Nimish Mendiratta

CEO

Gurgaon, Haryana, India15 yrs 8 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Proven leader in global security engineering operations.
  • Expert in developing cybersecurity strategies and incident response.
  • Significantly reduced vulnerabilities through proactive management.
Stackforce AI infers this person is a Cybersecurity expert with extensive experience in security engineering and operations.

Contact

LinkedIn

Skills

Core Skills

CybersecuritySecurity ManagementVulnerability ManagementCloud SecurityIncident ResponseSiem

Other Skills

AWSAWS Patch ManagerAmazon Web Services (AWS)AntivirusArcSightBurp SuiteCCNA SecurityCEHCertified Information Security Manager (CISM)Content FilteringCylanceCylanceProtectEC2Endpoint SecurityFireEye

About

Security Engineering & Operations Manager | 15+ Years of Experience in Cybersecurity Proven leader in security engineering operations, managing global teams to design, implement, and optimize enterprise security solutions. Adept at developing strategies to protect assets, mitigate threats, and ensure compliance. Current Role: Security Engineering & Operations Manager | Expedia Group • Lead a global team of security engineers and analysts to design, implement, and maintain robust security solutions. • Develop and execute cybersecurity strategies to protect infrastructure, data, and applications from threats and vulnerabilities. • Oversee incident response planning and execution, ensuring rapid mitigation of security breaches. • Manage vendor relationships to ensure the security of outsourced systems and services. • Collaborate with IT, legal, and compliance teams to align security policies with business objectives. • Conduct security assessments and audits to identify and remediate vulnerabilities, ensuring compliance with industry standards (SOX, CAS). • Implement security awareness training programs to foster a security-first culture across the organization. • Led the implementation of a vulnerability management program, reducing critical vulnerabilities through proactive scanning and remediation. • Integrated security best practices into the software development lifecycle (SDLC), ensuring secure coding and regular security testing. • Optimized security budgets, licensing, and resources to enhance security posture while controlling costs.

Experience

Expedia group

Senior Manager Security Engineering & Operations

Jul 2017Present · 8 yrs 8 mos · Gurugram, Haryana, India

  • Lead a global team of security engineers and analysts in designing, implementing, and maintaining enterprise-wide security solutions.
  • Develop and execute security strategies to protect company assets, infrastructure, and data from cyber threats and vulnerabilities.
  • Oversee incident response planning and execution, ensuring swift mitigation of security breaches.
  • Manage vendor relationships to enhance the security of outsourced systems and services.
  • Collaborate with IT, legal, and compliance teams to align security policies with business objectives.
  • Conduct security assessments and audits to identify and remediate gaps in security controls, ensuring compliance with industry standards (SOX, CAS).
  • Design and implement security awareness training programs to foster a culture of cybersecurity across the organization.
  • Spearheaded a vulnerability management program, significantly reducing critical vulnerabilities through proactive scanning and remediation (Qualys, SCCM, SSM, AWS Patch Manager).
  • Integrated security best practices into the software development lifecycle (SDLC), ensuring secure coding and regular security testing.
  • Designed, developed, and managed AWS cloud infrastructure, including EC2, VPC, IAM, Security Groups, Load Balancers, and Route 53.
  • Conducted stability testing of existing data security architecture to assess resilience and effectiveness.
  • Led Proof of Concept (PoC) for onboarding security tools in AWS Cloud/Data Center for endpoint security (EDR: Carbon Black, CrowdStrike, Microsoft Defender, Cylance, FireEye).
  • Managed OKTA/SSO setup for multiple security applications and devices to enhance authentication and access controls.
  • Optimized security budgets, licensing, and resource allocation to enhance security posture while controlling costs.
LeadershipSecurity ManagementCybersecurityIncident ResponseVulnerability ManagementAWS

Bt

Cyber Security Specialist

Sep 2016Jul 2017 · 10 mos · Gurugram, Haryana, India · On-site

  • Led, managed, and prioritized a team of Security Analysts in an operational environment, providing Level 3 support and ensuring adherence to SLAs for agreed service metrics.
  • Maintained enterprise-wide Antivirus and Malware detection services, ensuring optimal protection for end-user systems, Wintel server environments, and storage infrastructures.
  • Managed and maintained ePO connectivity to McAfee sources, ensuring timely updates for DAT files, patterns, and malware definitions.
  • Responded to emergency DAT file update requests, ensuring swift deployment of critical security patches.
  • Contributed to continuous improvement initiatives, optimizing security operations and response strategies.
  • Investigated and resolved complex security incidents, problems, and change requests within the operational environment.
  • Generated and analyzed daily, weekly, and monthly security reports for management and technical teams, ensuring data-driven decision-making.
  • Tuned SIEM rules, correlation policies, and dashboards to enhance threat detection and response efficiency.
  • Developed, monitored, and optimized SIEM correlation rules for improved threat intelligence and incident response.
  • Conducted log reporting, analysis, and data extraction to identify security trends and anomalies.
CybersecurityAntivirusMalware DetectionSIEMIncident Response

Accenture

Senior Information Security Analyst

Mar 2015Aug 2016 · 1 yr 5 mos

  • Information Security Professional with extensive experience in implementing and administering SIEM solutions and proficiency with a range of security tools, including WebSense Content Filtering, McAfee NSM, IBM SiteProtector (IPS/IDS), and Nessus VA/PT. Specializing in SIEM solutions, I have successfully delivered tailored security solutions to clients, managing various domestic and international projects in the UK and US.
  • Implemented and managed ArcSight ESM and Connectors across multiple locations, ensuring seamless integration and optimal performance.
  • Integrated diverse end devices with ArcSight, IBM QRadar, and Splunk, enhancing system interoperability and security monitoring capabilities.
  • Administered ArcSight SIEM, including configuration, tuning, and maintenance, to ensure robust security event management.
  • Developed custom ArcSight use cases to meet specific client requirements, improving threat detection and response.
SIEMArcSightSecurity ToolsThreat DetectionCybersecurity

Tata consultancy services

Security Administrator

Jul 2010Mar 2015 · 4 yrs 8 mos · Gurugram, Haryana, India

  • As an Information Security Analyst specializing in Security Information and Event Management (SIEM), I have developed extensive expertise in implementing and administering ArcSight solutions and other security platforms. My key responsibilities and accomplishments include:
  • ArcSight Implementation and Administration: Led the deployment and management of ArcSight Enterprise Security Manager (ESM), Logger, and connectors, ensuring seamless integration and optimal performance across various environments.
  • Device Integration: Integrated a diverse range of end devices with ArcSight SIEM, enhancing the organization's security monitoring capabilities.
  • Use Case Development: Developed and customized ArcSight use cases to meet specific client requirements, improving threat detection and response efficiency.
  • RSA Security Analytics: Administered RSA Security Analytics, including architecture design, correlation rule creation, and comprehensive reporting, to enhance security visibility and incident response.
  • Threat Analysis and Reporting: Monitored emerging threats, prepared detailed reports, and escalated critical issues to relevant teams to ensure timely mitigation.
SIEMArcSightThreat AnalysisSecurity ReportingCybersecurity

Education

Institute of Management Technology, Ghaziabad

Master of Business Administration (M.B.A.) — Information Technology

Jan 2014Jan 2016

Amity University

Bachelors in Computer Applications — Information Technology

Jan 2006Jan 2009

Stackforce found 100+ more professionals with Cybersecurity & Security Management

Explore similar profiles based on matching skills and experience

CP

Chintu P.

Information Security Consultant

at Confidential

Bengaluru, India11 yrs 2 mos exp
Information SecurityNetwork Security
Deepanshi Sharma

Deepanshi Sharma

Security Engineer

at Zuora

Bengaluru, India10 yrs 6 mos exp
AT

Adwait Tapale

Accumulated Expertise

at Career-Wide Experience

Pune, India0 mo exp
SM

Shafaz M J

Lead Security Specialist - Vulnerability Management

at LTIMindtree (Saudi Arabia)

Bengaluru, India9 yrs 6 mos exp
Vulnerability Management
Deepak Thakural

Deepak Thakural

Sr. Detection Engineer & Threat Hunter

at Autodesk

Bengaluru, India8 yrs exp
Nisha kumari

Nisha kumari

Associate

at Morgan Stanley

Bengaluru, India7 yrs 9 mos exp
VK

Vikram Kumar

Infrasturcture Vulnerability Analyst

at Blue Yonder

Bengaluru, India5 yrs 4 mos exp
CybersecurityVulnerability AssessmentVulnerability Management
Rashi Sharma

Rashi Sharma

Information Security Specialist

at TD

Toronto, Canada6 yrs 3 mos exp