GDPR, HIPAA, FERPA, and SOX, along with risk management and assessment skills, fortifies his professional portfolio. He also has a solid grasp of security infrastructure technologies with AWS services and familiarization with security tools like DataDog, ElasticStack, Google Drive DLP, Gmail DLP, and Uptycs. Prior to joining Novo, Aaftab honed his skills as a DevOps Engineer/Solution Architect at Mobisoft Infotech Pvt. Ltd., where he was responsible for cloud architecture and design, monitoring, performance optimization, and cloud cost management. Aaftab is proficient in several scripting languages, source code management tools, project management tools, CI-CD tools, databases, web servers, caching tools, server monitoring tools, cloud services, AWS security services, and BI tools. Aaftab is a B.E. graduate in Information Technology from M.G.M’s COE., Nanded, and holds a diploma in Computer Science & Engineering from M.P.G.I., Nanded. He is fluent in English, Hindi, Marathi, and Urdu.

Stackforce AI infers this person is a Cybersecurity and Cloud Computing expert with a strong focus on DevSecOps practices.

Location: Pune, Maharashtra, India

Experience: 11 yrs

Skills

Cloud Security
Devsecops
Grc

Career Highlights

Achieved SOC2 compliance in record time.
Implemented DevSecOps culture, reducing vulnerabilities by 50%.
Architected robust cloud infrastructure on AWS.

Work Experience

Novo

InfoSec Manager (7 yrs 10 mos)

DevSecOps Lead (1 yr)

Mobisoft Infotech - Mobile Solution Experts

Solutions Architect (2 yrs)

Clickspot.io

DevOps Engineer (2 yrs)

Education

Bachelor of Technology - BTech at Mgm College Of Engineering & Technology

Aaftab Khan

CEO

Pune, Maharashtra, India11 yrs experience

Most Likely To SwitchHighly Stable

Key Highlights

Achieved SOC2 compliance in record time.
Implemented DevSecOps culture, reducing vulnerabilities by 50%.
Architected robust cloud infrastructure on AWS.

Stackforce AI infers this person is a Cybersecurity and Cloud Computing expert with a strong focus on DevSecOps practices.

Contact

Skills

Core Skills

Cloud SecurityDevsecopsGrc

Other Skills

AWSApplication SecurityAutomated security testingBackup strategiesCI/CD deployment pipelinesClient collaborationCloud architectureCloud infrastructureContinuous monitoringData protection impact assessmentsDevSecOps frameworkDockerIncident responseJenkinsLeadership

About

Experience

Novo

2 roles

InfoSec Manager

Promoted

May 2018 – Present · 7 yrs 10 mos · Remote

Spearheaded the successful implementation of a comprehensive security framework for a fast-growing organization, achieving SOC2 certification within a record time frame.
Led the design and deployment of a cloud-native infrastructure on AWS, implementing robust security controls and achieving significant cost savings through optimized resource utilization and automated security configurations.
Established a DevSecOps culture by implementing secure coding practices, automating security testing, and integrating security checkpoints into the CI/CD pipeline, resulting in a 50% reduction in vulnerabilities and faster time-to-market for software releases.
Developed and executed a proactive vulnerability management program, reducing critical vulnerabilities by 75% through regular scanning, prioritization, and timely remediation.
Led incident response efforts for a major security incident, minimizing the impact by rapidly containing and mitigating the incident, and implementing measures to prevent future occurrences.
Successfully collaborated with cross-functional teams to ensure compliance with SOC2 requirements, including conducting data protection impact assessments, implementing appropriate technical and organizational measures, and establishing a comprehensive data breach response plan.

SOC2 complianceCloud infrastructureAWSDevSecOpsVulnerability managementIncident response+1

DevSecOps Lead

May 2018 – May 2019 · 1 yr · Remote

Implemented a robust DevSecOps framework that significantly improved the organization's security posture and operational efficiency. Led the successful integration of security practices into the software development lifecycle, resulting in a 50% reduction in security vulnerabilities and a 30% decrease in time-to-market for new releases. Introduced automated security testing and continuous monitoring tools, reducing manual effort by 70% and enhancing the accuracy and effectiveness of security assessments. Spearheaded the establishment of secure code review processes, leading to a 40% decrease in code vulnerabilities and ensuring compliance with industry standards and regulatory requirements. Collaborated closely with cross-functional teams to foster a culture of security awareness and knowledge sharing, resulting in improved security practices across the organization.

DevSecOps frameworkAutomated security testingContinuous monitoringSecure code reviewDevSecOps

Mobisoft infotech - mobile solution experts

Solutions Architect

Jan 2016 – Jan 2018 · 2 yrs

Chiefly responsible for securing and managing the organization’s cloud infrastructure on AWS. This included using various security policies, backup strategies and encryption techniques.
Lead change and continuous improvement for both innovation and processes.
Architecture and delivery of most Java based web applications.
Designed fully automated CI/CD deployment pipelines for most application.
Performed security assessment of a data intensive web-application at rest and in-transit; defined and applied security controls on new enhancements
Automated instance provisioning and implemented security features using AWS Lambda
Mentored 5+ new team members and provided technical assistance to internal development tracks.

Cloud architectureSecurity policiesCI/CD deployment pipelinesSecurity assessmentCloud Security

Clickspot.io

DevOps Engineer

Dec 2014 – Dec 2016 · 2 yrs

Lead and participate in the design, development and prototyping of web applications to support 100 Million page views.
I had technical ownership of all web applications and worked closely with clients.

Web application developmentPrototypingClient collaboration