Iyyappan Gopal

Technical Information Security Advisor (TISA)

Walmart Global Tech — July 2024 to till date
Location: chennai

• Partnered closely with stakeholders across MassMart, Walmart US, and international markets to evaluate and advise on secure architectural patterns, balancing security controls with business objectives.
• Acted as a lead Security Architect and Advisor within the Security Partners team, delivering technical leadership to ensure security-by-design as per walmart standards
• Handled Enterprise Detection and Response (EDR), Data Loss Prevention (DLP), and Security Information and Event Management (SIEM) toolsets, with hands-on experience in tools like Splunk, Qualys, Checkmark, and Apiiro.
• Successfully remediated a critical bug bounty vulnerability, collaborating with engineering and business teams to validate and deploy secure patches while minimizing operational impact.
• Managed on-premises JFrog Artifactory infrastructure, supporting global build pipelines and ensuring secure artifact lifecycle management in alignment with Walmart's strategy.
• Led the implementation and operational oversight of Apiiro for code security posture management across Walmart Global, enabling shift-left security and contextual risk analysis across codebase.
• Conducted security design reviews and threat modeling to assess risks, proposing enhancements aligned with NIST 800-53 frameworks.
• Partnered closely with stakeholders across MassMart, Walmart US, and international markets to evaluate and advise on secure architectural patterns, balancing security controls with business objectives.
• Supported risk exception evaluations and contributed to continuous improvement of Walmart’s security architecture governance, documentation, and escalation processes.

• Manage Cyber Security framework in Accenture digital marketing projects with periodic review of critical assets, risks, and vulnerabilities, discover new risks, correlate the Security Analysis, and posture of cyber security.
• Led multiple security transitions in different projects in Cyber security in Azure and AWS platforms.
• Hand-on experience in all resources of Azure and AWS cloud.
• Sitecore Platform, Various Firewalls (F5, Azure, Palo Alto, Cisco ASA etc)
• Managing various Security assignments in identifying, preserving, and recovering.
• Solution design and implementation.
• Planning, designing, testing, implementing, and maintaining client’s network security infrastructure.
• Managing and designing the architect for Clients’ projects.
• Lead application development teams for DevOps CI/CD for new and existing projects.
• Independently Migrated Big IP (F5 WAF) from Third party link to Azure Cloud for USA East & West region. (Start from initial setup to till website go live)
• Independently Migrated Sitecore platform ver 9.3 to 10.3 from IaaS to PaaS.
• Independently Migrated RSA to Azure MFA (1300 + accounts & 200+VM’s) Configure single sign on with SAML integration with F5 APM and Azure Active Directory. Troubleshoot SSO login/logout issue and URL redirection using iRule and local policy.
• Independently Migrated from Site 24x7 to Azure Monitors.
• Independently set it up Azure Sentinel for client azure subscription.
• Independently Enabled MSFT Defender for cloud for AKS containers, SQL, Endpoints (200 VMs) & other azure resources & set it up MS365 dashboard.
• Project worth 1.2M$ and completed successfully without any outage and SI.

• Led Firewall Operations 24x7 Operations, Alert/threat monitoring, Change request executions, Troubleshooting.
• Led URL Filtering &IP Blocking, Business rules for URL/IP filtering, URL blocking and Unblocking, Malicious IP blocking, DDoS Operations, MO creations & GRE testing for DDoS customers, Troubleshooting.
• Blocked all China related Urls & Apps, Based on TRAI requirements with 2days times and rolled out this setup PAN India users, used Netsweeper Platfrom.
• Managed 22 banks leased Line with DDoS protection with Non-Security threat free connections.
• To align with business, technology, and support functions to enable them to operate securely and effectively.
• Managed Cyber Security Framework for the largest telecom with periodic review of critical assets, risks, and vulnerabilities, discovering new risks, correlated the Security Analysis, integrated SOC intelligence, and creating a 360 degrees posture of cyber security.
• Software & Hardware resources and equipment procurement. Helped in increased productivity of networks, Resources, and meeting deliverables on time.
• Project Management Coordinated with multiple horizontal security tools/projects roll out as part of the world's major merger and acquisitions. Played a pivotal role from RFP to implementation and regularizing the operations across multiple Security and non-security projects.
• Automation through innovations: identified the automation possibilities in operational task and implemented multiple bots across regular operations to ensure error free and optimized utilization of resources.

• Led multiple security transition projects in security Tools and unifying SOC during merger of Vodafone and Idea.
• Managed various Security assignments in identifying, preserving, recovering, and presenting relevant digital evidence concerning Intrusion/attack or digital fraud.
• Coordinated with various Government agencies for reporting cyber security incidents and managed online reputation management.
• Integrated various tools like SIEM, RAPID, DDOS, URL filtering and Federated digital Access management.
• Led Vodafone-Idea Merger project for the newly merged company (VI) to create Day-0 readiness, implementation of unified Processes, Security solutions, and services for cyber security posture enhancement.
• Lead in the development/adoption and enforcement of Cyber Security assurance & risk compliance programs.
• Ensure remedial action to reduce/diminish the impact of information security incidents and breaches.
• To ensure all legal (IT Act 2008, MeitY, CERT-In), regulatory (DoT, TRAI), statutory (ICFR, SOX), contractual (OEMs, Suppliers, Enterprise customers) and industry best practices compliance.
• Established Business Continuity Management lifecycle, BCMS & ISMS implementation and certification for national critical Telecom infrastructure (scope: 23 Circles, 4 Regional Operations, 127 Technical sites, Data Center and corporate office) and certification of ISO 223001 and ISO 27001.
• Developed and implemented network security policy (ITU-T X805) framework, Third party security policy, Information Security policy and implemented MBSS for various Network Elements (Voice Core- 3G, 2G, LTE, Packet core GGSN, SGSN, LAN WAN and OSS and other IT systems).
• Developed and implemented MBSS for various Network Elements (Voice Core- 3G, 2G, LTE, Packet core GGSN, SGSN, O&M, LAN WAN and OSS, OS) with automated scripts for checking the level of implementation effectiveness.
• Worked extensively with senior business leaders and top consulting firms.