Summary
Overview
Work History
Education
Skills
Certification
Interests
TECHNICAL PLATFORMS
CAREER HIGHLIGHTS
Timeline
web
AVINASH BASTIA

AVINASH BASTIA

Cyber Security
Bangalore

Summary

  • With 11 years of progressive experience in cybersecurity, network security, cloud security, GRC, and enterprise infrastructure, I specialize in helping organizations build secure, scalable, and business-aligned security architectures that drive resilience, compliance, and digital transformation. Currently associated with Capgemini, I work at the intersection of cybersecurity leadership, strategic consulting, and pre-sales solution architecture—translating complex customer challenges into secure, cost-optimized, and outcome-driven solutions. My expertise spans enterprise security architecture, zero trust, SASE, SD-WAN, SOC/SIEM, IAM, incident response, threat intelligence, cloud & infrastructure security, and governance-risk-compliance (GRC). Over the years, I have partnered with CIOs, CISOs, business leaders, OEMs, and enterprise customers across many sectors to architect future-ready security strategies that not only strengthen cyber resilience but also create measurable business value. Key strengths include:
  • Security Consulting & Strategic Advisory
  • Cybersecurity Leadership & Stakeholder Management
  • Pre-Sales Security Architecture & Solutioning
  • Revenue Growth, Customer Success & Account Expansion
  • Zero Trust, SASE, SD-WAN & Enterprise Networking
  • Cloud Security & Infrastructure Transformation
  • SOC Operations, Incident Response & Threat Intelligence
  • IAM, Web Security & Network Security
  • Risk Management, Compliance & Audit Readiness
  • GDPR, HIPAA, PCI-DSS, HITRUST & Data Privacy
  • Business Continuity, Disaster Recovery & Operational Resilience I have successfully led end-to-end pre-sales engagements, including requirement discovery, security assessments, architecture design, PoC execution, proposal development, compliance alignment, and executive-level presentations. I am passionate about positioning cybersecurity not just as a technical necessity but as a strategic business enabler that drives trust, innovation, operational efficiency, and long-term growth. Known for simplifying complex technical concepts for executive stakeholders, I focus on building trusted client relationships and delivering security solutions that align technology with business objectives, ROI, and future scalability.

Overview

3
3
Languages
4
4
Certifications
12
12
years of professional experience

Work History

Manager & Pre-Sales Security Architect

Capgemini India Pvt. Ltd.
Bangalore
08.2023 - Current
  • Drive end-to-end pre-sales engagements — from discovery workshops and technical assessments to BoM, HLD, RFP/RFI responses, and competitive positioning — directly supporting multi-million-dollar deal closures across NGFW, SASE, Zero Trust, and Cloud Security.
  • Architect bespoke enterprise security solutions mapping Palo Alto, Zscaler, Fortinet, Cisco, and Azure capabilities to client business outcomes — accelerating pipeline velocity, improving win rates, and influencing $50M+ in security revenue pipeline.
  • Lead PoC design, configuration, execution, and documentation for security platforms — converting technical evaluations into revenue by demonstrating clear business value and ROI. Achieved 100% pre-sales deal win support rate.
  • Serve as vCISO advisor to enterprise clients, leading Zero Trust roadmaps and strategy execution — resulting in 40% reduction in security incidents, 92% ROI, and 50% reduction in data breach risk for clients.
  • Migrate firewall services from on-prem data centers to Azure Cloud Palo Alto firewalls — reducing customer infrastructure costs and strengthening Capgemini’s cloud security revenue stream.
  • Architect and deliver SOC Operations frameworks (SIEM, SOAR, XDR, UBEA) enabling 24/7 threat monitoring, reducing security infrastructure costs by 50% per engagement while improving detection and response time.
  • Drive GRC programs aligned to ISO 27001, NIST, PCI-DSS, SOC 2, HIPAA, and HITRUST — enabling compliance-driven deal closures in regulated industries and saving clients an average of $1.2M per audit cycle in remediation costs.
  • Manage ZIA (Zscaler Internet Access) and Cisco AnyConnect/SSL/IPSec VPN deployments — ensuring zero-downtime delivery that protects client SLA commitments and drives managed services renewals.
  • Conduct architecture reviews identifying policy gaps, segmentation weaknesses, and cloud exposure — generating upsell opportunities and strengthening long-term account stickiness.
  • Collaborate with Account Managers, OEMs (Palo Alto, Zscaler, Fortinet, Cisco), and delivery teams to align technical positioning with sales strategy — shortening sales cycles and building $1.2M+ in new customer revenue.
  • Lead vulnerability management, patch management, and identity & access management (IAM) programs — reducing privileged account exposure by 75% and hardening attack surfaces for enterprise clients.
  • Prepare technical proposals, SOW documents, and BCP/DR plans (RTO 4Hrs) — enabling 99.97% uptime guarantees and audit-ready infrastructure for mission-critical environments.
  • Managed and motivated employees to be productive and engaged in work.
  • Accomplished multiple tasks within established timeframes.
  • Enhanced customer satisfaction by resolving disputes promptly, maintaining open lines of communication, and ensuring high-quality service delivery.

Lead

Tata Communications Limited
Bangalore
04.2023 - 08.2023
  • Delivered multi-customer security implementations (Tata Electronics, EXL, Nelliot) spanning Fortinet (FortiGate, Sandbox, ZTNA, EMS, FortiManager, FortiAnalyzer), Palo Alto, Checkpoint, F5 LTM/WAF, and Arbor DDoS.
  • Led migration projects and POA development with network teams — ensuring on-time, zero-disruption handovers to NOC operations while protecting client SLA performance.
  • Optimized network performance through effective monitoring and troubleshooting of security devices.
  • Worked with teams to develop company-wide information assurance, security standards and procedures.
  • Reduced cyber threats by conducting vulnerability assessments and recommending appropriate mitigation strategies.
  • Implemented necessary controls and procedures to protect information system assets from intentional or inadvertent modification, disclosure or destruction.
  • Enhanced network security by implementing advanced firewall configurations and intrusion detection systems.
  • Evaluated emerging technologies for potential implementation in enhancing network security infrastructure.
  • Self-motivated, with a strong sense of personal responsibility.
  • Excellent communication skills, both verbal and written.
  • Proven ability to learn quickly and adapt to new situations.
  • Skilled at working independently and collaboratively in a team environment.

Technical Lead – Network Security

Happiest Minds Technologies
Bangalore
07.2022 - 03.2023
  • Led Site-to-Site VPN migration from Checkpoint, Cisco, and FortiGate to Palo Alto — full-cycle delivery including PoC, migration documentation, test plans, change management, and CAB approvals for international client.
  • Designed configuration templates, routing, zone architecture, and node-specific setups — reducing implementation errors and accelerating deployment timelines.
  • Managed TAC escalations across F5, Arbor, Cisco, Checkpoint, FortiGate, and Palo Alto — resolving critical issues with measurable reduction in MTTR.
  • Client: Webhelp, France
  • Mentored junior developers through regular 1-on-1 meetings, providing guidance on best practices, coding standards, and career growth opportunities.
  • Coordinated with cross-department teams like QA, DevOps, and Support to ensure seamless end-to-end software delivery process.
  • Implemented continuous integration and deployment strategies for faster release cycles and improved application reliability.
  • Maintained close communication with clients throughout project life cycles for accurate progress reporting and prompt issue resolution.

L2 SME TAC Engineer – Network Security

Reliance JIO
06.2017 - 07.2022
  • Managed Jio’s national ASA, Firepower (FMC 4500, FTD 2140), and Arbor DDoS infrastructure across PAN India — protecting millions of subscribers on one of India’s largest ISP networks.
  • Diagnosed and remediated complex P1/P2 incidents — delivering detailed RCA, 8D reports, and mitigation plans to senior stakeholders while maintaining SLA compliance on critical national infrastructure.
  • Led DDoS packet analysis and mitigation for Reliance JIO ISP network — minimizing revenue-impacting downtime during large-scale attacks.
  • Managed firewall upgrades (IOS, FMC, FXOS, FTD, SP, TMS, TRA) across all India locations — maintaining compliance and eliminating unplanned outages.
  • Mentored junior team members, contributing to their professional growth and development.
  • Enhanced team performance by providing expert guidance on critical projects and strategic initiatives.
  • Established best practices for knowledge sharing, fostering a culture of continuous learning and improvement.
  • Developed effective training materials for diverse audiences, resulting in improved skillsets and increased job satisfaction.
  • Delivered Tier-3 support and SME input to internal and external customers.
  • Conducted root cause analysis for recurring issues to implement corrective measures that prevented future occurrences.
  • Actively collaborated with vendors to resolve hardware or software-related problems efficiently.

L2 Engineer – Network Infrastructure

Bharti Airtel India (via Trimax IT Infrastructure)
05.2015 - 09.2016
  • Managed 46+ CE router links across India for the DD-MPLS project — led a team of 5 L1 engineers ensuring 99.9% link availability across Airtel/Vodafone dual-carrier setup.
  • Configured Route Reflectors, Prefix Lists, BGP Attributes, and MP-BGP — supporting enterprise VRF provisioning and network expansion projects.
  • Managed resources effectively during periods of high demand, ensuring uninterrupted service delivery without sacrificing standards or quality.
  • Participated in change management activities, ensuring minimal disruption to user operations during system modifications or upgrades.
  • Optimized network configurations by performing regular audits and making necessary adjustments.
  • Developed comprehensive documentation for L2 processes, enabling faster onboarding of new team members.
  • Delivered training sessions for junior engineers, improving their technical skills and knowledge base in L2 support functions.
  • Contributed to the development of best practices for L2 engineering workflows, fostering consistency across all team members'' work methods.

Network Infrastructure Security Engineer

Accenture India (via Adecco India Pvt. Ltd.)
04.2014 - 05.2015
  • Managed ASA 5550/5540, FortiGate, Checkpoint (R70/R75), ASR/ISR routers, and Nexus 5000/2000 — ensuring security and availability of Accenture Hyderabad infrastructure.
  • Administered Site-to-Site VPN, SSL VPN, and GRE over IPSec — maintaining secure connectivity across enterprise locations and partner networks.
  • Administered Site-to-Site VPN, SSL VPN, and GRE over IPSec; supported HA failover testing with Firemon policy governance compliance.
  • Evaluated emerging technologies for their potential impact on organizational security posture, recommending appropriate solutions as needed.
  • Contributed to business continuity planning efforts by assessing potential risks to critical systems and implementing backup strategies that ensured minimal downtime during disaster recovery scenarios.
  • Managed incident response activities during critical security events, effectively containing threats and minimizing damage to systems and data.
  • Led a team of security analysts to monitor and analyze potential risks, ensuring timely threat mitigation and incident response.
  • Conducted regular penetration testing to identify vulnerabilities and address them proactively, strengthening system defenses.

Education

Bachelor of Technology - Computer Science

Konark Institute of Science And Technology
Bhubaneshwar , Odisha
06-2012

Skills

Security Strategy & Architecture

Zero Trust Enterprise (ZTE)

SASE & SD-WAN

Cloud Security (Azure / AWS / GCP)

SOC Operations (SIEM, SOAR, XDR)

Incident Response & Threat Hunting

GRC – ISO 27001, NIST, COBIT, SABSA, TOGAF

PCI-DSS

Team leadership

Operations management

Strategic planning

Decision-making

Certification

CCSA – Checkpoint Firewall (CP000008119)

Interests

Football

TECHNICAL PLATFORMS

  • Firewalls: Palo Alto PA-850/500/Panorama
  • Cisco ASA 5585/5550
  • FMC 4500/2500
  • FTD 2140/4140
  • Checkpoint R70/R75/700
  • FortiGate 600/100E/400E
  • SASE & Zero Trust: Zscaler ZIA/ZPA
  • Prisma Access
  • Fortinet ZTNA/EMS
  • FortiManager
  • FortiAnalyzer
  • Cloud & IAM: Azure Palo Alto Firewall
  • Azure vWAN
  • ExpressRoute
  • VNet
  • AWS/GCP Cloud Security
  • IAM Platforms
  • SOC / SIEM / SOAR: SIEM (multi-vendor)
  • SOAR
  • XDR
  • UEBA
  • MDR
  • CASB
  • DLP
  • TIPS
  • DDoS & ADC: Arbor SP 5200C/WR
  • TMS T4008
  • TRA VM
  • F5 BIG-IP i2600 LTM/ASM
  • Routing & Switching: ASR 1000/9000/4000
  • ISR 3925
  • Catalyst 2960/3250/3550
  • Nexus 5000/2000
  • GRC & Monitoring: ServiceNow
  • ITSM
  • BMC Remedy
  • Firemon
  • Qualys
  • DRATA
  • ISO 27001
  • NIST
  • COBIT
  • SABSA
  • TOGAF

CAREER HIGHLIGHTS

  • Influenced $50M+ in security revenue pipeline at Capgemini through strategic pre-sales architecture, PoC leadership, and competitive deal positioning across NGFW, SASE, Zero Trust, and Cloud Security.
  • Won $1.2M in new Cyber Security Consulting and MSSP revenue through strategic client acquisition across US NA and Europe regions (BFSI, Telecom, Life Sciences — Citi, CBS, GE, Siemens, Vodafone, Mylan, Bio-Rad).
  • Delivered Zero Trust Architecture program achieving 40% reduction in security incidents, 92% ROI, 50% reduction in data breach risk, and
  • Managed PAN India network security operations for Reliance JIO — protecting millions of subscribers across ASA, Firepower, and Arbor DDoS infrastructure while maintaining SLA on India’s largest ISP.
  • Led zero-downtime VPN migration (Checkpoint/Cisco/FortiGate to Palo Alto) for Webhelp France — international delivery showcasing execution excellence that drives client trust and repeat business.
  • Drove Capgemini’s firewall-to-cloud migration programs (on-prem to Azure Palo Alto) — generating cloud security upsell revenue while reducing customer infrastructure costs.

Timeline

Manager & Pre-Sales Security Architect

Capgemini India Pvt. Ltd.
08.2023 - Current

Lead

Tata Communications Limited
04.2023 - 08.2023

Technical Lead – Network Security

Happiest Minds Technologies
07.2022 - 03.2023

L2 SME TAC Engineer – Network Security

Reliance JIO
06.2017 - 07.2022

L2 Engineer – Network Infrastructure

Bharti Airtel India (via Trimax IT Infrastructure)
05.2015 - 09.2016

Network Infrastructure Security Engineer

Accenture India (via Adecco India Pvt. Ltd.)
04.2014 - 05.2015

Bachelor of Technology - Computer Science

Konark Institute of Science And Technology

Similar Profiles

  • PANEESHA APANEESHA A

    Sr. Manager – Information Security / Security Architect at Atlas Systems Pvt. Ltd.Sr. Manager – Information Security / Security Architect at Atlas Systems Pvt. Ltd.

  • Indranil SenIndranil Sen

    Pre-sales Solution Architect at TCSPre-sales Solution Architect at TCS

  • APPAKUTTY E. KALAINESANAPPAKUTTY E. KALAINESAN

    Senior Principal Application Security Architect | IoT Product Security Lead at OWL LABS INC.Senior Principal Application Security Architect | IoT Product Security Lead at OWL LABS INC.

  • MUHAMMED ASLAMMUHAMMED ASLAM

    Information Security Architect at CSG InternationalInformation Security Architect at CSG International

CREATE PROFILE
AVINASH BASTIACyber Security