Apr 2021 – Present · 4 yrs 11 mos

• https://www.thepurplebook.club/

Jan 2019 – Present · 7 yrs 2 mos · San Francisco Bay Area

• Domains of Companies that I am engaged now
• Data Security
• AI Security (Securing AI Systems and Use of AI for Security)
• App Security
• Identity Security
• Cloud Security
• GRC Platforms
• Cyberrisk Insurance
• Above companies are in Seed phase to Series D
• Previously: Email Security - got acquired.

Jan 2017 – Jan 2022 · 5 yrs · San Francisco Bay Area

• Architected and led the team to build the first Cloud security posture framework at Veeva; Laid foundation for security monitoring infrastructure and Security operations. Managed Cloud Security Compliance globally. Achieved multiple third party attestations including ISO 27001, 27017, 27018, SOC 2, HIPAA, HITRUST, French HDS , 100+ audits from Customers and many more with Zero findings for all product lines for multiple years in a row. Managed security part of audits from top pharma companies.

Jan 2015 – Jan 2017 · 2 yrs

• Managed Information security and compliance for 3 business units in Fiserv;
• Successfully led Security projects in aligning the process (programs), technology and resources to improve security and compliance posture. Managed audits by top banks from security perspective and PCI DSS, ISO 27001 +, SOC 2, FFIEC, HIPAA Compliance, 100+ audits from Banks, etc.

Jan 2013 – Jan 2015 · 2 yrs

Jan 2007 – Jan 2013 · 6 yrs

Jan 2014 – Present · 12 yrs 2 mos · United States

• My recent/upcoming speaking engagements at various conferences
• Year 2025:
• Dec 2025: Silicon Valley Cybersecurity Forum
• Nov 2025: North Texas ISACA, Dallas, TX, "Got drowned by AI Questionnaires? Here is the life saver!"
• Oct 2025: IAPP PSR, San Diego, CA, Workshop on AI Impact Assessment
• Sep 2025: CrowdStrike fal.con, Las Vegas; Focus on Identity and Data! Prevent Fraud!!
• Jun 2025: South Texas ISSA (Houston, TX) : Data Security
• May 2025: RMISC, Denver, Securing Disconnected Apps & Orphan Accounts
• Apr 2025: ISACA Silicon Valley, Top 10 Unexpected AI Hacks
• Mar 2025: ISC2 East Bay, Cybersecurity Regulations / Laws on Data Protection
• Feb 2025: CactusCon, Phoenix / Mesa, Arizona, AI Hacks & Preventive Methods
• Year 2024:
• Nov 2024: ISC2 East Bay, Bay Area, California, AI Security, Regulations, Compliance Frameworks
• Nov 2024: North Texas ISACA, Dallas, Texas, 0 to 60 mph: Ramping up AI Security
• Nov 2024: ISACA Silicon Valley, Bay Area, App&Data Security in PCI 4.0
• Oct 2024: COISSA Columbus, Ohio, AI & Data Security
• July 2024: Cloud Security Alliance (CSA), AI Security & Regulations
• May 2024: RSA Conference in San Francisco 2024, Top 10 Cybersecurity Products that would either be Elevated or Eliminated by AI
• Apr 2024: OWASP Bay Area (San Francisco), Pentests are not reducing data breaches.. What needs to be changed?
• Feb 2024: ISC2 East Bay, Data Security - An holistic view & priority based approach
• Year 2023:
• Oct 2023: CSA Security Research Summit, Modern Data Security Challenges and Best Practices
• Oct 2023: PhxSAC, Phoenix, Pentests not aligned with reducing data breach(es), Why?
• June 2023: Central Ohio ISSA, Columbus, OH, Zero Trust Prioritization
• May 2023: Digital Trust World - Boston, MA, Zero Trust Compliance
• May 2023: IIA Western Conference, Zero Trust Auditing
• April 2023: BSides San Francisco, You lost data unfortunately, Who will knock on your door and why?
• Jan 2023: Cyber Secure Foundation event around World Economic Forum Davos- Top Security trends in 2023

Jan 2005 – Jan 2007 · 2 yrs

• Oracle Database and Grid Control Development

Jan 2003 – Jan 2005 · 2 yrs

Jan 2001 – Jan 2003 · 2 yrs

Jan 1999 – Jan 2001 · 2 yrs