Summary
Overview
Work History
Skills
Accomplishments
Certification
Interests
Additional Information
Education
Work Preference
Timeline
Generic
Akhil Kumar

Akhil Kumar

Cyber Secuirty architecture
Mumbai,MH

Summary

Major Strength & Tools: Excellent interpersonal relationships, and mentoring skills with team building & leadership capabilities. Filled with positivity, humor, fun, and pleasant interactive Skills, which dilutes any level of stress Strong BFSI business acumen and IT solution design with an attitude of ownership Unsparing negotiation skills as a miser with rational and strong decision-making ability. Challenge-seeking enthusiasm with a never-give-up attitude & a logical problem-solving technique Self-motivated to achieve objectives with good analytical and risk calculation skills.

Overview

19
19
years of professional experience
1
1
Certification

Work History

Sr Vice President – Head

Mizuho global services
12.2023 - Current
  • Global IT Security & Governance, Mizuho Global services
  • My Current role in MGS is a strategic position to build and enable global capability center (GCC) for Cyber security & IT governance for Mizuho group companies
  • In order to build this function from scratch my key responsibilities include:- - Participation in Global, regional and country specific Cyber security committees/ advisory board /GRC council - Assist & support to Global & regional CISOs as technical SME and strategic advisory for Mizuho Bank &, - Working group lead for Third party risk management, to build comprehensive TPRM framework for Mizuho Bank - Process re-engineering & consolidation of Cybersecurity tools/platforms/products across global branches & group companies - Agile approach to cybersecurity beyond regulatory and geographical limitations along with consolidation for 2nd LoD - Automation /deduplication of cybersecurity function across Mizuho group & setup Cybersecurity CoE ( Center of Excellence) - Cybersecurity project delivery with support of Technology specific SMEs and cost optimization; Carbon Black EDR, Zscaler, Azure VDI, etc - Establishing 100 + team for BAU support to different Cyber security skills and function in MGS across two location
  • Hired and managed employees to maximize productivity while training staff on best practices and protocols.
  • Developed and executed strategic initiatives to drive business growth, resulting in higher revenues and market share expansion.
  • Championed innovation by encouraging cross-functional teams to pursue creative solutions to complex challenges.
  • Collaborated with executive leadership team members on long-term strategic planning that ensured sustainable success for the company.
  • Established a culture of continuous improvement, leading by example to drive operational excellence across the organization.
  • Identified opportunities to improve business process flows and productivity.
  • Strengthened relationships with key stakeholders, fostering trust and collaboration across the organization.
  • Presented and discussed strategy and initiative progress with senior business leaders.
  • Secured vital partnerships with industry leaders, enhancing company reputation and expanding market reach.
  • Influenced organizational change initiatives that resulted in significant improvements in workplace efficiency and employee satisfaction.
  • Founded performance- and merit-based evaluation system to assess staff performance.
  • Directed technological improvements, reducing waste and business bottlenecks.

Vice President

12.2019 - 11.2023
  • IT planning, Governance, and Security, Mizuho Bank
  • Direct & supervise my teams for IT Planning, Governance & IT security operation who perform the following: Propose IT Strategy, processes, and policies, as per business direction and other strategic initiatives like DevOps, SecOPS
  • IT budget and financial management, IT Problem management and identify IT-related business risks including Audits, risk assessments, response plans, checklists, action cards, regulatory guidelines, threat intelligence, among HO -Japan, APAC, and global stakeholders
  • Prepare & publish Dashboards like KPI/KRI & periodic presentation of IT Deck for board/SMC, ITSC, ISC, RMC and CAB meetings Analyze the effectiveness of Quality Control and security Assurance for IT development, software testing, IT service, operation & governance Spearheaded IT Audits and provide mitigation controls, self-assessments, resolve queries raised by Internal/External Auditors
  • Guiding team to monitor the malicious activities, network security, Malware analysis, and host behaviors for securing from the intrusion attacks, Blocking the IOCs/ hashes from the regulators, HO, FS-ISAC, and different CERTs, NPCI, NCIIPC, etc Responsible for Phishing campaigns, threat hunting, cyber drills and providing cybersecurity awareness training to staff & customers Lead for BCP activities and DR drills to ensure IT system contingency plan, in coordination with Japan and other APAC teams Timely submission of all IT-related compliance like CSITE returns, DBIE/PRISMA/DAKSH returns, and ad hoc questionnaires
  • Lead security vulnerability assessments, penetration tests & red teaming activities with remediation & closer activities with related teams
  • Review and approve firewall rules ACL/Network /Service /Nat/PAT Object on ASA and firewall, URL filtering, file blocking, security changes, system configurations, network profiles, and security policies in security devices, Identity and Access Management, along with exceptions
  • Firewall Health checkups for security parameters like licenses, Apps and threats, wildfire, are with current threat updates
  • Leading SOC team for India and other APAC countries with 27 staff on Realtime monitoring, supervising events & alerts generated from a variety of systems like SIEM/SOAR/PIM/DAM/NAC/ED/ETP/Proxy/WAF/DLP/DHCP, etc
  • Continuous SIEM integration for critical log sources
  • Responsible for Defining processes for SOC operations, Incident handling, sandboxing updating SOP, SOC reports, CSIRT, and CCMP Closely working with SIEM-SOAR and EDR teams for automation of Use cases, playbook, and their continuous upkeep and retention of logs
  • Working for global Digital risk protection and dark web monitoring through reports of Digital shadows

Unit head , IT project delivery

HDFC Bank
12.2014 - 09.2017
  • Self-motivated, with a strong sense of personal responsibility.
  • Worked effectively in fast-paced environments.
  • Skilled at working independently and collaboratively in a team environment.
  • Proven ability to learn quickly and adapt to new situations.

Program Manager ckyc registry

National Stock Exchange, NSE
09.2017 - 12.2019
  • DDoS, application, API, and reputation protection
  • Integration with AWS Cloud Security (, and Cloud trail) and also with SIEM Elimination of basic security design flaws in the overall architecture, like split-tunnel, anti-spoofing, any rules, physical bypasses, single point of failures, improper load balancing, change/ Release management, secure coding , IAM control and Dark web monitoring
  • Implementation of Netmonastery SIEM system for Realtime log monitoring and Threat management with auto-calling during incidents, for quick remediation, along with Cyberarc-PIM integration for remote access monitoring and alerts and Digital forensic through OSForensics
  • TrendMicro & MacAfee EPP (Endpoint protection), with MacAfee suite as HIPS, for RHEL systems and file server Comprehensive encryption for data at rest through Thales Vormetric guard and digital signature authentication for all transactions
  • Firmware/patch upgrades with a bi-annual review, DB-Middleware-OS brought to n-1 level with a quarterly review & meticulous patching
  • Seamless commissioning & operations for of Site-to-Site VPN, Client-to-Site VPN for 1000-plus connections to CKYC SFTP Perpetuuiti implementation for BCP automation and replication monitoring for applications, files, and databases Ensured 2 levels of code review and Greybox testing for every CR deployment, with an average of 10 CRs per month Closure of 150+ audit observations resulted from 4 assessments in a year including API Security assessments 3X augmentation in Record processing throughput and speed by configuration fine-tuning at the app, API, and MySQL DB layer
  • Ensured seamless growth upto 20X volume, with 70X capacity through Virtualization, microservices , parallel processing ,etc Non-disruptive migration of deduplication from Apache Elasticsearch tool to C++ based fuzzy logic system with in-memory analytics Implementation of other advanced Security monitoring tools like Tripwire-FIM, IBM-DAM/UEBA, FireEye-APT, DMARC, etc
  • Head, IT Project delivery & compliance, HDFC Bank
  • Analyze all IT Project requirements (1000+ annually), solution engineering, security architecture review, design consulting, and solutions with TCO calculation in coordination with vendors, IT infra, security teams, and software licenses, including public cloud deployments
  • Define and create schedules, and Plan of Action, direct for projects by establishing SOW, WBS, PIC, and ensure the progression till closure with precise deliverables in defined cost, compliance, time schedule, and GRC control structure as per RBI
  • Assessing project risk and taking appropriate measures, like Vulnerability analysis, Qualys scan, security gaps
  • Evaluating Infra & Security Technologies, preparing comparisons, researching new solutions, driving POC, and publishing results with technical, business, and commercial feasibility with internal knowledge documentation for products/services
  • Ensuring security and control implementation in all IT projects and new systems like VAPT, patching, Hardening, firmware upgrades
  • Installation of AV, CCS, FIM, integration with CyberArk PIM, SIEM, DAM, NAC, etc Reviewing Architect diagram, VAPT/SOC/Audit report for Security Risk assessments of 3rd party vendors with API Security
  • Achievements @ HDFC Bank Initiative to lead the bank’s Public Cloud adoption in line with RBI cloud security guidelines, to design & implement a comprehensive structure for public cloud adoption with a secure & controlled cloud service
  • Network, security, and deployment architecture setup for Azure and AWS, Business Workload deployment, integration, and management of workloads on the public cloud along with negotiations for robust legal agreements
  • Automation of TCO preparation for all IT projects in the bank, which includes all IT infra, security, software licenses, public cloud instances, implementation, monitoring, application development, support services, etc, similar to public cloud charges & costing model
  • IT Project solution engineering to ensure cost control and 5 nines availability for 100 plus business applications
  • Timely closure for 2000 plus projects with end-to-end, procurement, implementation, compliance, and delivery of IT systems, as per cost, schedule, and requirement of business/technology users, including software license deployment control
  • Automation for tracking and record keeping of hardware/software asset lifecycle as handover/release/ redeployment, along with automated inventory and device management through IBM Bigfix
  • Including software license management for 70k +end points
  • Introduced IT requirement forecasting, capacity planning, and strategy design to meet the IT service demand for hardware, software, network, Datacenter and security tools from different teams of the Bank, valued of 500 cr plus portfolio
  • Managed Audit response & closer of findings on IT procurement /implementation/allocation process, with ZERO audit gaps in my tenure
  • Ensuring for AI (acquire & Implement) DSS (Deliver, Service, Support) process compliance as per COBIT.
  • Managed and supervised administrative and daily program operations, complying with policies and regulations.
  • Managed cross-functional teams for successful project completion within deadlines and budgets.
  • Established strong relationships with key stakeholders, ensuring support for program initiatives.
  • Managed multiple strategic projects with numerous sub-projects or workstreams.
  • Ensured regulatory compliance by closely monitoring adherence to industry standards and guidelines throughout the program lifecycle.
  • Delivered high-quality results by setting performance metrics and monitoring progress against targets.
  • Improved program efficiency by streamlining processes and implementing time-saving solutions.
  • Spearheaded innovative problem-solving techniques that addressed challenges head-on, resulting in effective resolution measures.
  • Collaborated with business leadership to set priorities based on business needs, resource capacity and risk exposure.
  • Worked with subject matter experts to develop and implement mentoring programs to promote better learner experiences.

IT Compliance PMO

ICICI Bank
05.2009 - 11.2014
  • Apart from Strategic Projects my BAU responsibilities with my team included: - The responsibility to manage the compliance, capacity, cost optimization, availability , asset lifecycle of IT Infra (including server, storage, network, Datacenter, ATMS, security, software, file server, NAS drives, etc.) for 800+ business application systems of ICICI Group
  • PMO for all infra projects and application requirement analysis from IT infra, compliance, and cyber security perspective IT Strategy Planning, Infrastructure solution, architecture design, IT Infra and security product evaluation, SLA reviews & management Supplier management; driving POC, negotiations, contracting for the purchase of IT equipment, software, security solutions, and services Delivering and driving IT Infrastructure supply management from availability and capacity management perspective for Windows, Linux
  • AIX Solaris, Superdomes, Network, Firewall, WAF, Network devices, Load balancers, VMware, Antivirus, Active directory, DNS, etc
  • Technology accounting and financial management functions like, Capex-Opex estimations, provisioning, budget monitoring, verification of payments along with transfer pricing of expenses to Group companies quarterly
  • ITGRC control for datacenter infrastructure; with frameworks of process evaluation for ISO 27001, 5S, SOX, KPMG-ITGC, IS audits, and RBI
  • Designing, implementing & reviewing IT Risk Management Policies along with internal SOP review periodically
  • Achievements @ ICICI Bank A restless effort for network commissioning in 580 branches within 60 days of joining
  • Brought PAN India ICICI Bank ATM network uptime to 99% from 85% within 100 days
  • Implemented remote & Centralized Realtime monitoring and ticketing system for Branch device management and their upkeep PMO for DC and DR migration with 800 applications and 5000 plus assets with all desired compliance and security controls
  • Implemented granular level transfer pricing for all IT expenses by the bank for ICICI group companies
  • Ensured more than 97% compliance for OS/DB/Middleware version, firmware upgrades, patching, and baselining
  • Was selected as a member of an elite team for Emergency Response and Business Continuity at the Bank.

At, Assistant Manager

Genius Consultant Ltd
Hyderabad
10.2007 - 03.2009
  • Handling End-user system support with a team of 3 members for IT support functions, antivirus, malware protection, etc
  • Assisting corporate office in the implementation of IT systems, Network, and IT infra maintenance in branches
  • Maintaining the MySQL-based Resume database for different skill sets & Preparing MIS Reports periodically
  • Developed proficiency in Linux-Apache-MySQL-PHP (LAMP) based system development, website security, content, & query management

Founder

ALB consultancy
Kolkata
10.2005 - 10.2007
  • Of a startup in college days to provide IT infra, desktop, and PC support to Merchants, shopkeepers, households, colleges PHP-MySQL-based secure Website design with robust security features and maintenance for a variety of entities and individuals.

Skills

  • Device lifecycle management, Cloud migration/integration, IT Project & Program Management, Technology service delivery, IT
  • Security, Cyber Monitoring, regulatory compliance, governance, Data privacy, Problem & IT risk management
  • Comprehensive understanding of BFSI business, its technology operations, regulatory compliance, IT system implementations
  • Management, with a variety of functional and non-functional requirements with adequate security and Data Privacy along with
  • Global exposure in Japan and APAC countries for delivering large IT and business projects with 100 Cr value
  • Mentored by leading CIO/CTO/CISOs of BFSI at ICICI, HDFC, and NSE, with proven success in IT strategy designing with well
  • Demonstrated control skills for technology-economics management, and nano-planning to control Risk, Time and cost
  • PMP, ITIL, MCSE, OCP, CISA, CISSP, CISM, CDPSE, CCISO certified expert with Strong business delivery focus and Design thinking
  • Approach with clarity on Customer to Datacenter architecture, with agile, robust and secure solution design to address short &
  • Long-term business needs on a wide variety of hardware, OS, middleware, database, web server, compiler, and coding platforms
  • Creative thinker, innovator & analytical architect with proven ability to design cost-efficient system architecture, and IT security
  • Framework integration as per business ROI expectations with an entrepreneur’s mindset and end customer in focus
  • Efficient in managing IT risks, operational crisis, IT Security issues, cyber incidents under pressure, to minimize business impact
  • In accordance with ITIL, ISACA, ISO 27001, NIST, MITRE, ISC2 & COBIT best practices model
  • Building performance-driven team & culture beyond geographical boundaries that ensures personal ownership, lead, coach
  • Mentor & motivate teams to achieve goals of business objective, time, cost saving, Risk control and ROI
  • Academic accomplishments in Cyber law, Artificial intelligence, advanced statistics & Data science A perpetual learner with
  • Wide and diversified credentials and certifications, researching on RPA based forensics and strategic cyber threat intelligence
  • Regular participation in conferences as panel member, Speaker, Influencer, on subjects of IT risk management & Cyber Security
  • Banking family and social background along with, Membership of Various CIO/CTO/CISO groups, Global Cyber security
  • Committee for Mizuho Group, Digital Shadows WG, Leading global working group for TPRM- (Third Party Risk Management)
  • Member of FS-ISAC (Financial Services Information Sharing and Analysis Center) along with working group on AI RISK
  • Setup of secure and reliable Local Internet gateway for Mizuho India, 2021 along with Implementation of cybersecurity
  • Framework with ecosystem of process and technologies like, Firewalls, IPS, NAC, PIM, DAM, SIEM, ETP, DLP, EDR, XDR
  • Setup of Remote access facility for 400 users within 50 days during COVID lockdown, with robust security monitoring
  • Robust security architecture to ensure for Zero breach and 99% plus availability for CKYC since JAN 2018
  • 50% reduction in a 10-year costing of C-KYC with 3X output increase, 1st RPA solution for KYC data management in BFSI
  • Formulated & architected Public Cloud strategy for HDFC bank & workload migration along with robust cloud security
  • Integration framework One first public cloud adoption in Indian banking sector
  • Managing and delivering 100 concurrent projects on time 85% higher compliance with 35% reduced TAT by re-engineering
  • The processes, procedures, solutions, and Automation at HDFC Bank
  • Implementation of granular level IT cost transfer pricing within ICICI group for IT expenditure by ICICI bank
  • Speaker in various IT events, conferences, & seminars on cyber security cloud adoption, IT infra, IT risk management etc
  • Major Accolades in Career
  • BFSI Career Chronology: -
  • Details of Career progression, Job Responsibilities, and Accomplishments
  • Strategic leadership
  • Policies and procedures
  • Strategic plans
  • Digital transformation
  • IT management
  • Product management
  • Strategic planning
  • Strategic goals
  • Report preparation
  • Procedure implementation
  • Program oversight
  • Project management
  • Program management
  • Business planning
  • Executive leadership
  • Regulatory compliance

Accomplishments

  • CERTIFICATIONS: - ITIL(V3), PMI-PMP, Microsoft Certified Solutions Expert: Cloud Platform

Certification

A Cyber Strategist & IT Risk Manager BUSINESS CERTIFICATION: -IIBF-JAIIB+CAIIB, AMFI, NCFM-NSDL, Operational Risk management (ORM), Advanced Treasury Management TECHNOLOGY, and Infrastructure, Charter Member (MCSE & MCSA), Oracle certified associate & professional (OCA & OCP), Cisco Certified Network Administrator (CCNA), Microsoft Specialist: Architecting & Implementing Azure Solutions (70-533/534), Design and Implement Big Data Analytics Solutions (70-475), EXIN Cloud Computing Expert, Data Science & Machine Learning, Blockchain technology Management, SAS Advanced analytics, Enterprise Design thinking, Artificial intelligence, RPA Management. IT SECURITY & GOVERNANCE CERTIFICATIONS: - Certified Information Security Professional (ISC2 -CISSP), Certified Information Systems Auditor (ISACA-CISA), OSForensics Triage Certification, API Security Architect, Fortinet Network Security Expert certification(NSE-3), CyberARK Certified Trustee, Certified Data Privacy Solution Engineer (ISACA-CDPSE), Cisco Cybersecurity Specialist (CCS) AWS Cloud security, Certified Network Security Specialist (ISCI-CNSS), Certified Cyber Crime Intervention Officer(ISAC-CCIO), Trained for DSCI Certified Privacy Professional (DCPP), EC-council- Certified CISO (CCISO), Certified Information Security Manager (ISACA- CISM), Various IDRBT certification on security and cyber-crime. Pursuing Ph.D. on “Risk while adoption of AI in the Indian banking sector” from NMIMS, Mumbai. PG Diploma in Cyber Law & Cyber Forensics from National Law School of India University, Bangalore MBA from Manipal University in Banking & Finance with (Regular) MBA from ICFAI University in IT & systems. (Distance Learning) B.E in Information Technology from Indian “Institute of Information Technology “ (iiit-Calcutta) Secondary & Higher secondary schooling from CBSE Board An assorted experience of 18+ years in IT System solutioning & Architecture, Business requirement analysis, Application and

Interests

Achievements till now @ Mizuho – , Compliance with 100 Plus audit observations in 6 months with Implementation of process and technologies like, Firewalls, NAC, PIM, DAM, QRADAR -SIEM, DLP, AKAMAI ETP, Service desk, Desktop central, TrendMicro EDR- Apex one, OPmanager, etc Closer of old compliance gaps for GG committee guidelines, 2011, CSF 2016 and SWIFT control, 2018 Local Internet gateway implementation for safe, secure, and reliable access to the Internet through India breakout Setup of virtualized server infrastructure for Mizuho India with virtualization of 50 plus servers, maturing it to DevOps and DevsecOps setup Strengthen the cyber–Security Operations Framework with continuous review of rules, controls, and policies through 14 self-assessments Implementation of Ransomware data protection with backup & Encryption: along with 3-way replication, Automated backups Implemented EDR, with Threat Prevention policies and IOC blockings by Consolidation of firewalls management through Fortimanager Upgrade of PAN India Network infrastructure, switches, firewalls, Servers, and desktops with the latest devices and firmware levels Successfully Driven RBI compliance on Digital payment system security control & payment data storage localization compliance DMARC Implementation for India domain including SPF and DKIM, by consulting with various businesses for their email deliverability needs From September 2017 till December 2019: - IT Head for C-KYC registry, at National Stock Exchange Responsible for Availability, Performance, IT Security & Data privacy for India’s Central KYC registry (CKYC), A CERSAI system as MSP In charge of CKYC product & program management including development, testing, deployment, change/Incident management, IT Infra, NOC, SOC, technology operations, support, system design, compliance, audit, governance, and quality assurance for the CKYC registry Ensure secure accumulation, processing, and dissemination of sensitive data for one of the biggest PII data repositories with the highest level of Information security and data privacy in Co-ordination with CERSAI, RBI, SEBI, IRDA, and Government of India officials Periodic reporting on CKYC adoption to RBI, SEBI, Department of Revenue/Department of Financial services-Govt of India Enabling Banks and other financial institutions for adopting the CKYC platform, Secure network connectivity, and conduct training Coordination with CERT-In, NCIIPC, DSCI, Maha-Cyber, MHA for Information security and privacy-related issues, update in system Manual & Skybox Automated review of firewall rules to clean up duplicate, overlapping, and isotopic rules, object Groups, access list and Nat rules, user privileges, block list, IPS signature, AV status, firmware status, Cloud security for AWS /Azure, S3 buckets compliance, Maintaining proxy & firewall, SOAR, WAF, Management /Monitoring of CRLs , troubleshooting dynamic & L3 level security problems Analyzing, investigating security incidents by creating Use Cases, Aggregation rules and Dashboards, mitigation strategies and responsible for preparing Security incident reports, access reviews, patch management vulnerabilities, audit points Key Accomplishments @ CKYC Design, implementation, control, and review of ITGRC framework, and SLA management within 6 months of joining Establishment of a RAS network with Fortinet firewalls, Fortimanager & Forti Analyzer, Citrix LBs, and Arista switches Web application firewall configuration with SSL certificate management, migration from Imperva to AKAMAI with protection suite for DNS

Additional Information

  • HDFC Bank , Dec 14-> Sep 17 National Stock Exchange Sep 17 -> Dec 19 Mizuho Bank Dec19 Onwards Top Cybersecurity Influencer of 2023 | Cloud Champion Award 2022 by CXOTV group | BIG CIO Innovator Award 2022 by BIG CIO Show Infosec Maestros Award in 2021 |Cloud Leader award at IDC cloud conference May-2017 Innovative IT Leader Award at, August-2018 |Next CIO Award-2019 |NBFC-BFSI technology Awards- 2021 Selected twice for appreciation award at NSE for CKYC setup, 1st award within 3 months of joining NSE. Star Performer in Q3-2016, for Secure Azure Cloud enablement at HDFC bank. Recognized as Star Performer in Q4-2015 & Q1-2017 for Automation of TCO calculation for IT Infra and security projects at HDFC bank. Received appreciation from CTO, ICICI Bank for DC and DR relocation for ICICI group as PMO and compliance officer, 2013 Received “Certificate of Excellence” from MD & CEO, ICICI Bank, 2011 for Managed services implementation for bank ATMs ICICI Bank Awards in 2010 for network enablement in milestone project of opening 500 branches of the Bank in 50 days

Education

Bachelor Of Engineering -

Iiit Calcutta
Kolkata

Mba - Banking And Finance

Tapmi Manipal
Manipal

Work Preference

Work Type

Contract WorkGig Work

Work Location

Remote

Important To Me

Career advancementWork-life balanceCompany CultureWork from home option

Timeline

Sr Vice President – Head

Mizuho global services
12.2023 - Current

Vice President

12.2019 - 11.2023

Program Manager ckyc registry

National Stock Exchange, NSE
09.2017 - 12.2019

Unit head , IT project delivery

HDFC Bank
12.2014 - 09.2017

IT Compliance PMO

ICICI Bank
05.2009 - 11.2014

At, Assistant Manager

Genius Consultant Ltd
10.2007 - 03.2009

Founder

ALB consultancy
10.2005 - 10.2007

Mba - Banking And Finance

Tapmi Manipal

Bachelor Of Engineering -

Iiit Calcutta
Akhil KumarCyber Secuirty architecture