Achievements till now @ Mizuho –
, Compliance with 100 Plus audit observations in 6 months with Implementation of process and technologies like, Firewalls, NAC, PIM, DAM,
QRADAR -SIEM, DLP, AKAMAI ETP, Service desk, Desktop central, TrendMicro EDR- Apex one, OPmanager, etc
Closer of old compliance gaps for GG committee guidelines, 2011, CSF 2016 and SWIFT control, 2018
Local Internet gateway implementation for safe, secure, and reliable access to the Internet through India breakout
Setup of virtualized server infrastructure for Mizuho India with virtualization of 50 plus servers, maturing it to DevOps and DevsecOps setup
Strengthen the cyber–Security Operations Framework with continuous review of rules, controls, and policies through 14 self-assessments
Implementation of Ransomware data protection with backup & Encryption: along with 3-way replication, Automated backups
Implemented EDR, with Threat Prevention policies and IOC blockings by Consolidation of firewalls management through Fortimanager
Upgrade of PAN India Network infrastructure, switches, firewalls, Servers, and desktops with the latest devices and firmware levels
Successfully Driven RBI compliance on Digital payment system security control & payment data storage localization compliance
DMARC Implementation for India domain including SPF and DKIM, by consulting with various businesses for their email deliverability needs
From September 2017 till December 2019: - IT Head for C-KYC registry, at National Stock Exchange
Responsible for Availability, Performance, IT Security & Data privacy for India’s Central KYC registry (CKYC), A CERSAI system as MSP
In charge of CKYC product & program management including development, testing, deployment, change/Incident management, IT Infra,
NOC, SOC, technology operations, support, system design, compliance, audit, governance, and quality assurance for the CKYC registry
Ensure secure accumulation, processing, and dissemination of sensitive data for one of the biggest PII data repositories with the highest
level of Information security and data privacy in Co-ordination with CERSAI, RBI, SEBI, IRDA, and Government of India officials
Periodic reporting on CKYC adoption to RBI, SEBI, Department of Revenue/Department of Financial services-Govt of India
Enabling Banks and other financial institutions for adopting the CKYC platform, Secure network connectivity, and conduct training
Coordination with CERT-In, NCIIPC, DSCI, Maha-Cyber, MHA for Information security and privacy-related issues, update in system
Manual & Skybox Automated review of firewall rules to clean up duplicate, overlapping, and isotopic rules, object Groups, access list and
Nat rules, user privileges, block list, IPS signature, AV status, firmware status, Cloud security for AWS /Azure, S3 buckets compliance,
Maintaining proxy & firewall, SOAR, WAF, Management /Monitoring of CRLs , troubleshooting dynamic & L3 level security problems
Analyzing, investigating security incidents by creating Use Cases, Aggregation rules and Dashboards, mitigation strategies and responsible
for preparing Security incident reports, access reviews, patch management vulnerabilities, audit points
Key Accomplishments @ CKYC
Design, implementation, control, and review of ITGRC framework, and SLA management within 6 months of joining
Establishment of a RAS network with Fortinet firewalls, Fortimanager & Forti Analyzer, Citrix LBs, and Arista switches
Web application firewall configuration with SSL certificate management, migration from Imperva to AKAMAI with protection suite for DNS