Sep 2025 – Dec 2025 · 3 mos · Hyderabad, Telangana, India

Nov 2023 – Sep 2025 · 1 yr 10 mos · Hyderabad, Telangana, India · On-site

• Spearheading the enterprise-wide cybersecurity charter by shaping and executing strategy across cloud, product, and enterprise environments. Building secure-by-design architecture and embedding security throughout the software development lifecycle, while aligning risk posture with business growth and compliance expectations.
• Executing enterprise cybersecurity initiatives across four strategic pillars: Product Security, Cloud Security, GRC, and Enterprise Risk, by embedding DevSecOps practices, leading SOC modernization, and governing data privacy, regulatory compliance, and responsible AI usage. Enhancing regulatory preparedness and leadership alignment through real-time threat intelligence, KPI dashboards, and actionable risk insights.
• Collaborating with cross-functional teams to mature security culture, optimize vendor ecosystems, and develop future-ready cybersecurity talent. Advising executive leadership and board stakeholders on evolving threats, investment priorities, and long-term resilience strategies.

May 2023 – Nov 2023 · 6 mos · Hyderabad, Telangana, India

Aug 2021 – Apr 2023 · 1 yr 8 mos · Hyderabad, Telangana, India

• Led enterprise-wide cyber defense strategy by building a 24x7 Security Operations Center from the ground up, enabling real-time threat detection and automated incident response. Modernized outdated security toolsets to enhance visibility, reduce response time, and strengthen operational resilience.
• Drove vulnerability management and continuous monitoring across global infrastructure, aligning with CISO-level KPIs. Conducted simulations, audits, and compliance reviews that significantly improved regulatory readiness and enabled informed decision-making through security dashboards and risk metrics.
• Oversaw security architecture and embedded security controls within DevOps pipelines to reduce build-time vulnerabilities and elevate code quality. Standardized application security governance across teams, streamlining assurance processes and ensuring adherence to secure-by-design principles and regulatory frameworks.

Jun 2019 – Jul 2021 · 2 yrs 1 mo · Hyderabad Area, India

• Steered security governance and compliance initiatives within the healthcare domain, defining policies aligned with industry regulations to reduce audit risks and close compliance gaps. Drove secure architecture implementation and threat modeling to safeguard patient data and critical systems. Integrated security into RFP processes and mentored engineering teams on secure coding practices, significantly enhancing product maturity and client confidence.

Feb 2018 – Jun 2019 · 1 yr 4 mos · Hyderabad Area, India

• Strengthened product security by addressing design-level vulnerabilities in hardware and firmware, while leading purple team exercises to enhance detection capabilities and reduce alert fatigue. Played a key role in enterprise incident response and contributed to product security strategy development, improving overall risk posture.

Apr 2016 – Jan 2018 · 1 yr 9 mos · Bengaluru Area, India

• Led security architecture reviews and conducted VAPT across IBM’s key platforms including Watson, Bluemix, and IoT. Established baseline security standards for APIs and mobile applications, while managing penetration testing teams and contributing to IBM X-Force with actionable threat intelligence and rapid incident response capabilities.

Nov 2013 – Apr 2016 · 2 yrs 5 mos · Banglore

• Managed end-to-end security engagements for global clients across BFSI, retail, and healthcare sectors, including PCI DSS and ISO 27001 implementations. Delivered red teaming, breach investigations, and forensic assessments, while crafting security policies and conducting training on secure coding and regulatory compliance across international geographies.