Kunal Sinha
Hyderabad
Summary
Kunal Sinha is a Cybersecurity Specialist at Microsoft, part of the M365 Core Security team, where he leads technology security infrastructure and policy compliance across Azure cloud and global data centers. Based in Hyderabad, he serves as the primary contact for vulnerability management and provides security guidance to Microsoft’s internal tech teams.
He began his career at EC-Council contributing to the C|EH certification, and has since held key roles at SAP SuccessFactors, Deloitte, ServiceNow, and Cotiviti, gaining deep experience in cloud security, VA/PT, ISO 27001, and risk management. Kunal is known for his collaborative style, technical expertise, and commitment to securing complex enterprise environments.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Cyber Security Specialist and Program Manager
Microsoft
Hyderabad
- Current
- Responsible for invisible Security for this service and reduce attack surface.
- Improved the Network Security Architecture for M365 Azure tenant.
- Responsible for implementing EDR across M365 Azure cloud.
- Improved Security Documentation and Reporting.
- Collaborate with Compliance and Operational team.
- Improve firm standard by identify and mitigate risk.
- Specialist in identifying and documenting root cause analysis for incident.
- Lead the stakeholder engagement with business owners.
- Responsible for Repo Compliance.
- Implemented Zero Trust by implementing Privileged Access management.
Cyber Security Team Lead
Cotiviti
06.2018 - 05.2021
- Working in Cyber Security Team of Cotiviti and lead the Vulnerability Management and Policy compliance module.
- Manage the team of 20 members for Security Operations.
- Assist to achieve the HITrust compliance for Cotiviti.
- Developed the gold image with CIS Benchmark for all the technology.
- Assist in determining risk in the environment and work in mitigating its impact.
- Expert of Azure Security Architecture and Microsoft products.
Corporate Information Security Office (CISO Executive)
ServiceNow
05.2017 - 06.2018
- Single handily manages Vulnerability management across all the ServiceNow devices.
- Responsible for Date Centre Information Security.
- Responsible for End Points Devices Security.
- Review changes happening in Data Centres devices.
- Manager of QUALYS (VM and PC Module) for EU assets of ServiceNow.
- Configuring Asset Group in Qualys and importing it to ServiceNow CMDB.
- Perform the authenticated scan (Authentication using integrated the Password Vault).
- Reporting in all format also integrated with new ServiceNow Vulnerability response module.
- Enforce Qualys policy compliance with internal Policy, industry mandated and external regulations.
- Lead Configuration compliance standard project -achieve agreement on common industry standard compliance benchmarks using CIS.
- Periodic policy scans and reporting within the Windows server, UNIX, Network, Cloud Environment.
- Review of failing controls and any subsequent implementation of controls configuration.
- Deploy Qualys agent access all End points.
- Deploy EC2 Connector on AWS devices and Qualys agent on Azure devices.
Global Information Security Office (CISO Executive)
Deloitte
05.2011 - 04.2017
- Working for Deloitte Global Information Security Office (Deloitte CISO Executive) which is responsible to secure Information System of Deloitte and its member firm.
- Develop the Information Security Strategy which is implanted across Deloitte.
- Publish the GISO bulletin for any information security issues.
- Implement ISO-27001 standard control and PCI-DSS Control.
- Woking with Deloitte Member Firm to improve their Security Standard.
- Primarily responsible for Global Hosting Center(Date Center) Security and Compliance.
- Perform Vulnerability Assessment using Qualys.
- Perform the Security Sign off while any asset is moved to production SLA.
- Review request for change in Security prospective.
- Incident Response and Forensic Investigation.
- Provide guidance to SOC team which handle the SIEM (Arcsight).
Security Operation Center
SAP SuccessFactors
08.2009 - 04.2011
- Working for Security Operation Canter of SuccessFactors which is having seven Data Canters, one corporate office and several branch offices across the world.
- Detection and protection of intrusions in real-time (IDS, IPS).
- Systematize the security devices including Firewall, RSA, Tripwire, OSSIM etc.
- Centralized log management and analysis.
- Incident management and response.
- Vulnerability assessment and Penetration testing.
- Characterize security policy of organization.
- Regularly perform the Internal Audit.
- Generate weekly and monthly report from heterogeneous security products in regular language.
- Regularly accomplish awareness program for member of other team on information security.
Research Associate
EC-Council
08.2007 - 05.2009
- Involved in preparing course and exam materials.
- Played a pivotal role in preparing the EC-Council C|EH certification.
Education
MBA - IT
Swami Vivekananda Subharti University
12.2021
B.Tech - Computer Science
UPTU Lucknow
12.2007
PGDCL&IR - Cyber Law
Hyderabad Central University
12.2011
Skills
- Azure
- AWS
- GCP
- Windows
- Linux
- Cisco
- Juniper
- MS Office
- RSA
- Tripwire
- Qualys
- Splunk
- PCI- DSS
- ISO 27000
- BS7799
- ITIL
- NIST
- SANS
- JIS X 5080
- SAS 70
- SOX
- HIPAA
- Agile
- SAAS
- IAAS
- PAAS
- MRTG
- Nmap
- SolarWinds Engineer's Toolset
- Nessus
- Ossim
- Wikto Footprinting Tool
- Whois
- Domain Research Tool (DRT)
- Access PassView
- Snort
- Windump
- Etherpeek
- John the Ripper
- L0phtCrack (LC4)
- Brutus
- Cain & Abel
- Microsoft Cryptography Tools
- CryptoSafe
- CrypSecure
- Fort Knox
- Blindside
- S- Tools
- Steghide
- Net Spy Pro
- SpyBoss Pro
- Spyware Terminator
- AVG Antivirus
- Norton Antivirus
- McAfee
- CA Anti-Virus
- Kaspersky Anti-Virus
- Cylance
- VisualRoute Mail Tracker
- EMailTrackerPro
- PhishTank
- SiteChecker
- NetCraft
- Checkpoint
- SonicWall
- Netgear
- Cisco ASA
- Cisco PIX
- ProofPoint
- AEVITA Stop SPAM Email
- AntispamSniper
- MailWasher Free
- Backtrap
- OSSIM
- EnCase
- FDK
Certification
- ISO27001 Certification from BSI
- ITIL Version 3 Certification
- QualysGuard Certified Specialist in Vulnerability Management
- CEH Version 6
- CHFI Version 3
- LPT Certified
- Security+
- Preparing for CISSP
<Enter your own>
- Passport Country: India
- Religion: Hindu
- Visa Status: B1 Visa
- Date of Birth: 26th March 1984
- Gender: Male
- Nationality: Indian
- Marital Status: Married
Tools
Tripwire, MRTG, Qualys, Nmap, SolarWinds Engineer's Toolset, Nessus, Ossim, Wikto Footprinting Tool, Whois, Domain Research Tool (DRT), Access PassView, Snort, Windump, Etherpeek, John the Ripper, L0phtCrack (LC4), Brutus, Cain & Abel, Microsoft Cryptography Tools, CryptoSafe, CrypSecure, Fort Knox, Blindside, S-Tools, Steghide, Net Spy Pro, SpyBoss Pro, Spyware Terminator, AVG Antivirus, Norton Antivirus, McAfee, CA Anti-Virus, Kaspersky Anti-Virus, Cylance, VisualRoute Mail Tracker, eMailTrackerPro, PhishTank SiteChecker, NetCraft, Checkpoint, SonicWall, Netgear, Cisco ASA and PIX, ProofPoint, AEVITA Stop SPAM Email, AntispamSniper, MailWasher Free, Backtrap, OSSIM, EnCase, FDK
Timeline
Cyber Security Team Lead
Cotiviti
06.2018 - 05.2021
Corporate Information Security Office (CISO Executive)
ServiceNow
05.2017 - 06.2018
Global Information Security Office (CISO Executive)
Deloitte
05.2011 - 04.2017
Security Operation Center
SAP SuccessFactors
08.2009 - 04.2011
Research Associate
EC-Council
08.2007 - 05.2009
Cyber Security Specialist and Program Manager
Microsoft
- Current
MBA - IT
Swami Vivekananda Subharti University
B.Tech - Computer Science
UPTU Lucknow
PGDCL&IR - Cyber Law
Hyderabad Central University
Similar Profiles
Shubham SinghShubham Singh
Software Developer II (Level 62) at MicrosoftSoftware Developer II (Level 62) at Microsoft
DIVJOT SINGHDIVJOT SINGH
Software Engineer II at MicrosoftSoftware Engineer II at Microsoft
Premlata KumariPremlata Kumari
Technical Program Manager at MicrosoftTechnical Program Manager at Microsoft
REAGAN M. HARKINREAGAN M. HARKIN
Customer Experience Program Mgr., Dragon Copilot at MicrosoftCustomer Experience Program Mgr., Dragon Copilot at Microsoft
SRINIVAS NEELAMSRINIVAS NEELAM
Senior Service Engineer at S SCIENTIFIC INSTRUMENTSSenior Service Engineer at S SCIENTIFIC INSTRUMENTS