Akash Kumar Shrivastava
Bengaluru
Summary
A results-driven Cyber Security Professional with a proven track record in developing managing, and executing comprehensive cybersecurity strategies and program for global organizations. With a keen eye for identifying and mitigating risks, consistently strive to safeguard sensitive data and ensure the integrity, confidentiality, and availability of critical systems and assets. Throughout my years of experience in the cybersecurity industry, I have cultivated a deep understanding of the ever-evolving threat landscape, emerging technologies, and industry best practices. By staying ahead of the curve, I have successfully implemented robust security measures that effectively protect organizations against cyber threats.
Developed skills in high-stakes, fast-paced cybersecurity environment, focusing on threat detection and incident response. Well-versed in identifying vulnerabilities and implementing effective security measures. Seeking to transition into new field, leveraging extensive expertise in safeguarding information systems and optimizing security protocols.
Overview
20
20
years of professional experience
1
1
Certification
Work History
Senior Security Analyst
Trinet
04.2024 - 10.2024
- Security Culture and Governance: Championed a culture of security awareness, fostering collaboration between security and development teams. Established and maintained strong security governance practices aligned with industry standards and regulatory requirements.
- Risk Management: Conducted risk assessments of internal controls to ensure adequacy and effectiveness. Reviewed, challenged, and enhanced remediation plans shared by risk champions. Led internal audit and risk review programs.
- Technology and Automation: Demonstrated familiarity with automating controls. Built and presented automation to executive leadership, aiding in reaching control assessment targets.
- Service Improvement: Designed key service improvement priorities based on a continual service improvement approach. Led risk identification and executed treatment plans to reduce overall organizational risk.
- Standards and Policies: Developed security standards and refined global security policies, mapping to TriNet standards
- GRC and TPRM: Led GRC and TPRM services, building automations and overseeing risk assessment and due diligence processes. Reduced false positives and ensured relationships with third parties were managed within agreed risk appetite.
- Risk Assessment and Management: Continually reassessed operational risks associated with third parties and the business, considering changes in operating procedures, new technology, and legal requirements.
- Governance and Reporting: Reviewed critical exception requests and executive summaries to make informed decisions. Developed and presented governance, risk, and compliance dashboards to management.
- Audit and Compliance: Audited break glass processes, including SOD challenges. Ensured incident response plans were documented and compliant.
- Access Review and Reporting: Reviewed UAR reporting to build audit-ready reports. Conducted IT audit exercises and tracked remediation plans.
- Goals and KPIs: Developed goals aligned with business targets, mapped goals to technical requirements, and conducted quarterly progress reviews. Ensured KPIs were delivered and access reviews and approvals were handled timely.
- Conducted regular audits and assessments of cloud security compliance to ensure adherence to industry standards and regulations
- Implemented and managed security controls, policies, and procedures to mitigate risks and threats in cloud environments
- Led cross-functional teams in identifying and addressing security vulnerabilities and gaps in security architecture
- Developed and maintained security documentation, including security baselines, best practices, and guardrails for security tools
- Collaborated with IT and infrastructure teams to enhance overall security posture through effective implementation of security controls
- Oversaw cyber security initiatives and projects to improve the organization's security posture and resilience against cyber threats
Manager Risk Advisory (Cyber Risk)
Deloitte Touche Tohmatsu India LLP
01.2021 - 03.2023
- A key contributor in Cyber Security Management level strategy to various enterprises to uplift cybersecurity posture and better respond to the cyber-attacks
- Risk Assessment and Reporting: Conducted security risk reviews, identified security risks, and developed and presented comprehensive risk reporting and remediation plans to management
- Stakeholder Management and Collaboration: Built and maintained strong relationships with business partners and SMEs
- Collaborated with various stakeholders to ensure mitigation of identified risk
- Reporting and Project Management: Provided regular status updates to senior management
- Participated in steering committee meetings to ensure projects were on track and remediation requirements were met
- Subject Matter Expertise: Provided guidance on security controls to legal, HR, and enterprise technical support
- Partnered with business security heads and CTOs to execute security processes, policies, and controls
- Security Projects and Awareness: Managed critical security projects to ensure timely deployment
- Conducted security awareness roadshows and led initiatives like IAM Program, BT PAM, EDR, and multi-engine scanning solutions
- OT Security: Collaborated with vendors to identify secure OT solutions
- Conducted continuous OT/ICS security assessments for proactive vulnerability identification and remediation
Security Operations Delivery Associate Manager
Accenture Services
08.2017 - 09.2020
- Service Delivery: Led security operations for Compliance, IAM, ISM, VM, and Cloud Security SOC functions. Managed incidents, service requests, and implemented endpoint security, encryption, antimalware technologies, and new security solutions.
- Risk and Compliance: Overseen the security risk and compliance team. Ensured identification, documentation, and remediation of security risks. Conducted security audits to maintain zero deviations.
- Reporting and Communication: Provided weekly management progress reports for mapped projects. Hosted monthly client steering committee calls to present status to clients and senior management.
- Team Management and Development: Identified, interviewed, and hired resources for new projects. Set up teams and team leads.
- Cross-coordinated with Network Engineering (Architecture) & Business Unit (s) and gathered the application connectivity requirements and planned the project
- Collaborated with the stakeholders to identify and assess IT / related business risks, including associated strategies, risk assessments, response plans, checklists, action cards and policies.
- Administered the overall IT service delivery, adhered to SLA compliance by vendors while ensuring excellent levels of services for all end- users, customers and partners including user training.
- Extended support in providing strategic direction for all enterprise-wide IT operations including infrastructure & architecture, application development and re-engineering of business processes.
Senior Security Specialist
Computer Science Corporation (Now DXC)
08.2010 - 08.2017
- Incident Response: Reviewed security alerts and worked towards resolution, collaborating with stakeholders across different teams (local IT,server management, networks, database management)
- Communicated with the clients and collected the business requirements, created the RFI/ RPS’s, evaluated security products and led the successful delivery of the projects/products and led the successful delivery of the projects
- Coordinated with several vendors and ensured a feature and cost-effective solutions were proposed
- Policy Development and Testing: Developed, tested, and certified new security technical policies and test cases
- Pushed for production deployment
- Project Delivery: Steered the successful delivery of multiple projects
- Acted as the Subject Matter Expert for Firewall Platform
- Reviewed existing network topology/ design and undertook the re-designing to improve support of the environment by Services Team
Security Operations Delivery Team Lead
Accenture Services
09.2006 - 08.2010
- Standard Operating Procedures (SOPs): Created SOPs and run books to streamline team tasks and improve efficiency
- Subject Matter Expertise: Served as a subject matter expert for Check point firewall, Juniper firewall, F5 Load Balancer, Cisco Firewalls
- Security Tools and Management: Managed and maintained various security tools for Network Security
- BAU Network Security Services operations supporting24/7 environment
- Accenture.com
Network Security Engineer
iGATE Global Solutions
12.2006 - 09.2006
- Level1’ TAC support for Nokia Firewall Platform
- Mostly worked on L1 Support, RMA, FS of Firewall Products
Network Engineer
iGATE Global Solutions
10.2004 - 12.2005
- Level Tech Support for US ISPs
- Mostly worked ISP level troubleshooting for Home and Small Business users
Education
Bachelor of Science - Information And Communication Technology
Manipal Academy Of Higher Education
Skills
- Governance, Risk, and Compliance (GRC): Expertise in developing, implementing, and managing GRC frameworks and strategies
- Program Management: Proven ability to lead and execute complex security programs from inception to completion
- Strategic Planning: Skilled in developing and implementing long-term and short-term security strategies aligned with organizational goals
- Stakeholder Management: Effective communication and collaboration with stakeholders at all levels, including executives, auditors, and vendors
- Solutioning and Transformation: Ability to identify and implement innovative security solutions to address emerging threats and risks
- Audit Management: Experience in conducting and overseeing internal and external security audits
- Third-Party Risk Management (TPRM): Expertise in assessing and managing risks associated with third-party vendors and suppliers
- CISO and Board Reporting: Skilled in preparing and presenting comprehensive security reports to C-level executives and the board of directors
- Security Policies and Standards: Development and maintenance of security policies, standards, and procedures
- KPI Reporting: Creation and analysis of key performance indicators (KPIs) to measure security effectiveness and identify areas for improvement
- Team Leadership and Collaboration
- Vulnerabilities Management Program
- Cloud Security
- Budgeting & Forecasting
- Cyber Security Program Management
- Security information and event management
- Intrusion detection systems
- Security awareness training
- Data loss prevention
- Cloud security expertise
- Security policy development
- Regulatory compliance
- Network security monitoring
- Business continuity planning
- Security risk assessment
- Vulnerability scanning
- Vulnerability assessment
- Application security
- Incident response
- Network security
- Risk mitigation
- Data security
- Disaster recovery
- Cloud security
- Effective communication
- Active listening
- Relationship building
- Team building
- Interpersonal skills
- Goal setting
- Risk assessment
- Professionalism
- Continuous improvement
- Incident response management
- Identity and Access management
- Disaster recovery strategies
Certification
CISSP, CCSP, CISM, ISO27001 (Lead Auditor), ISO27701 (Privacy), Third Party Risk Management (TPRM)
Affiliations
- ISACA
- ISC2
- BSI
Languages
English
Bilingual or Proficient (C2)
Hindi
Bilingual or Proficient (C2)
Timeline
Senior Security Analyst
Trinet
04.2024 - 10.2024
Manager Risk Advisory (Cyber Risk)
Deloitte Touche Tohmatsu India LLP
01.2021 - 03.2023
Security Operations Delivery Associate Manager
Accenture Services
08.2017 - 09.2020
Senior Security Specialist
Computer Science Corporation (Now DXC)
08.2010 - 08.2017
Network Security Engineer
iGATE Global Solutions
12.2006 - 09.2006
Security Operations Delivery Team Lead
Accenture Services
09.2006 - 08.2010
Network Engineer
iGATE Global Solutions
10.2004 - 12.2005
Bachelor of Science - Information And Communication Technology
Manipal Academy Of Higher Education
Similar Profiles
KIRBY O'LOUGHLINKIRBY O'LOUGHLIN
Sales Consultant at TriNetSales Consultant at TriNet
Thomas VienThomas Vien
Payroll Core Data Specialist at TriNetPayroll Core Data Specialist at TriNet
Bhanu Murali Krishna SirimallaBhanu Murali Krishna Sirimalla
Senior Transition Support Services Specialist at TrinetSenior Transition Support Services Specialist at Trinet
Christa LimasChrista Limas
Broker Relationship Manager at TriNetBroker Relationship Manager at TriNet
SHARMILA SSHARMILA S
IT Audit Consultant at SeimensIT Audit Consultant at Seimens