MUKESH ANNAMALAI

Security Strategy and Engineering Leadership

• Strategic Roadmap Ownership: Directed the engineering and operational lifecycle for global security technologies, including EDR, DLP, and Identity Management
• Modernization and Automation: Spearheaded digital transformation initiatives that replaced manual workflows with automated security data pipelines, significantly improving threat detection and incident response (CERT) capabilities.
• Enterprise Security Stack: Oversaw the deployment and maintenance of high-scale systems: WAF, Firewalls, IDS/IPS, Email Security, E-PAM, PAM, CrowdStrike NG-SIEM/SOAR, and DMARC, ensuring platform resilience and high-quality telemetry for the SOC.
• Executive & Board Reporting: Prepared and presented detailed IT and security performance metrics to the Board of Directors, influencing strategic investment and risk mitigation decisions.
• Compliance and Risk Management: Led through risk assessments and updated global IT policies to maintain strict adherence to evolving regulatory requirements and industry standards. Tools like Qualys VMDR, Qualys CSAM, and Scrut IO (Risc & Gov)
• IT Infra Digital Transformation - Modern Helpdesk, OpenShift, Intune for Linux, SD-WAN, NW Load Balancer.
• Disaster Recovery & Continuity: Engineered and tested robust business continuity plans, ensuring operational stability across global infrastructure during unforeseen system failures.
• Budgetary Oversight: Developed and managed comprehensive IT/Security budgets, optimizing resource allocation to support high-priority security engineering projects, while reducing waste.
• Vendor Performance: Managed key service provider relationships, negotiating contracts, and ensuring SLA adherence across managed security platforms and third-party support services.
• Team Mentorship: Led and coached a diverse team of senior engineers to leaders, fostering a high-performance, inclusive culture focused on operational maturity. Continues learning, agility, and expertise in making a team multi-skilled.
• Platforms: EDR (CrowdStrike EDR, NG-SIEM, ITP, BeyondTrust PAM, NGINX WAF, Cisco, PA, Fortinet Next-Gen Firewalls, Mimecast, AdminByRequest, Advanced Malware Protection, Netscope CASB, Netskope Private Access (ZTNA), Web Security, Veeam Backup), Qualys - VMDR.
• OKR (Objectives and Key Results) framework to align milestones with corporate strategy, ensuring 100% transparency in tracking security resilience, and operational growth.
• Domains: Network Security, Endpoint Protection, Cloud Security, Database.
• Governance and Framework - Crosswalk (NIST & CIS), Scrut.io, ISMS, SOC 2, Data Privacy (ISO 27701),
• Management: CAPEX/OPEX budgeting, vendor management, regulatory compliance, disaster recovery.

• Architected and executed the 'Greenfield' setup of a premier Global Capability Center (GCC), scaling from zero to over 400 multidisciplinary IT and security professionals in record time to centralize global operations for News Corp.
• Defined the target operating model (TOM) and hierarchical structure for cross-functional teams, including Cloud Infrastructure, Cyber Security (SOC/IR), and Enterprise Service Desk.
• Security Engineering: Directed the enterprise-wide rollout of CrowdStrike Falcon (EDR); established an integrated SOC that utilized automated detection logic to significantly reduce Mean Time to Respond (MTTR).
• Organizational Design: Defined the target operating model (TOM) and hierarchical structure for cross-functional teams, including Cloud Infrastructure, Cyber Security (SOC/IR), and Enterprise Service Desk.
• KPI & Governance Framework: Established the initial suite of operational metrics and SLAs, utilizing real-time dashboards to provide executive leadership with transparency into the center's performance and ROI.
• Talent Acquisition & Culture: Led the end-to-end recruitment strategy, technical benchmarking, and onboarding frameworks to secure talent in a competitive market.
• Incident Resilience: Spearheaded the Root Cause Analysis (RCA) process for high-impact service failures, implementing technical hardening measures that reduced recurring incidents.
• Strategic Reporting: Automated the reporting of Key Risk Indicators (KRIs) and performance metrics, providing global stakeholders with real-time visibility into operational health and security posture.

Key Achievement: Orchestrated a global Infrastructure Modernization and Resilience Program for a Fortune 500 Industrial Manufacturing and HealthTech Leader (Philips), managing the end-to-end lifecycle of mission-critical production environments across global sites.

• Risk-Based Vulnerability Orchestration: Engineered and led an enterprise-wide Vulnerability Management (VM) program that synchronized security patching with operational uptime. Strategically prioritized the remediation of critical technical debt, reducing infrastructure exposure, while maintaining 100% availability for mission-critical, 24/7 manufacturing lines.
• Global Infrastructure Modernization: Spearheaded a multi-region rollout of Software-Defined Networking (SD-WAN), and optimized MPLS circuits, reducing global connectivity costs by 20%, while increasing bandwidth for branch offices.
• Integrated Risk Assessment: Evaluated global infrastructure needs across diverse business units, identifying underperforming legacy systems, and implementing centralized Identity and Access Management (IAM) and network segmentation controls.
• Directed the global rollout of Azure AD Conditional Access and Multi-Factor Authentication (MFA), establishing Identity as the primary security perimeter, and consolidating SaaS applications.

Key Achievement: Orchestrated end-to-end service delivery and security governance for a portfolio of high-value Banking and Financial Services (BFS) clients, ensuring 100% alignment with stringent financial regulatory requirements.

• Regulatory & Compliance Governance: Directed infrastructure and security audits to ensure client environments met PCI-DSS, SOX, and spearheaded the remediation of audit findings to maintain high-trust certifications.
• Service Level Engineering: Negotiated and managed complex Service Level Agreements (SLAs) and Operational Level Agreements (OLAs), balancing high-frequency trading requirements with rigorous security patching cycles.
• Business Continuity & Disaster Recovery (BCDR): Led the design and testing of cross-site disaster recovery strategies for financial systems, ensuring near-zero recovery time objectives (RTO) for mission-critical banking applications.
• Incident & Root Cause Analysis: Managed the response to high-priority service failures, conducting deep-dive Root Cause Analysis (RCA), and implementing corrective actions that enhanced system stability by 20% year-over-year.
• Strategic Security Roadmapping: Monitored fintech industry trends and emerging threat landscapes to advise clients on the adoption of digital transformation.
• Data-Driven Performance Management: Developed executive-level dashboards to track Key Performance Indicators (KPIs) and Security Posture Scores, utilizing data to drive quarterly business reviews (QBRs), and strategic planning.
• Agile Project Orchestration: Monitored project milestones for large-scale infrastructure migrations, proactively adjusting resource allocation and mitigation plans to address technical blockers, and maintain delivery timelines.
• Vendor and Third-Party Risk Management (TPRM): Analyzed internal and third-party processes to optimize service delivery, reducing supply-chain risk, and improving operational efficiency for the client's partner ecosystem.

Aventail (acquired by SonicWall) was a pioneer in SSL VPN and SSL-AES (Advanced Endpoint Security). As a Support Engineer for their VPN product, you were at the front lines of secure remote access.

Key Achievement: Provided Tier 3 technical engineering support for global enterprise clients, specializing in the deployment, troubleshooting, and optimization of SSL VPN appliances, and End-Point Control (EPC) security suites.

• Secure Access Engineering: Diagnosed and resolved complex connectivity and authentication issues involving SSL/TLS protocols, LDAP/Active Directory integration, and RADIUS authentication for remote workforces.
• Endpoint Security & Compliance: Configured and supported End-Point Control (EPC) policies to ensure remote devices met corporate security baselines (Antivirus, Firewall, OS patches) prior to granting network access.
• Network Infrastructure Troubleshooting: Provided a deep-dive analysis of TCP/IP networking, routing, and firewall rules to ensure seamless 'Tunnel Mode' and 'Web Proxy' connectivity across diverse client environments.
• Incident Management: Managed the full lifecycle of high-priority technical incidents, coordinating with R&D and Product Engineering to develop hotfixes and patches for critical vulnerabilities.
• Security Documentation & Knowledge Transfer: Authored technical whitepapers and knowledge-base articles regarding SSL VPN architecture and secure remote access best practices to improve client self-service, and internal team efficiency.
• Client Advocacy: Acted as a technical consultant for enterprise IT teams during large-scale VPN migrations and global rollouts, ensuring minimal downtime and maximum security posture.