May 2022 – Oct 2022 · 5 mos

Oct 2019 – May 2022 · 2 yrs 7 mos

• Worked with a diverse and dynamic global team as part of the Capgemini Group CISO team, to help in improving the cybersecurity maturity across the global locations.
• Interacting with respective country/BU level CISO's and their teams for cybersecurity assessments across APAC and Europe over 30+ global locations and business units including Group functions like GroupIT.
• Providing analytics around cybersecurity weakness inline to Group policy, NIST and other frameworks which help in identification of new controls or projects.

Dec 2017 – Nov 2019 · 1 yr 11 mos · Mumbai, Maharashtra, India

• Reporting to Chief Information Security Officer and managing Information Security Activities.
• Managing risk assesments to ensure compliance with internal security requirements for new digital initiatives, regulatory requirements, State Bank Group information security requirements etc.
• Managing and point of contact for technical assessments, Penetration Tests, configuration reviews, web/mobile applications security assessment, SCR for all the identified assets accross the organisation.
• Conducting Risk Assessments for new project initiatives (both on premise and cloud) or third party integration with the business owners.
• Also got exposure to project planning, budgeting and vendor management by involvement in RFP process and cybersecurity maturity assessments for next 3 years.

Apr 2014 – Nov 2017 · 3 yrs 7 mos · India, Saudi Arabia

• Working on heterogeneous projects involving pentesting, infrastructure security reviews, Risk Assessment, compliance audits etc..
• Most crucial phase of my career where I got opportunity to work as individual contributor as well as lead numerous prestigious projects/assessments in India and middle east regions under extreme work pressures and deadlines.
• Exposure to network & application security assessment.
• Performing Internal/External VAPT for large enterprise networks.
• Performing infrastructure security assignments for major Banks.
• Performing assessment of security controls such as Data leakage protection, Email security, Web security, Endpoint security, Privilege access management solutions,
• Performing Security configuration review of OS, DB, Routers, Switches, firewalls, WAF, IPS/IDS and other network devices.
• Reviewing Vulnerability and patch management process for organizations.
• Performing Compliance regulations audits for multiple banks across India and KSA.
• (SAMA and Tadawul regulation in Saudi and SEBI ALGO/CTCL in India).
• Performing Security operation centre audits and Security Incident management process audits.
• Experience in Social Media Reconnaissance/Risk Assessment and Social engineering.

Feb 2012 – Apr 2014 · 2 yrs 2 mos · Mumbai

• Worked on multiple infrastructure security and Data security projects (internal as well as client).
• With 5-6 hours of daily travel, 5 hours sleep for 2 years, sucess, failures. Was a learning experience during initials infosec career both in professional and personal areas.

Dec 2010 – Feb 2012 · 1 yr 2 mos · Mumbai

• As a security engineer worked at ground level with multiple corporations, understanding their current infrastructure security requirements and providing appropriate security solution.
• Learned security architecture from the core technical implementation level and understood challenges/mistakes done at the ground level which helped me grow as information security assessor in future jobs.