Summary
Overview
Work History
Education
Skills
Websites
Certification
Languages
Timeline
Generic

BEN ANTONY

Bangalore

Summary

A highly accomplished Information Security professional with over 18 years of diverse experience across the defense, government, and private sectors. Demonstrated excellence in governance, risk, and compliance (GRC) frameworks, reinforced by extensive certifications and training in ISMS, AIMS, and PIMS. Proven expertise in spearheading high-impact cyber deterrence operations, vulnerability assessments, penetration testing (VA/PT), red teaming, and comprehensive security audits. Exceptional background in designing and sustaining robust security postures for intricate networks and data centers. Adept at providing strategic security leadership and advisement, having collaborated with global organizations across telecommunications, energy, aviation, FMCG, healthcare, and banking industries. Served as a Third-Party Auditor for the Government of Karnataka, offering strategic counsel to the CISO on national-level security strategies. Currently an Associate Director at PwC, delivering bespoke information security solutions to multinational clients. Renowned for a strong track record in formulating and executing enterprise-wide security strategies, mitigating risks, and ensuring compliance in high-stakes environments.An accomplished Information security professional with 18+ years of diverse experience across the defence, government, and private sectors. Proven leadership in governance, risk, and compliance (GRC) frameworks, with certifications and training in ISMS, AIMS, and PIMS. Expertise in leading high-impact cyber deterrence, vulnerability assessments, penetration testing (VA/PT), red teaming, and security audits. Extensive background in designing and maintaining security postures for complex networks and data centers. Adept at providing strategic security leadership and advisement, having worked with global organizations in industries including telecommunications, energy, aviation, FMCG, healthcare, and banking. Experience as a Third-Party Auditor for the Government of Karnataka, advising the CISO on national-level security strategies. Currently, an Associate Director with PwC, delivering tailored information security solutions to multinational clients. Strong track record in shaping and executing enterprise-wide security strategies, mitigating risks, and ensuring compliance in high-stakes environments.

Overview

22
22
years of professional experience
1
1
Certification

Work History

Associate Director: Risk Consulting and Enterprise Security

PwC India
04.2024 - Current
  • Formulated and executed strategic infosec audit plans, aligning with regulatory requirements and client objectives
  • Demonstrated ability to identify key risk areas and prioritize audit efforts to ensure comprehensive and efficient results
  • Through innovative audit methodologies and enhanced intrusion prevention systems, I help organizations achieve regulatory compliance and bolster their Cybersecurity frameworks
  • Utilized advanced data analytics to uncover critical insights, driving informed decision-making and risk mitigation
  • Fostered strong relationships with cross-functional teams and executive leadership to drive Cybersecurity initiatives and facilitate a culture of risk awareness
  • Built and optimized DevOps pipelines for continuous integration and delivery (CI/CD), enabling automated provisioning, testing, and deployment of applications to improve development efficiency and reduce time-to-market

Team Lead Cyber Deterrence

Ministry of Defence
04.2019 - 11.2024
  • Led highly classified Cyber Deterrence Operations in collaboration with NCCC, NTRO, NSCS, CIRA, CERT-In, Services Cyber Groups, NIB, and DRDO, fostering knowledge sharing among sister forces and gaining extensive experience with Advanced Persistent Threats (APT)
  • Conducted thorough investigations of detected intrusions to identify root causes and managed the updating of IPS/IDS signatures to combat emerging threats
  • Designed and implemented network segmentation strategies to isolate sensitive data and systems, enhancing overall security posture
  • Diagnosed and resolved firewall-related issues to ensure network integrity and security
  • Performed large-scale Cybersecurity audits, remediating identified vulnerabilities to strengthen the organization's defenses

Senior Information Security Professional

Indian Air Force
04.2017 - 11.2024
  • Leveraged extensive experience in threat analysis within a highly classified defense environment (24/7), mitigating vulnerabilities and ensuring robust data security for the organization
  • Contributed to the drafting of detailed security policies to guide technology decisions and governance
  • Trained team members on secure coding practices and effective use of scripting languages, fostering a culture of security awareness and technical proficiency
  • Endpoint Security Management: Deployed and managed endpoint security solutions (CrowdStrike, Carbon Black, Microsoft Defender), implementing policies to ensure effective protection across a variety of devices (laptops, desktops, mobile)
  • Reduced malware infections and unauthorized access incidents by over 40% through proactive endpoint hardening

Manager: Cybersecurity, Cyber Audits and Breach Control

PwC India
11.2022 - 03.2024
  • Orchestrated a multi-dimensional cyber defense strategy to perform detailed cyber audits, including vulnerability assessments and penetration tests, enhancing organizational Cybersecurity posture and ensuring compliance with industry standards and frameworks
  • Developed and managed a core team of trained professionals to conduct Cybersecurity Audits and risk analyses, preparing Audit Program Manuals (APM), Risk Control Matrices (RCM), and RFC reviews
  • Spearheaded enterprise-wide security assessments, including vulnerability assessments, penetration testing (VA/PT), and red teaming exercises, identifying critical security gaps and recommending actionable remediation strategies
  • Led global cybersecurity engagements across diverse industries, including telecommunications, energy, aviation, FMCG, healthcare, and banking, providing tailored risk management and security solutions for multinational clients
  • Integrated Intrusion Prevention/Detection Systems (IPS/IDS) with other security tools for comprehensive threat management; conducted in-depth investigations of detected intrusions to determine root causes and developed firewall policies for enhanced perimeter security
  • Threat Detection & Incident Response: Established and fine-tuned advanced threat detection rules within SIEM tools, integrating them with endpoint security and network monitoring systems
  • Conducted incident investigations, providing actionable intelligence to improve overall security posture
  • Designated as Third-Party Auditor and Security Advisor for the Government of Karnataka (08 Dec 2022 - 31 Jan 2023), where I received accolades from the CISO for my pivotal role in elevating Cybersecurity standards

Senior Cybersecurity Auditor

Indian Air Force
04.2012 - 03.2017
  • Established and managed a core team of trained personnel to conduct risk analyses, system certifications, and security assessments for over 50 operational units/stations
  • Led audits of 10+ Data Centers and Network Operation Centers, focusing on security documentation, testing, and achieving System and Organization Control (SOC) Level I & II compliance
  • Data Loss Prevention & Encryption: Implemented data loss prevention (DLP) solutions to secure sensitive data and prevent unauthorized access across endpoints and networks
  • Integrated encryption tools for data in transit and at rest to ensure compliance with privacy regulations (GDPR, CCPA)

Cybersecurity Lead Engineer

Indian Air Force
04.2007 - 03.2012
  • Entrusted extensive authority to lead a team of 30+ Cybersecurity professionals, overseeing cyber operations, digital forensics, malware analysis, and incident response to maintain the Cybersecurity Architecture of the IAF
  • Directed deterrence operations and exploit development while implementing process automation strategies
  • Conducted rigorous code reviews to identify security vulnerabilities and ensure adherence to secure coding practices, contributing to robust software development lifecycles
  • Collaborated with development teams to implement security controls within applications, utilizing programming best practices to mitigate risks early in the development process

Information Technology Support Engineer

Indian Air Force
06.2003 - 03.2007
  • Validated third-party and open-source resources, customizing them to align with internal standards and technical requirements
  • Multi-tasked across various functions and roles to meet deadlines and exceed organizational expectations
  • Integrated automated security testing tools into the CI/CD pipeline, facilitating continuous security assessments and rapid identification of vulnerabilities
  • Utilized programming skills to customize security tools and scripts, optimizing their effectiveness in detecting and remediating threats

Education

Master of Computer Application -

Sikkim Professional University

Master of Arts - Sociology

Shobhit Deemed University

Master's degree in Cybersecurity - Red Teaming

HackerU

Doctorate in Business Administration - Emerging Tech with concentration in GenAI

Golden Gate University
05.2027

Skills

  • ITSM and IT Security Audits
  • Information Security Management System (ISMS)
  • VA/PT and Red Teaming
  • Artificial Intelligence Management System (AIMS)
  • Secure Coding and Development Practices
  • Privacy Management System (PIMS) and GDPR-DPO
  • Enterprise Network Security and Endpoints Security (EDR/XDR)
  • Third Party Risk Management (TPRM)
  • Regulatory Compliance (PCI-DSS, GDPR, HIPAA, NIST etc)
  • Drone Security and Counter sUAS
  • Programming (Python, PHP, ASPnet C, C,Bash etc)
  • Strategic leadership and Operation Management
  • Program/ Project management
  • Relationship building, Team collaboration and leadership
  • Zero Trust Architecture (ZTA)

Websites

Certification

  • Certified Data Privacy Solutions Engineer (CDPSE)
  • Offensive Security Certified Professional (OSCP)
  • Drone Security Operations Certificate (DSOC): DroneSec Australia
  • Certified Ethical Hacker - CEH (Master)
  • Certified Network Defense Architect (C|NDA)
  • General Data Protection Regulation- Data Protection Officer (GDPR-DPO)
  • ISO 31000 Lead Implementer & Lead Auditor
  • ISO 27001 Lead Implementer & Lead Auditor (Information Security Management System - ISMS)
  • ISO 42001:2023 Lead Implementer (Artificial Intelligence Management System - AIMS)
  • ISO 20000 Lead Auditor, Service Management
  • ISO 27701 Lead Implementer (Privacy Implementation Management System - PIMS)
  • Lead Cybersecurity Professional Certificate (LCSPC)
  • DevOps Advanced Professional Certificate
  • Scrum Foundation Professional Certificate (SFPC)
  • Cybersecurity Pro: IBM
  • Cybersecurity Foundation Professional Certificate (CSFPC) on CyBOK ver1.0
  • International Society of Automation (ISA), Member and Contributor

Languages

English
Hindi
Tamil
Malayalam

Timeline

Associate Director: Risk Consulting and Enterprise Security

PwC India
04.2024 - Current

Manager: Cybersecurity, Cyber Audits and Breach Control

PwC India
11.2022 - 03.2024

Team Lead Cyber Deterrence

Ministry of Defence
04.2019 - 11.2024

Senior Information Security Professional

Indian Air Force
04.2017 - 11.2024

Senior Cybersecurity Auditor

Indian Air Force
04.2012 - 03.2017

Cybersecurity Lead Engineer

Indian Air Force
04.2007 - 03.2012

Information Technology Support Engineer

Indian Air Force
06.2003 - 03.2007

Master's degree in Cybersecurity - Red Teaming

HackerU

Doctorate in Business Administration - Emerging Tech with concentration in GenAI

Golden Gate University

Master of Computer Application -

Sikkim Professional University

Master of Arts - Sociology

Shobhit Deemed University

Similar Profiles

CREATE PROFILE
BEN ANTONY