Mar 2022 – May 2023 · 1 yr 2 mos · Bengaluru, Karnataka, India

• As head of CyberSecurity & Compliance -
• Established high performance CyberSecurity team from scratch
• Hired tower leads & tech resources
• Defined org structure, competency framework for each of the towers
• IPO Readiness
• At high level following security domains were covered
• Product Security
• Security Assessment (PenTest/Code Review)
• Threat Modeling
• Secure Coding Guidelines
• Product/Tech Spec Reviews
• SDLC Security, CI/CD pipeline, Left Shift
• Security Engineering
• Building Secure libraries
• Automating Security tools & integration for KPI collection, reporting
• Code dependency/Asset Inventory tracking
• Infrastructure Security
• Cloud Configurations
• AWS Security tooling & Automation
• Runtime protection
• Security Operations
• Vulnerability Management
• Security Monitoring
• Alerting, Automation
• Incident Response etc.
• IT Security
• Endpoint Security
• Network Access Protection
• 3rd party tools Security - GSuite, Slack etc.
• Compliance
• ISO 27001, PCI DSS, SOC2 Type 2
• 3rd party Vendor evaluation
• Data Privacy

Dec 2021 – Present · 4 yrs 5 mos

• CyberEdBoard is a premier member’s only community of executives and thought leaders in the fields of security and IT. Members have access to a robust platform of resources that promote peer-to-peer knowledge-sharing, executive-level education, and professional growth.
• This private global community is dedicated to networking, brand exposure and education in the topics of information security, cybersecurity and information technology.

Nov 2019 – Feb 2022 · 2 yrs 3 mos · Bangalore Urban, Karnataka, India

• As head of CyberSecurity & Compliance -
• Established high performance CyberSecurity team from scratch
• Hired tower leads & tech resources
• Defined org structure, competency framework for each of the towers
• At high level following security domains were covered
• Product Security
• Security Assessment (PenTest/Code Review)
• Threat Modeling
• Secure Coding Guidelines
• Product/Tech Spec Reviews
• SDLC Security, CI/CD pipeline, Left Shift
• Security Engineering
• Building Secure libraries
• Automating Security tools & integration for KPI collection, reporting
• Code dependency/Asset Inventory tracking
• Infrastructure Security
• Cloud Configurations
• AWS Security tooling & Automation
• Runtime protection
• Security Operations
• Vulnerability Management
• Security Monitoring
• Alerting, Automation
• Incident Response etc.
• IT Security
• Endpoint Security
• Network Access Protection
• 3rd party tools Security - GSuite, Slack etc.
• Compliance
• ISO 27001, PCI DSS, SOC2 Type 2
• 3rd party Vendor evaluation
• Merchant/Bank/Partner Audit Support
• Data Privacy
• Data Localization
• Regulatory requirements - NPCI, RBI

Sep 2017 – Oct 2019 · 2 yrs 1 mo · Bangalore

• CloudOptics is a comprehensive Digital Security Platform for your Enterprise. Platform Detects, Remediates, Advises continuously about Security issues while preventing insiders from misusing their privileges.
• CloudOptics platform is easy to setup within the control of enterprise for better security than SaaS solutions. Helps manage continuous compliance such as HIPAA, PCI, ISO while making most out of your existing security investments.
• Platform is build using Cloud native & other technologies such as J2EE, Containers, Angular, MySQL, AWS, Azure, GCP etc.

Jul 2013 – Aug 2017 · 4 yrs 1 mo

• Headed shared service platform service design, practice & delivery.
• Provided thought leadership to define Security solutions & offerings for realigned market
• Defined Security Service Catalog
• Defined Business Case for internal investment for practice & Solution development
• Built, set up & led Security practice ground up
• Led solution definition & development team for implementation
• Led CoE Setup, Hiring tech leads, Customer demos etc.

Feb 2012 – Jul 2013 · 1 yr 5 mos

• Founding member and Solutions Head for Wipro's Cloud Security business offerings. Conceptualized, Designed and built service offerings for Cloud Security business offerings for Wipro customers.

Sep 2010 – Jan 2012 · 1 yr 4 mos

• Managed delivery for several large security projects in Enterprise Security BU of Wipro. These projects spanned across security landscape covering Infrastructure, Application, Data Security and Regulatory Compliance.

Jan 2008 – Mar 2009 · 1 yr 2 mos · Greater Boston Area

• Managed multi year account at leading insurer in Boston area, involving $5mn revenue and ~40FTE onsite/offshore resources. The effort was to write a quoting & policy management system for Group Life Insurance platform including reporting & compliance from scratch.
• Technologies involved -
• J2EE
• WebServices
• Adobe Flex

Aug 2001 – Aug 2007 · 6 yrs

• Worked on & Led large Web Application projects of various size and scope including CVS.COM.
• Made material improvements in Projects and overall IT direction in the projects I was involved in.
• Led Application Security efforts and managed performance benchmarking of high volume core revenue generating application.

Apr 2001 – Aug 2001 · 4 mos · Greater Boston Area

• Application Development, Web Application Security and Deployment

Apr 2000 – Apr 2001 · 1 yr · San Francisco Bay Area

• Responsibilities included Application Development & Application Security for a product delivered in ASP (Application Service Provider) model.

Jul 1998 – Mar 2000 · 1 yr 8 mos · Bangalore

• One of the founding members of Wipro WebSecure product, a web security plug-n-play framework using Java/Servlet, PKI, SSO and other related web security technologies. A WebSecurity product ahead of its time.