Oct 2022 – Apr 2024 · 1 yr 6 mos

• MatchMove is a fast-growing and disruptive fintech company in digital payments and banking. The company's proprietary Banking OS enables Embedded Banking and the capabilities of Spend.Send.Lend.Defend.Ascend within our clients’ existing apps. The company is headquartered in Singapore with offices in India, Indonesia, Vietnam, Hong Kong, Malaysia, and the Philippines.
• The acquisition of leading e-commerce infrastructure provider, Shopmatic, is the next step in that journey: combining a best-in-class Digital Commerce platform focused on SMEs with MatchMove's advanced Embedded Finance capabilities.
• Shopmatic is an international ecommerce company specialised in providing and enabling merchants to do ecommerce their way. It is the only technology company in the world to offer 4 different ways to do ecommerce - Shopmatic Chat, Shopmatic Social, Shopmatic Webstore and Shopmatic Marketplaces. From developing their own unique web store, to listing them on marketplaces & social channels, to giving them insights on how to sell online, we help customers manage everything that is required to help them grow their business.

Apr 2021 – Oct 2022 · 1 yr 6 mos · Bangalore Urban, Karnataka, India

Jul 2020 – Apr 2021 · 9 mos · Bengaluru, Karnataka, India

• Joined Aviso as Head InfoSec and CISO.
• Working towards strengthening the Information Security Posture of Aviso and to establish a seamless InfoSec governance program.

Oct 2017 – Jul 2020 · 2 yrs 9 mos · Bangalore

• Worked as CISO (Chief Information Security Officer) for Go Digit General Insurance to implement world class Information / Cyber security.
• Responsible to develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization remains intact.

Mar 2016 – Oct 2017 · 1 yr 7 mos · Bangalore, India

• Client and Sr. stakeholder management for various deals
• Responding to RFP’s and RFI’s for various deals for Information Security
• Providing Security consulting (Information / IT / System security) for different projects
• Supporting different teams of consultants and engineers to implement the architected security solutions.
• Harvesting intellectual property from engagements that can be developed into best practices or for reuse.

Oct 2014 – Mar 2016 · 1 yr 5 mos · Greater Bengaluru Area

• Information security (IS) management and IS controls mapping for different standards and regulations.
• Global Stakeholder (senior) management on different IS projects, product strategies and insights.
• Vulnerability and Risk Management services for different IS projects within Symantec.
• Active member in Pro-Active Security Operations team and devising ways to tackle threats before attack happens.
• Research the adoption of new and emerging Information Security technologies (Cyber security, MSS etc.)
• Planning, Deploying and Review of Risk & Compliance Management activities (Symantec Internal).
• Handling and grooming a global team of 27 FTEs for IS projects and operations.
• Assess current technology trends in the Information Security and predict future trends and the impact to Symantec.
• Collaborating with different security teams for smooth InfoSec projects rollout.

Sep 2011 – Sep 2014 · 3 yrs · bangalore

• Product Portfolio development – Developed portfolio for Unisys proprietary Stealth Solution.
• Designing and developing InfoSec portfolios for managed security services (Security Device Management, Cloud Based Security Services etc.)
• Assisted in FedRAMP certification for Unisys datacenter.
• Worked on BEATO a baseline assessment tool of Unisys and Information security controls mapping for different standards and regulations (HIPPA, FFIEC, GLBA, SOX etc.).
• Responded RFP’s and RFI’s for various Unisys projects for Information / Network Security and assisted in many Application and Storage RFP’s
• Provided Security consulting (Information / IT / System security), Security Architecture and Risk Management services for different security solutions for Unisys clients. Mapping InfoSec controls and compliance requirements.
• Supported different teams of consultants and engineers to implement the architected security solutions.
• Harvested intellectual property from engagements or solutions that can be developed into best practices or for reuse.

Nov 2010 – Sep 2011 · 10 mos · Bangalore

• Project Lead for ASE (AppScan Enterprise) implementation for client (CITI Bank).
• Regulatory Risk and Compliance guidance for clients and Coordinate Internal audits.
• Risk Assessment and reporting on regular basis for clients.
• Consultation on Secure Development Lifecycle (SDL).
• Interaction with the client for collecting requirements and to make sure the smooth delivery of the projects.
• Knowledge share between teams and Grooming new talents.
• Map product solution and technical information to customer’s context; Conduct informal risk analysis.

Apr 2010 – Oct 2010 · 6 mos

• Implementation of ISMS (ISO 27001), the certification was completed with ZERO NC’s.
• Risk Assessment and Regulatory Compliance reporting periodically.
• Collecting requirements from clients for Risk Management, IS Control Framework design and implementation.
• Conducting Security Awareness Sessions for employees and clients regularly and managing process compliance.
• Lead all stages of Information Security Solution Developments.
• Planning, Deploying and Review of Risk & Compliance Management activities.

Aug 2008 – Mar 2010 · 1 yr 7 mos

• Identifying and scheduling project related to information security management.
• Keenly plan, strategize, implement with functional skills in identifying process requirements to enhance the operational security effectiveness.
• Monitoring and reporting Technical and Regulatory compliance to the AOL and its business partners with the ISMS policies.
• Performing vulnerability assessments and taking the required counter actions and measurements to ensure the security of the IT infrastructure / systems.
• Developing robust processes to support ISMS policies.
• Developing and sustaining the information security awareness program within AOL.
• Contributed on following Projects:
• o Antivirus Management, Vulnerability Management, Malware Incident Managements, Internal (Desk side) Auditing and Control, Security Advisory Services, SOC Implementation in AOL, Patch Management

Jun 2007 – Aug 2008 · 1 yr 2 mos

• Perimeter Security \Event Monitoring – The team was responsible to monitor and analyse the real time events using IDS, Proxy and Correlation engines. We were required to escalate any suspicious traffic (DOS, DDOS, Policy violation, Spyware, Worms etc) detected to CSIRT and get it resolved.
• Auditing and Reporting – Responsible to carry on the Ad hock audits and reporting requests from different LOBs and provide the reports in time.
• Vulnerability Management – Vulnerability scanning and reporting on Ad hock and monthly basis.

Jun 2005 – Dec 2006 · 1 yr 6 mos

• Vulnerability Management, Virus Incident Management, Antivirus Management (Trend Micro)
• Internet content-control (Websense), Server Security Auditing
• Other Responsibilities: As part of the Client engineering team I was also responsible for the following:
• o Application Packaging, AD-Cleanup

Dec 2004 – Jun 2005 · 6 mos

• o Vulnerability Assessment (ISS Vulnerability Scanner)
• o Security Auditing
• o Antivirus management (Symantec - Norton)
• o Firewall Implementation and Management (Checkpoint)
• o Remote Patch Management Project

Oct 2003 – Dec 2004 · 1 yr 2 mos

• Infrastructure Security Team Member
• Network Security Design(Team Member)
• Developing SOPs and Procedures
• OS Hardening(win NT, 2k)
• Administrative and Security Scripting:
• o Remote Unauthorized Local Admin Members Removal System
• o Remote Patch Deployment Batches