Gangesh Vats

DevOps Engineer

Delhi, India20 yrs 6 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Expert in cloud security architecture and DevSecOps.
  • Proven track record in automating security processes.
  • Strong collaboration with cross-functional teams.
Stackforce AI infers this person is a Cloud Security and DevSecOps expert with extensive experience in enterprise environments.

Contact

LinkedIn

Skills

Core Skills

Cloud SecurityDevsecopsSecurity AutomationApplication SecurityDevops

Other Skills

AWS Certified Solutions ArchitectAWS SecurityAWS WAFAgile MethodologiesAmazon Web Services (AWS)AnsibleAutomationChange ManagementCloud ComputingCloudflareCommunicationCross-team CollaborationCyber Risk ManagementCyber-securityCybersecurity

About

Staff-level Cloud & Cybersecurity Engineer with 18+ years of experience designing, scaling, and operationalizing secure-by-design cloud platforms across AWS. I specialize in cloud security architecture, DevSecOps, GitOps, policy-as-code (OPA/Rego), and security automation—embedding security directly into engineering workflows to reduce risk, accelerate delivery, and improve developer experience. Over my career, I’ve progressed from managing enterprise messaging platforms and contributing to infrastructure hardening and critical audit remediation, to leading security automation and cloud security enablement at scale. My work spans closing long-standing audit findings, improving Product Security Review (PSR) processes through automation, enabling penetration testing operations, supporting Red Team engagements with immutable IaC environments, and strengthening application security through AWS WAF baseline definition and observability. I’m recognized for bridging deep technical expertise with process excellence—partnering closely with Security Engineering, SRE, and DevOps teams to implement secure-by-design principles through policy-as-code, automation, and GitOps-driven governance. My focus is on building scalable security platforms that deliver measurable risk reduction, transparency, and operational efficiency across global engineering organizations. A continuous learner and AWS Certified (Security Specialty | Solutions Architect – Professional), I’m passionate about advancing cloud security maturity through data-driven insights, innovative tooling, and knowledge sharing that empowers teams to move fast—securely.

Experience

Mckinsey & company

2 roles

Senior Cloud & Cybersecurity Engineer

Promoted

Jul 2017Present · 8 yrs 8 mos · Hybrid

  • Cloud Security, DevSecOps & Platform Security:
  • Designed and owned the Integrated Deploy & Verify Process (IDVP), a custom GitOps-based security validation framework embedding preventive and detective controls into Terraform pipelines. Achieved near-100% pre-deployment validation coverage across AWS service patterns (EC2, Secrets Manager, Aurora PostgreSQL, ALB, KMS), preventing security issues from reaching production.
  • Identified and remediated 30+ security misconfigurations and 10+ functional gaps during pattern validation, materially reducing production risk and accelerating secure adoption of standardized cloud building blocks.
  • Authored Technical Security Standards (TSS) for core AWS services, defining secure-by-design, preventive, detective, and corrective controls aligned with enterprise risk and compliance objectives.
  • Built preventive WIZ CCRs using OPA/Rego and Wiz CLI to enforce guardrails such as IAM-only access to Secrets Manager and EC2 ENI restrictions, enabling proactive policy enforcement.
  • Application Security & PSR Automation:
  • Automated Product Security Review (PSR) workflows using XSOAR and backend security integrations, reducing manual effort by ~40% while driving automation-first improvements by driving gap analysis across PSR and AWS WAF onboarding to lower friction and risk exposure.
  • Partnered with Penetration Testing and Red Teams to enable secure, cost-efficient engagements using ephemeral, immutable IaC-based environments, reducing lead time and operational overhead.
  • WAF, Observability & Enablement:
  • Led AWS WAF onboarding and baseline optimization with SRE and platform teams to strengthen preventive application security controls.
  • Built Splunk and Cloudflare dashboards to improve visibility into WAF events and attack patterns, reducing incident investigation time by ~30%.
  • Delivered documentation, training, and live demos on security automation and GitOps workflows, accelerating adoption across Security, SRE, and DevOps teams.
Cloud SecurityDevSecOpsPlatform SecurityGitOpsTerraformSecurity Automation+3

Senior Technology Engineer

May 2010Jun 2017 · 7 yrs 1 mo · Hybrid

  • Lead and managed enterprise messaging platforms (O365, Lotus Domino, ZL Archiving) ensuring compliance and e-discovery support.
  • Automated operations with Python, Ansible, GitHub, Shell, cutting down manual tasks.
  • Piloted AWS vulnerability scanning (Qualys, Tenable, Rapid7).
  • Contributed to DevOps Embark Program → CI/CD enablement, Git/GitHub adoption across IT teams.
  • Enhanced security by remediating messaging vulnerabilities and improving operational resilience.
Enterprise Messaging PlatformsAutomationPythonAnsibleGitHubDevOps+1

Ibm india pvt. ltd.

Senior Operations Lead Specialist

Sep 2008May 2010 · 1 yr 8 mos · Noida, Uttar Pradesh, India

  • Designed high-availability enterprise messaging infrastructure.
  • Improved server uptime, mail flow, and change management practices.
  • Streamlined enterprise upgrades with minimal downtime.
High-availability InfrastructureChange ManagementServer Uptime

Patni computer systems

Senior Lotus Domino administrator

Feb 2008Sep 2008 · 7 mos · Greater Delhi Area · Hybrid

  • - Administered & secured Lotus Domino servers, ensuring system reliability and availability.
Lotus Domino AdministrationSystem Reliability

Accel frontline ltd

Customer Support Engineer

Sep 2005Mar 2008 · 2 yrs 6 mos · Greater Delhi Area

  • - Provided IT infrastructure and server support, resolving incidents and ensuring uptime.
IT Infrastructure SupportIncident Resolution

Education

Institution of Electronics & Telecommunication Engineers

B. Tech — Electronics & Telecommunication

Jan 2001Jan 2005

Sikkim Manipal University - M.B.A (PM),I.E.T.E - B.E (Electronics & Telecommunication)

Master of Business Administration (M.B.A.) — Project Management

Jan 2010Jan 2012

Yuva Shakti Model School,Rohini,Delhi-85

Stackforce found 100+ more professionals with Cloud Security & Devsecops

Explore similar profiles based on matching skills and experience

Aniruddha Biyani

Aniruddha Biyani

Information Security

at Prophecy

Bengaluru, India10 yrs 2 mos exp
DC

Dharmendra Kr. Chauhan (DC)

Accumulated Expertise

at Career-Wide Experience

Noida, India0 mo exp
Shane Levi

Shane Levi

Business Consultant

at Nextep

Englewood, United States3 yrs 6 mos exp
LeadershipSalesforce.com
NIKHIL KUMAR GANDLA

NIKHIL KUMAR GANDLA

Application Security Manager

at Bajaj General Insurance

Hyderabad, India6 yrs 6 mos exp
Application SecurityCyber Risk ManagementCyber SecurityInformation SecurityRisk Assessment
Vartika Bhatt

Vartika Bhatt

Senior Product Security Engineer

at GoTo Group

Bengaluru, India7 yrs 2 mos exp
TK

Tarun Kumar

Senior Information Security Consultant

at Confidential

Gurugram, India8 yrs exp
CybersecurityMobile Application SecurityPenetration Testing
Himanshu S.

Himanshu S.

Security Enginner II

at Amazon

Austin, United States4 yrs 9 mos exp
Amrudesh B.

Amrudesh B.

Lead Security Engineer

at CRED

Bengaluru, India6 yrs 6 mos exp
Android DevelopmentCybersecurityLeadershipMobile SecurityProduct Security