Mahesh Hiremath
Bangalore
Summary
Result-oriented Cyber Security Professional with 15 years of experience designing and piloting targeted cyber risk assessment programs. Expert in elevating policy documentation and driving corporate regulatory mapping across global frameworks (ISO 27001, NIST, GDPR). Proven track record in evaluating control effectiveness, executing compliance initiatives, and managing remediation plans through closure.
Overview
16
16
years of professional experience
4
4
Certifications
Work History
Security Consultant
Tech Mahindra
06.2025 - Current
- Client: Global Aerospace & Defense Company
- Risk Program Management: Driving the proactive security compliance team to identify, assess, and manage organizational risks across applications, databases, and cloud systems.
- Assessment & Strategy: Conducting comprehensive risk assessments and analysis to enhance the client's overall security posture.
- Policy Development: Developing and elevating security strategies and policies to align with corporate governance frameworks.
- Incident Mitigation: Managing incident response and mitigation strategies to address emerging risks.
Principal Engineer (Security & Privacy)
Dell Technologies
04.2021 - 06.2025
- Client: Global Aerospace & Defense Company
- Regulatory Compliance: Evaluated organizational applications to ensure full traceability and compliance with industry standards like ISO and GDPR.
- Remediation Management: Facilitated the remediation of identified vulnerabilities for internal applications, tracking plans through to closure.
- Stakeholder Engagement: Provided technical business support to stakeholders and the Information Security Manager on all aspects of the information security sphere.
IT and Data Analyst (Security & Privacy)
Boeing
09.2017 - 04.2021
- Control Effectiveness: Assessed access control (ACP) documents to validate roles and responsibilities, ensuring alignment with internal standards.
- Criticality Assessment: Executed System Criticality Management Processes (SCMP) to perform business criticality assessments for new and existing applications.
- Audit Support: Actively participated in enterprise audits, providing artifacts and business justification to demonstrate regulatory compliance.
- Governance: Evaluated applications to ensure compliance with industry norms and regulatory standards.
Sr. Information Security Engineer
Epsilon
10.2016 - 09.2017
- Risk Identification: Identified vulnerabilities and protected the confidentiality, integrity, and availability of critical data as part of the SOC team.
- Threat Analysis: Conducted Threat & Vulnerability Assessments and coordinated with IT teams for timely resolution of risks.
- Reporting: Created daily security KPI reports to synthesize compliance updates for management.
Senior IT Security Engineer
Toshiba Software India Pvt Ltd
07.2013 - 10.2016
- Gap Analysis: Responsible for identifying security gaps and vulnerabilities using various tools and techniques.
- Audit Execution: Assisted in organization IS Internal Audits (ISMS) to ensure systems functioned properly and controls were effective.
- Policy Improvement: Provided direction for improving organizational InfoSec policies, processes, and standards.
- Metrics & Reporting: Compiled security metrics and validated events against organization standard policies for compliance.
IT Security Analyst
IBM India Pvt Ltd
05.2010 - 07.2013
- Vulnerability Management: Executed the process of identifying security threats, analyzing impact, and implementing mitigating controls.
- Trend Analysis: Reported common problems and trend analysis to management to propose process improvements.
- Documentation: Maintained end-to-end process documentation for defined processes to account for changes over time.
Education
Bachelor of Engineering - Computer Science
Visvesvaraya Technological University (VTU)
Skills
Risk Assessment Program Design: End-to-end Cyber Risk Assessments, Mitigation Strategies, Risk Impact Analysis
Certification
CISM - Certified Information Security Manager {ISACA)
Timeline
Security Consultant
Tech Mahindra
06.2025 - Current
Principal Engineer (Security & Privacy)
Dell Technologies
04.2021 - 06.2025
IT and Data Analyst (Security & Privacy)
Boeing
09.2017 - 04.2021
Sr. Information Security Engineer
Epsilon
10.2016 - 09.2017
Senior IT Security Engineer
Toshiba Software India Pvt Ltd
07.2013 - 10.2016
IT Security Analyst
IBM India Pvt Ltd
05.2010 - 07.2013
Bachelor of Engineering - Computer Science
Visvesvaraya Technological University (VTU)