Devanshu Agarwal (CISSP CISA)

CEO

Bengaluru, Karnataka, India12 yrs 8 mos experience

Most Likely To SwitchAI ML Practitioner

Key Highlights

Proven history of building and expanding security teams.
Expert in developing enterprise-level security functions.
Strong leadership in cybersecurity strategy and execution.

Stackforce AI infers this person is a Cybersecurity expert with extensive experience in enterprise security and application security.

Contact

Skills

Core Skills

Cyber SecurityTeam LeadershipCloud SecurityIncident ResponseSecurity AssuranceAwsApplication SecurityThreat MitigationNetwork Security

Other Skills

AI securityAWS SecurityAWS servicesApplication layer attacksAzure SecurityAzure componentsCC++CCNACCNPCISACISSPCheck Point firewallCiscoCisco ASA

About

CISSP, CISA Certified Devanshu is passionate about developing great teams together with building out enterprise-level security functions and capabilities. He has a proven history of building new security teams and well as expanding existing teams to support growing business needs. Currently, Devanshu serves as Information security leader at Atlassian. Previously, Devanshu served as Founding member in security and built the security team from scratch at Harness, which included responsibilities around Cybersecurity Engineering, AI for security, software supply chain security, Operations, Incident Response, Infrastructure and Cloud, Vulnerability Management, Red Team, Data Protection and Insider Risk. At prior roles as an Application Security leader, Devanshu has built and matured enterprise level Application Security programs, providing leadership to all areas within Application Security. Additionally, Devanshu has served as strategic advisor in owning and delivering on CISO level roadmaps and strategic objectives. Devanshu has served as a active leader for the Nullcon bangalore chapter, and co-hosted Nulcon bangalore at Akamai in 2016. Senior level experience in presenting issues and recommendations, through top-quality clear and concise written and oral communication, to senior organization officials.

Experience

12 yrs 8 mos

Total Experience

1 yr 9 mos

Average Tenure

3 yrs 7 mos

Current Experience

Atlassian

Product Security Leader

Nov 2022 – Present · 3 yrs 7 mos

Helped the current company to re-energize the Cyber Security Practice, AI security, Software supply chain security, played a major role in establishing the strategy for Cyber Security services, helped to create new Cyber Security Services and delivery methodologies. Experience in managing the delivery and execution of the consulting engagements with many Fortune 500 organizations in the USA, Europe and APAC ensuring engagement success and client satisfaction

Cyber SecurityAI securitySoftware supply chain securityCyber Security servicesConsulting engagementsTeam Leadership

Harness

Principal Security Architect

Mar 2020 – Nov 2021 · 1 yr 8 mos

Governed and implemented various security strategy initiatives – Zero Trust framework and strategy, Cloud Security Framework and program, Endpoint Security fortification and management, PAM and related IAM initiatives, Application Security framework and strategy, Incident Response processes maturity, Data Loss Prevention and Insider Threat program, Remote working/WFH security strategy, Security Visibility enhancement

Zero Trust frameworkCloud Security FrameworkEndpoint SecurityIncident ResponseData Loss PreventionCloud Security

Microsoft

Security Assurance

Jul 2017 – Mar 2020 · 2 yrs 8 mos · Greater Hyderabad Area

Managing security assurance team. Threat modelling, Providing security guidelines, SDL policies, incident response for attacks, creating documentation for best practices for using Azure components, people appraisal/review, Threat model review

Threat modelingSecurity guidelinesIncident responseAzure componentsSecurity AssuranceIncident Response

Amazon web services

Cloud Support Engineer

Oct 2016 – Jul 2017 · 9 mos · Bengaluru, Karnataka, India

A Senior Cloud Engineer with expertise in AWS services
➢ AWS Planning, Implementation and support
➢ EC2, VPC, Route53, IAM, ELB, ALB, VPN, WAF, Shield, Config & ACM
➢ DDoS attack Mitigation (UDP/ICMP Flood, SYN Flood, HTTP Get Flood, TCP Connection Attack, TCP Flag-based Attacks)
➢ Thorough understanding of Internet protocols such as HTTP, DNS, TCP, and UDP
➢ OWASP top 10
➢ Sql injection, Cross site scripting(CSS), Cross site request forgery(CSRF)
➢ Web Application Firewall
➢ Burpsuite
➢ Nmap, Netcat
➢ Python Scripting

AWS servicesDDoS attack MitigationInternet protocolsOWASP top 10Python ScriptingCloud Security+1

Akamai technologies

Application Security Specialist

Oct 2015 – Sep 2016 · 11 mos · Bangalore

Working as a Security Specialist II to detect and mitigate Application layer and DDoS attacks and mentoring technicians in current organization.
Mitigating Application (80 and 443) layer attacks like XSS, SQL, RFI etc. on a daily basis. Knowledge of MOD Security Signatures.
Python and Bash scripting to fetch the logs and effectively stop the DDOS attacks
Proactively detecting and mitigating attacks (Troubleshooting OWASP TOP 10 attacks like, XSS, SQL Injection, CSRF, PHP Injection etc.)
Provide real time attack support to managed accounts currently under attack to analyze the attack pattern, identify attack signatures and device policies for mitigation.
Provide security consultation to the customers on threat landscape, adoption of best practices and technology.
Perform proactive and reactive threat analysis of the traffic patterns to reduce false positives & improve the accuracy of WAF.
Review security events confirmed and escalated by Level 1 technicians and determine correct remediation actions.
Identify current and potential web application security risks and develop monitoring and mitigating content to address those areas.
Assess and analyze customer’s web applications and web traffic to help identify threats and potential vulnerabilities.
Create and implement custom web application firewall rules.
Assist customers with DDoS and threat mitigation like SYN FLOOD, UDP FLOOD, ICMP FLOOD, GET FLOOD, etc.
Partner with Business Support, Sales, Engineering, Product Development and Customer Care on security related matters.
Document actions in cases and effectively communicate consultatively both to internal teams and to Akamai’s customers.
Review security configurations with other Professional Service team members to ensure quality and accuracy to requirements.
Handling several initiatives and Business Continuity Plan projects for Global SOC.

Application layer attacksDDoS attacksPython scriptingWeb Application FirewallApplication SecurityThreat Mitigation

Css corp

Senior Network Security Engineer(JTAC)

Dec 2014 – Sep 2015 · 9 mos

1) Juniper Netscreen firewall, Configuration and maintenance
2) Troubleshooting Juniper Netscreen Firewall for global customers

Juniper Netscreen firewallTroubleshootingNetwork Security

At&t

Network Security Engineer

Jul 2012 – Nov 2014 · 2 yrs 4 mos · Noida, Uttar Pradesh, India

1) Configured & Implemented Juniper SSL VPN
2) Configured & Implemented Cisco ASA
3) Configuration, management and administration of client LAN WAN architecture.
4) Configuration, management and administration of Check point secure platform/ Nokia firewall R65 and R70.
5) Administration of Cisco ASA Firewall.
6) Logs and report analysis Check Point and taking action accordingly.
7) Configuration, management and administration of Palo Alto secure platform/ Nokia firewall R65 and R70.
8) Configuration, management and administration of Zscaler Proxy solutions
9) Configuration of .pac file
10) DNS trobuleshooting