• Developing and implementing comprehensive security architectures for Azure and hybrid environments, ensuring seamless, secure connections between on-premises infrastructure and Azure.
• Extensive hands-on experience in securing web application APIs, conducting penetration testing, and verifying compliance with the OWASP Top 10 API vulnerabilities.
• Experience in the practice of Threat Modeling for a variety of web applications, from Greenfield projects to those already in production, with a focus on the continuous curation of Threat Modeling artifacts to bolster overall application defense mechanisms.
• Executing Threat Modeling for both Greenfield and existing web applications, systematically maintaining Threat Modeling artifacts to enhance application security posture continually.
• Implementing proactive application security architecture, utilizing shift-left methodologies to preemptively identify and mitigate threats and vulnerabilities.
• Orchestrating the development and operationalization of advanced security architectures for Azure and hybrid systems, ensuring seamless and secure integration with on-premises infrastructures.
• Forging strategic partnerships with solution architects, infusing security principles into the design of information systems and networks to foster secure technology deployment and risk reduction.
• Balancing security architecture processes with esteemed cybersecurity standards such as NIST CSF, ISO, PSPF, and VPDSF, enforcing rigorous controls in compliance with these frameworks.
• Supporting the engineering of security solutions, conducting comprehensive threat modeling to detect and neutralize potential threats, and safeguarding infrastructure integrity and security.
• Collaborating closely with solution architects to integrate security considerations into information systems and network designs, guiding the adoption of secure technologies, and mitigating identified risks.
• Ensuring that security architectures align with leading cybersecurity frameworks such as NIST CSF, ISO standards, PSPF, and VPDSF, effectively implementing controls from these standards.
• Implementing DevSecOps tooling and processes with Snyk, GitHub Advanced Security integrated with Azure DevOps and GitHub Actions respectively, ensuring coverage across code, dependencies, containers, and IaC security.
• Conducting Threat modeling and internal penetration testing on Salesforce CRM and CRM-based bespoke applications.
• Designing a comprehensive vulnerability management strategy, leading to a reduction in vulnerabilities by 70%.
• Shaping the organization's security governance framework in alignment with GRC principles and best practices, resulting in improved regulatory compliance and overall security posture.
• Conducting threat modeling exercises and leading incident responses, identifying potential threats, and designing effective countermeasures while ensuring swift recovery from security incidents.
• Developing a comprehensive ICT and Cybersecurity Strategy, aligning cybersecurity initiatives with the organization's business objectives, and providing a roadmap for continuous security improvement.
• Working effectively with solution and project delivery teams, delivery managers, and infrastructure leads to align security initiatives with project timelines, budgets, and resources.
• Managing both internal and external resources, including third-party security service providers, to ensure their strategic alignment with the cybersecurity architecture and objectives.
• Upholding core design principles such as Defence in Depth, Least Privilege, Zero Trust, Security by Design, and Data-Centric Security in all cybersecurity endeavors.

Key Projects:

• Successfully conducting comprehensive Azure Tenancy Security Audits, identifying vulnerabilities and risks, and proposing necessary mitigation strategies.
• Initiating and leading the implementation of Azure Role-Based Access Control (RBAC) and Privileged Identity Management (PIM) for both internal and external privileged users, enhancing security controls and reducing unauthorized access.
• Serving as the Subject Matter Expert (SME) in the RBAC project, providing guidance and leadership to Infrastructure and Solutions Engineers, ensuring project completion within established timelines.
• Conducting a Proof of Concept (PoC) on Implementing Azure Sentinel, Events Orchestration, monitoring, and security alerts investigation.
• Auditing Multi-Factor Authentication (MFA) compliance and orchestrating the implementation of Conditional Access policies, strengthening account security and compliance with industry standards.
• Designing and executing security impact assessments for various projects, collaborating closely with cross-functional teams and business stakeholders to evaluate potential risks and develop effective security strategies.
• Playing a key role in implementing Conditional Access policies tailored for Bring Your Own Device (BYOD) and corporate devices, enforcing security measures based on device and user context.

• Designed, and built Security Architecture for the security solutions.
• Secured web application APIs, conducted penetration testing, and verified compliance with the OWASP Top 10 API vulnerabilities.
• Skilled in the art of Threat Modeling, capable of applying this process to both novel (Greenfield) and current web applications, with a commitment to meticulous upkeep of Threat Modeling records for sustained security enhancements.
•  Demonstrated adeptness in Application Security Architecture, with a focus on early threat detection and mitigation, capitalizing on Shift Left Methodologies to proactively resolve vulnerabilities.
• Spearheaded the development and implementation of comprehensive security architectures for Azure and hybrid environments, ensuring seamless integration and secure connectivity with on-premises infrastructure.
• Engaged in proactive collaboration with solution architects to embed security considerations into system and network designs, driving the adoption of secure technologies and risk mitigation strategies.
• Harmonized security architecture frameworks with industry-leading cybersecurity standards, including NIST CSF, ISO, PSPF, and VPDSF, and executed effective controls in line with these benchmarks.
• Led the design of security solutions through meticulous threat modeling, identifying potential risks and devising appropriate remediation measures.
• Designed and Implemented Enterprise Vulnerability Management program using Qualys WAS, VM tools, External Penetration testing, and Trained Developers on Relevant Vulnerabilities to effectively fix the Vulnerabilities.
• Implemented Application Security program, DevSecOps program with Snyk for SAST, SCA IAC, and Container Security, Threat Modelling, and Architecture review.
• Secured MS Azure Services, Azure AD-Active Directory Domain Services.
• Managed Security Awareness Training Program by, Designing training, Scheduling, and deployment.
• Designed and reviewed Vendor Risk Management Systems/Third Party Risk Management System.
• Provisioned SaaS-based GRC System.
• Designed and Implemented AlienVault SIEM, Streamed Events from the Assets, Optimized the Data Consumption to Save on License Tier, escalation, and remediation, Worked as Key resource for Defender for Cloud Apps, Defender for Endpoints, and Defender for M365
• Conducted a PoC on Implementing Azure Sentinel, Events Orchestration, monitoring, and security alerts investigation.

Key Projects:

• Contributed as an SME and member of the Change Advisory Board for Cyber Risk and Security, providing expert insights and recommendations to manage and mitigate security-related changes.
• Led and coordinated the External Security Operations Center (SOC) and Security Information and Event Management (SIEM) project, overseeing the onboarding of assets to Alienvault/Sentinel and ensuring a seamless transition from staging to production.
• Contributed as SME for ISO 27001 for Authoring Policies, procedures, Standards, Guidelines, and Cyber Security best practices through the SoA and successful journey toward Certification.
• Acted as SME for Setting up Application Security and DevSecOps Program by Automating the SAST, Secret Scan, SCA, Container, IaC Security through CICD pipelines, Threat Modelling, External Penetration Testing, conducting internal penetration testing to get the maximum coverage on Vulnerabilities.
• Successfully identified sensitive data, including Personally Identifiable Information (PII), through scanning and assessment of file servers and on-premises file storage, adhering to risk policies and compliance requirements.
• Managed the installation, configuration, and operation of ManageEngine Data Security Plus to facilitate data classification and protection efforts in alignment with security protocols.
• Conducted a Successful POC on Azure AIP, Data Classification, and Labeling as per the Outlined Data Security Policy.

• Conducted comprehensive internal penetration testing, identifying and patching over 100 system vulnerabilities, resulting in a 70% improvement in system security for clients.
• Demonstrated proficiency in performing Threat Modeling exercises for emerging and operational web applications, with a detail-oriented approach to the perpetual management of Threat Modeling artifacts, thereby perpetuating an improved security stance.
• Experienced in Application Security Architecture, adopting a forward-thinking strategy to pinpoint and alleviate potential threats, utilizing early intervention Shift Left Methodologies to effectively tackle security weaknesses before they escalate.
• Orchestrated the development and operationalization of advanced security architectures for Azure and hybrid systems, ensuring seamless and secure integration with on-premises infrastructures.
• Forged strategic partnerships with solution architects, infusing security principles into the design of information systems and networks to foster secure technology deployment and risk reduction.
• Harmonized security architecture processes with esteemed cybersecurity standards such as NIST CSF, ISO, PSPF, and VPDSF, enforcing rigorous controls in compliance with these frameworks.
• Championed the engineering of security solutions, conducting comprehensive threat modeling to detect and neutralize potential threats, safeguarding infrastructure integrity and security.
• Implemented DevSecOps processes by integrating Jenkins with CheckMarx for SAST, and Microsoft WebInspect for DAST.
• Developed and maintained IT security policies and procedures.
• Offered strategic guidance to directors and senior management.
• Performed proactive security testing and audits.
• Collaborated with external security support for issue escalation and resolution.
• Administered early adoption and migration of Azure Cloud and O365 security and compliance measures.
• Delivered internal security awareness training.

• Monitored SOC alerts and conducted incident investigations as a member of the Cyber Threat Fusion Centre.
• Protected web application APIs, performed penetration testing, and ensured compliance with the OWASP Top 10 API vulnerabilities.
• Adept at conducting Threat Modeling for new and existing web applications, ensuring ongoing updates to Threat Modeling documentation to consistently strengthen the security framework.
• Skilled in Application Security Architecture, initiating preemptive measures to identify and neutralize threats, and strategically applying Shift Left Methodologies to address vulnerabilities in their nascent stages.
• Led the establishment and execution of robust security architectures for Azure and hybrid environments, achieving flawless integration and secure linkage with existing on-premises systems.
• Actively partnered with solution architects to incorporate security elements into the design of information systems and networks, promoting the use of secure technologies and the development of strategies to mitigate potential risks.
• Aligned and synchronized security architecture practices with top-tier cybersecurity standards such as NIST CSF, ISO, PSPF, and VPDSF, applying stringent controls to adhere to these guidelines.
• Directed the design of security solutions by performing thorough threat modeling to uncover and address potential risks, ensuring the integrity and protection of the infrastructure.
• Developed 3rd Party Risk Management frameworks and policies.
• Reviewed and refined Strategies, Cyber Security Strategies, Policies, and frameworks.
• Designed and implemented Security operations and incident management systems and teams.
• Implemented Vulnerability management for Consumer Lending, Wholesale banking, and Retail Banking Wings, including targeted scans and manual investigations to validate vulnerabilities.
• Offered technical analysis for each detected vulnerability and provided feedback on closing these vulnerabilities, along with any necessary references.

• Performed Web Application Security and penetration testing for Payment Services in the U.K. at WorldPay AP (Envoy Payment Services-UK).
• Covered over 200 payment gateways globally for Foreign Exchange, IBAN, BBAN, SEPA, SWIFT Payments.
• Implemented DAST and Vulnerability Management processes using Acunetix tool for scheduled scans and Manual penetration testing using BurpSuite Pro.
• Skills: Security Assurance and Audit, Penetration Testing.

• Performed functional, performance, and security testing for web applications of various ministries under the Central Government of India and the state of Karnataka.
• Skills: Security Assurance and Testing.