Jun 2020 – Present · 6 yrs · Hyderabad · On-site

• Owning the enterprise security, privacy, and GRC charter for one of India's most regulated secure-print and payment-card manufacturing environments — serving global card networks and government identity programs.
• Led end-to-end ISMS certification & sustained compliance across ISO 27001, ISO 27701, ISO 14298, GSMA SAS, PCI CP (Visa/Mastercard/RuPay) and PCI-DSS — passing 20+ external audits with zero major non-conformities.
• Architected a Zero-Trust security model integrating IAM, MFA, micro-segmentation, and conditional access — eliminating standing privileges across 100% of critical production systems.
• Built an AI-driven Security Operations capability (SIEM + SOAR + XDR), reducing mean-time-to-detect by ~60% and mean-time-to-respond from hours to minutes.
• Designed & operationalized the GDPR + DPDPA privacy program — instituting DPIAs, data-mapping, consent frameworks, and breach-response playbooks ahead of India's DPDPA enforcement curve.
• Established Disaster Recovery & Business Continuity (BCP/DR) capabilities tested through tabletop and live failover exercises — meeting regulator-mandated RTO/RPO targets.
• Embedded security-by-design in factory perimeter defense, surveillance, and OT environments — bridging IT/OT convergence risks.
• Elevated human firewall through enterprise-wide awareness, phishing simulations, and role-based training — driving measurable reduction in click-through risk.
• Advised the Board, CEO, and statutory auditors on cyber risk posture, regulatory exposure, and capital prioritization for security investments.

Jul 2015 – Present · 10 yrs 11 mos · Hyderabad Area, India · On-site

• Founded a boutique cybersecurity & GRC advisory delivering CISO-as-a-Service, audit readiness, and AI-governance consulting to Finance, Healthcare, FMCG, and Tech clients across India and the GCC.
• Delivered 15+ ISO 27001 / PCI-DSS / GDPR / DPDPA implementations end-to-end — taking clients from gap-assessment to certification.
• Built & matured SOC, SIEM, DLP, and XDR programs for mid-market and enterprise clients — operationalizing 24x7 detection-and-response with measurable threat-dwell-time reduction.
• Led M&A cybersecurity due diligence, surfacing hidden liabilities and shaping deal terms for acquirers.
• Architected AI-powered threat intelligence and predictive defense pipelines — moving clients from reactive to proactive cyber posture.
• Mentored & trained 500+ cybersecurity professionals through structured GRC, privacy, and CISO-track programs.
• Established Srida as a trusted advisor brand recognized for "real compliance, not certificate compliance."

Jul 2007 – Jul 2015 · 8 yrs · Hyderabad

• Owned network, security, and IT operations leadership for a high-availability hosted environment serving global telecom and subscription-billing clients.
• Spearheaded network and security architecture across hosted data centers — achieving and sustaining PCI-DSS compliance as a service-provider environment.
• Designed & operated a multi-vendor security stack (Cisco ASA, SonicWall NSA, Cyberoam, WAFs) — delivering enterprise-grade perimeter defense with minimal downtime.
• Integrated AlienVault SIEM for centralized log monitoring, correlation, and compliance reporting — institutionalizing audit-ready security operations.
• Implemented Symantec-based backup/DR — ensuring business continuity against ransomware and outage scenarios.
• Led a 4-tier IT Operations team (L1–L4) — driving SLA performance, knowledge transfer, and security-aligned ops culture.
• Authored information-security policies, email-security standards, and SLA frameworks aligned to compliance mandates.

Apr 2004 – Jul 2007 · 3 yrs 3 mos · Hyderabad Area, India