ESUKIRAN GAVARA — CEO

I have a blend of Cyber Governance, Risk Management, Compliance, Cloud Security and Security Architecture Skills. I’ve worked as both subject matter expert and Lead roles across the following areas and Projects 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗔𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲: Designed and implemented security architectures and reusable security patterns for SaaS applications(Salesforce, SAP S/4 HANA) and cloud-native platforms across AWS, Azure, and GCP, ensuring compliance with applicable laws, enterprise security requirements, and protection against domain-specific threats. 𝗧𝗵𝗶𝗿𝗱 𝗣𝗮𝗿𝘁𝘆 𝗥𝗶𝘀𝗸 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁: Conducted third-party risk assessments for various vendors of Deloitte and Software components of large application platforms to evaluate security controls, identify potential risks, and measure compliance with applicable enterprise security standards and regulatory requirements. 𝗖𝗹𝗼𝘂𝗱-𝗡𝗮𝘁𝗶𝘃𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆: Implemented and administered cloud security platforms such as Palo Alto Prisma Cloud and Wiz cloud security for customers operating across multi-cloud environments, including combinations of AWS, Azure, and GCP. 𝗗𝗲𝘃𝗦𝗲𝗰𝗢𝗽𝘀: Integrated Code-to-Cloud security tools into the continuous integration/continuous deployment (CI/CD) processes, including IaC scanning, container security, SAST, SBOM, and SCA. 𝗧𝗵𝗿𝗲𝗮𝘁 𝗥𝗶𝘀𝗸 𝗔𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁𝘀:Conducted threat risk assessments, internet exposure analyses, and threat modeling exercises for existing infrastructures and greenfield projects to identify inherent vulnerabilities and recommend mitigation strategies aligned with the enterprise risk matrix. 𝗚𝗥𝗖: Developed risk controls matrix, security controls frameworks, security policies, standards, incident response playbooks, security risk assessment templates, threat modeling templates, and guidelines to align with industry best practices (such as ISO 27001, NIST CSF) and regulatory requirements (including PCI DSS, GDPR local compliance frameworks like IRAP) and customer requirements. 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗧𝗲𝗰𝗵𝗻𝗼𝗹𝗼𝗴𝗶𝗲𝘀 𝗙𝗮𝗺𝗶𝗹𝗶𝗮𝗿: #Cloud Native Application Protection Platform (CNAPP) : Palo Prisma Cloud, Wiz and CrowdStrike Falcon #Microsoft Security: Microsoft Defender for Cloud, Cloud Apps and Office 365 #Email Security: Microsoft EOP and Mimecast #Third Party Risk Assessments: Upguard and Microsof Excel. #Application Threat Modeling: IriusRisk and OWASP Threat Dragon #Automation with Python

Stackforce AI infers this person is a Cybersecurity Specialist with expertise in Cloud Security and Risk Management.

Location: The Rocks, New South Wales, Australia

Experience: 12 yrs 9 mos

Skills

Cloud Security Posture Management (cspm)
Cyber Risk Management
Vendor Risk Management
Regulatory Compliance
Security Architecture Design
Risk Assessments
Aws Security
Cloud Encryption Gateway
Data Security

Career Highlights

Expert in Cyber Governance and Risk Management.
Led security architecture for major cloud platforms.
Proven track record in regulatory compliance and audits.

Work Experience

Deloitte

Senior Cyber Specialist Lead (11 mos)

Senior Cybersecurity Specialist (2 yrs 8 mos)

Cybersecurity Specialist - Security Architecture / Cyber Assurance Services (1 yr 1 mo)

Specialist Senior - Security Architecture / Cyber Assurance Services (2 yrs 7 mos)

Arcesium

Senior Member of Technical Staff - Cyber Assurance (1 yr 10 mos)

CipherCloud

Technical Consultant - CASB, DLP and Cloud Encryption Gateways (3 yrs 9 mos)

Education

Bachelor of Science (BSc) at Andhra University

Master's degree at Andhra University

ESUKIRAN GAVARA

CEO

The Rocks, New South Wales, Australia12 yrs 9 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

Expert in Cyber Governance and Risk Management.
Led security architecture for major cloud platforms.
Proven track record in regulatory compliance and audits.

Stackforce AI infers this person is a Cybersecurity Specialist with expertise in Cloud Security and Risk Management.

Contact

Skills

Core Skills

Cloud Security Posture Management (cspm)Cyber Risk ManagementVendor Risk ManagementRegulatory ComplianceSecurity Architecture DesignRisk AssessmentsAws SecurityCloud Encryption GatewayData Security

Other Skills

API SecurityAPRAAmazon EBSAmazon EC2Amazon Web Services (AWS)Application Security AssessmentsAttack Surface ManagementAzure ArtifactsAzure BoardsAzure PipelinesAzure ReposAzure SecurityCIS BenchmarksCSA CCMCSPM

About

Experience

12 yrs 9 mos

Total Experience

4 yrs 3 mos

Average Tenure

7 yrs 2 mos

Current Experience

Deloitte

4 roles

Senior Cyber Specialist Lead

Jul 2025 – Present · 11 mos

Senior Cybersecurity Specialist

Promoted

Dec 2022 – Aug 2025 · 2 yrs 8 mos

Acting as a cybersecurity subject matter expert for a large digital transformation project and Handling ongoing requirements and the security deliverables required to achieve and maintain IRAP accreditation.
Currently managing CrowdStrike Cloud Security Posture Management (CSPM) for Australia's largest commercial real estate company, which operates all Westfield shopping centers across the country.
Conducting security risk assessments for SaaS-based applications, cloud infrastructures, and distributed applications built on Microsoft 365, Salesforce, AWS, Azure, GCP, and private datacenters.
Handled tasks involved in implementing the Palo Alto Prisma Cloud CNAPP (Cloud Native Application Protection Platform) and DevSecOps integrations for multiple clients utilising multi-cloud environments across AWS, Azure, and GCP.
Led a team of analysts to perform security architecture assessments of digital platforms following major cyberattacks for identifying specific vulnerabilities across people, processes, and technologies that contributed to the incidents.
Managing and facilitating end-to-end vendor risk assessments for diverse portfolio of third parties including evaluating vendors third party security controls, aligning with regulatory regulatory requirements ,continuous monitoring and providing remediation actions to ensure ongoing compliance across critical service providers.

Cloud Security Posture Management (CSPM)Cyber Risk ManagementKnowledge SharingAPI SecurityAttack Surface ManagementRegulatory and Compliance Assessments+16

Cybersecurity Specialist - Security Architecture / Cyber Assurance Services

Nov 2021 – Dec 2022 · 1 yr 1 mo

IT Security AssessmentsMicrosoft 365IRAPSecurity Architecture DesignAPI SecurityRegulatory Compliance+22

Specialist Senior - Security Architecture / Cyber Assurance Services

Apr 2019 – Nov 2021 · 2 yrs 7 mos

Cloud Data Loss Prevention (DLP)Cloud Security Posture Management (CSPM)NIST CSFCloud Computing IaaSCloud Access Security Broker (CASB)Functional Specifications+14

Arcesium

Senior Member of Technical Staff - Cyber Assurance

Jun 2017 – Apr 2019 · 1 yr 10 mos · Hyderabad Area, India · On-site

Handled Regulatory Compliance and Audits: Managed SOC 2 Type 2 audits with EY and ensured the organization met all regulatory requirements, while successfully overseeing frequent internal audits.
Point of contact for addressing vendor risk management queries from global clients related product security and organizational security and governance practices
AWS Cloud and Infrastructure Security: Responsible for regular vulnerability scans, secure operation of applications hosted on AWS, and managed change and incident processes to keep systems safe and reliable.
Led Business Continuity and Disaster Recovery Efforts: Coordinated BCP and DR activities to ensure the applications could quickly recover from any disruptions and keep operations running smoothly.
Security Controls Verifications: Worked with teams across the business to understand and evaluate security controls ensure their effectiveness and aligned with business needs.
Reporting Security Metrics and Risk Insights: Reported daily security metrics to VP of Information Security including reports on ToD and ToE of controls and vulnerabilities trends.

Red Hat LinuxSOC 1Application Security AssessmentsNIST 800-53Security ControlsISO 27001+5

Ciphercloud

Technical Consultant - CASB, DLP and Cloud Encryption Gateways

Sep 2013 – Jun 2017 · 3 yrs 9 mos · Hyderabad Area, India · On-site

Served as the primary point of contact for addressing vendor risk management queries from global clients, providing expert guidance on security of CipherCloud products and Practices across people, process and technology
Designed and Deployed Proof-of-Concept Solutions: Collaborated with Global Solution Engineering teams to develop and implement innovative cloud security solutions.
Delivered 100+ Cloud Security Gateway Solutions: Specialized in encryption and tokenization to safeguard sensitive data across diverse cloud environments.
Collaborated with Customers: Engaged directly with clients to understand business and technical needs, integrating Cloud Security Access Broker (CASB) technologies for secure and seamless cloud adoption.
Configured and Secured AWS Services: Defined security policies for AWS (IAM, S3, Security Groups, NACLs, Routing Policies) and implemented advanced encryption techniques to protect critical data.
Performed Security Scans and Ensured Compliance: Conducted server security scans using Nessus Vulnerability Scanner, maintained detailed documentation for SOC audits, and implemented Data Loss Prevention (DLP) and Shadow IT solutions.
Managed UNIX/Linux Server Operations: Administered production servers, monitored performance with tools like Nagios, Copperegg, Splunk, and the ELK stack, and applied rigorous system hardening measures.
Secured Multi-Cloud Environments: Utilized a range of cloud platforms (Office 365, Box, Salesforce, ServiceNow, AWS) to implement encryption and tokenization strategies, ensuring robust data protection.
Supported ISO 27001 and SOC 2 Compliance: Provided support and coordination for compliance readiness efforts, successfully achieving ISO 27001 and SOC 2 certification.