Summary
Overview
Work History
Education
Skills
Certification
Awards
Hi, I’m

Lohit Mehta

Cyber Security Leader
Hyderabad

Summary

Strategic cyber security specialist skilled in reducing organizations cyber risk by infusing security into system designs, creating cutting edge security tools , deploying and managing cyber security solutions and by combating modern cyber attacks through monitoring,correlation, reverse engineering and forensics.

Overview

13
years of professional experience
7
Certifications

Work History

Salesforce.com
Hyderabad

Information Security Director/Principal Engineer
11.2017 - Current

Job overview

  • Managed global threat and vulnerability management team (16 members) to assess cyber risk across 1M+ Salesforce assets deployed in 1P, multiple cloud substrates on daily basis.
  • Implemented multiple engineering services to improve vulnerability detection time from multiple days to less than 24 hours.
  • Transitioned team operating model from classic ops to DevOps. This resulted in faster product delivery with engineering excellence and reduction in manual efforts(saving 50 man hours/week at-least).
  • Designed Deception technology program in Salesforce with various decoy lures chains implemented. This program helped to map Salesforce external attack surface with external decoys and also helped create high fidelity rules to detect lateral movement.
  • Designed and implemented scalable self service portal to assist employees in approving application block requests. This has resulted in ticket reduction by 80% and overall reduction of end users being blocked from 3-4 days to 15 minutes.
  • Lead team to deliver multi cloud substrate vulnerability scanning stack which can spin up in minutes and ready to scan. This saved 1 FTE operations effort to provision and maintain vulnerability scanning stack.
  • Created secure policies and baselines for Salesforce AWS footprint and developed in-house tools to audit against created baselines which detected more than 100 insecurely configured AWS services including public buckets, snapshots, exposed DB etc around several Salesforce AWS accounts.

Microsoft
Hyderabad

Senior Security Engineer 2
09.2016 - 10.2017

Job overview

  • Automated end to end vulnerability agent and server stack deployment on all OS's which saved 1 FTE operations hours.
  • Published Internal papers on detailed analysis on WannaCry & Petya ransomware.
  • Developed Vulnerability framework to collect information about new threats and vulnerabilities and integrated with existing 3rd party solutions to provide proactive assessment.

Cisco
Bangalore

Information Security Engineer
03.2015 - 09.2016

Job overview

  • Developed internal tool to oversee monitoring of 3rd party SIEM products which improved efficiency by 93% to troubleshoot missing log source issue.
  • Lead engineering operations for Cisco CSIRT from India and solved complex use cases in log correlation from various sources to assist in attack chain formation.


Oracle
Noida

Security Analyst
05.2014 - 03.2015

Job overview

  • Developed in-house File Integrity Monitoring (FIM) tool to comply with PCI-DSS compliance.
  • Completed vulnerability scans to identify at-risk systems and remediate issues with 90% efficiency by advocating shift left approach.
  • Performed risk analyses to identify appropriate security countermeasures.

Infosys
Chandigarh

Senior Systems Engineer
11.2010 - 05.2014

Job overview

  • Performed root cause analysis to provide resolutions for production issues.
  • Worked on various HLD, RFPs/RFIs and implemented security controls around cloud transformation journey for many clients.
  • Conducted PCI-DSS audit for large multinational bank and provided remediation strategies to address gaps.
  • Integrated SIEM with other security solutions to develop correlation and remove false positives by 80%.

Education

Ambala College of Engineering And Applied Research
Ambala

Bachelor of Technology from ComputerScience
08.2006 - 08.2010

Skills

Security research, design and architecture

Threat & Vulnerability Management

Cloud Security

CI/CD, Infrastructure as Code(IaC)

MITRE framework(ATT&CK , D3FEND)

Certification

Offensive Security - OSCP

Awards

  • Salesforce: Security Guru Award
  • Microsoft: Star Award
  • Infosys: On Spot Award

Similar Profiles

  • Joey PrestiaJoey Prestia

    Principal Information Security Architect at Choice Hotels InternationalPrincipal Information Security Architect at Choice Hotels International

  • Matthew DiSanoMatthew DiSano

    Director Information Security/IT Security Officer at Brown Physicians Inc.Director Information Security/IT Security Officer at Brown Physicians Inc.

  • Anthony K SorkpahAnthony K Sorkpah

    Information System Security Officer (ISSO) at Datasec IncInformation System Security Officer (ISSO) at Datasec Inc

  • Edward Hart-LorenzettiEdward Hart-Lorenzetti

    Principal Security Engineer (Security Architecture / Automation / Platform) at BusinessPrincipal Security Engineer (Security Architecture / Automation / Platform) at Business

CREATE PROFILE
Lohit MehtaCyber Security Leader