Feb 2022 – Feb 2023 · 1 yr

• OYO offers 40+ integrated products covering 1,57,000 properties across 35 countries including India, UK, US, UAE, Europe, China and Southeast Asia.
• OYO Group covers - OYOrooms.com, Mountania, Weddingz, Co-working (Innov8 & Workflo),
• OYO Vacation Homes - belvilla.com (EU), Dancenter (Denmark), Traum (Germany), DirectBooker (Croatia)
• Senior Vice President & Global CISO responsible for embedding best-in-class security within product and technology services.
• Strategy & security deployment across Corporate IT, Infrastructure, DevOps & Networks securing 60+ websites & 40+ mobile apps globally.
• Built & managed teams of Cyber Defense, SoC, Cyber assurance & Cloud security covering cloud container clusters & microservices.
• Enterprise Governance, Risk & Compliance based on standards and country regulations.
• Payment gateway & IoT Security across multiple geographies of APAC, USA & EMEA.

Aug 2020 – Jan 2022 · 1 yr 5 mos

• PayU is India’s leading payment solutions provider headquartered in Netherlands. Its portfolio covers Wibmo ($70 Mn), Citrus Pay ($130 Mn), Pay Sense & Lazy pay. It accounts for 57% of PayU’s global transactions & serves 5,00,000+ merchants with 70+ payment methods. It is the preferred partner for 60% of airlines & 90% of entire e-commerce business covering Amazon, Flipkart, Netflix, Airbnb, Ola, Myntra, Vistara, MakeMyTrip, Vodafone, Zomato, Tata Sky & numerous government entities.
• Senior Vice President & CISO responsible to secure over INR 1,20,000 crores worth of digital payments annually.
• Led Corporate IT & Cyber Security teams overseeing all of PayU India locations.
• Delivered 25+ Large Corporate IT & cyber security programs ensuring digital payments security.
• Governance, Risk & Compliance (RBI, NPCI, ISO 27001, PCI DSS, NIST) aligned to local & global legal regulatory directives.
• IoT Security reviews for PoS systems & Next-gen payment instruments.
• Represented at CxO, Board of directors & Global Security councils.

Dec 2013 – Aug 2020 · 6 yrs 8 mos

• JFWTC is GE's first & largest R&D Center outside US contributing 3000+ patents.
• Chief Information Security Officer (CISO) of GE India Technology Center (JFWTC). Led 14+ portfolios for 9 GE businesses (GE Global Research, GE Aviation, WabTec, BHGE, Power, Renewables, GGO, Corporate & GE Digital) covering 6000+ employees in 50 acres campus.
• Information Security & Risk Management
• Cyber Security, Cyber Intelligence, Digital Forensics,
• Industrial Internet & Internet of Things (IoT) Security; GE’s Digital Twin IoT Security
• Audit & Compliance - Surveillance audit programs (ISO27001 & ERP-ICFR),
• Data Loss Prevention of classified information; Information Leak Detection.
• IT Risk compliance for divestment, mergers and acquisitions of GE businesses.
• Incident Response, containment & policy breach investigations
• Information Protection of Intellectual Property (IP) and patents
• Product Security of commercial products on Digital Twin, Artificial Intelligence & Machine Learning
• ❖ Received 10 GE Awards
• (incl. GE Leadership Excellence Award & Game Changer Award)

Oct 2011 – Nov 2013 · 2 yrs 1 mo

• Headed highly confidential & sensitive core banking Corporate Security projects across all locations in India for all divisions of The Royal Bank of Scotland.
• PCI DSS - Payment Card Industry Data Security Standard
• Represented security function at divisional & global risk boards of executive leadership & CxO.
• Leadership to enhance country security oversight & region’s risk appetite
• Regulatory compliance requirements of the country & federal regulations (RBI & FSA/FCA)
• Led Critical programs - Anti-malware zero day threats, exploits, root kits, DDoS attacks
• Cyber Security Threats - Cyber-attacks, cyber warfare & espionage.
• Digital Computer forensics, Malware Threat Analysis & Reverse engineering
• Information Security Incident Management & Fraud investigation
• Regulatory compliance - CP & CNP transactions, EMV Chip debit/credit cards, ATM/POS Biometric authentication, Magnetic stripe/PIN & Chip/PIN.
• Contributed to - RBS Ambassador Program & RBS Foundation India
• ❖ Received 5 RBS Awards (including Gold Ovation Award)

Oct 2009 – Sep 2011 · 1 yr 11 mos

• Target Technology & Financial Services (www.target.com/india)
• Target National Bank
• Led technical teams of Security Risk Assessment Projects.
• GRC (Governance, Risk & Compliance) assessments based on regulatory requirements.
• Enterprise Risk Assessments of Target Technology & Financial Services; Target Bank
• Security controls review with secure handling requirements & highly sensitive information.
• On-site security risk assessments of Fortune 500 financial companies & banks.
• CISO Dashboard reporting on capital planning budget, operating & payroll expenses.
• Compliance process design for security to comply against legal regulations of STPI/SEZ.
• Project Compliance against IT Act, 2000 of India in collaboration with Director-Legal.
• GRC Rationale Guidance Database for continuous quality improvement of assessments.
• Employee Well-being leader for the division.
• Received 3 Target Great Team Awards

Sep 2005 – Oct 2009 · 4 yrs 1 mo

• Led technical teams of 16 people & 5 projects of Vulnerability Assessment, Penetration Testing, IT Advisory Services, Infrastructure protection & Web content filtering as a Team Leader.
• External information security consulting projects on security architecture blueprint, compliance audits, Vulnerability assessment, secure configuration review & Data center security.
• Improved process quality & productivity using LEAN Methodologies of Six Sigma
• Vulnerability Assessment & Ethical Hacking on IBM servers worldwide.
• Internal auditor for ISO 27001 Surveillance & compliance Audits of IBM ITD.
• Corporate security framework review & internal security assessments.
• Lead package tester of PGP Disk Encryption pilot project.
• Transition Lead of Security advisory project. Advisories for commercial customers.
• Business Continuity Management for IT security competency. BCP/DR implementation
• Lead Antivirus Security Adviser - IBM India Virus Computer Emergency Response Team (CERT).
• Received 8 IBM Awards (including Global Delivery Excellence Award, Top Talent Recognition & IGA Top performer Award)

Apr 2004 – Sep 2005 · 1 yr 5 mos

• Implementation & Surveillance Compliance audit of BS7799 security controls.
• Established Two tier architecture for antivirus management on 5000+ desktops & servers
• Centralized Quarantine virus server management
• Incidents handling (worm outbreak in a 10,000+ nodes network)
• Root Cause Analysis of security incidents

Mar 1998 – Nov 1998 · 8 mos

• Instrumentation & DCS Panel (TATA Honeywell) Installation
• Optical Fiber Cable Installation & Configuration
• Infrastructure development monitoring & security