Mukund Shrimali

Internal transition from Myntra; leading Information Security for Myntra under Flipkart's central InfoSec team

• Lead Information security program aligning with enterprise security strategy and compliance requirements.
• Implemented enterprise-wide security architecture for web and mobile applications, enhancing resilience and regulatory compliance.
• Oversaw PCI-DSS and ISO 27001 audits; engaged directly with auditors to ensure successful certifications.
• Regularly brief CISO and senior leadership on emerging threats, residual risk posture, and mitigation strategies.
• Managed and implemented the organization-wide Incident Management program, including incident detection, escalation, response, and post-incident review processes to strengthen resilience.
• Established automated vulnerability assessment processes to improve efficiency and reduce risk exposure.
• Mentor and manage AppSec team, embedding secure coding practices through quarterly training and awareness sessions.
• Partnered with engineering and IT teams to conduct risk assessments for new technology adoption.
• Directed implementation of WAF, Bot Management, and EDR across 5,000+ VMs, ensuring advanced threat protection.
• Deployed CSPM, consistently maintaining >90% compliance score across cloud infrastructure.
• Orchestrated Database Activity Monitoring solution for compliance and data security.
• Led the enterprise-wide AuthNZ initiative, integrating 128+ services handling PII into a centralized platform.
• Mentored Security Assurance team and engaged leadership on risk reduction strategies.
• Partnered with business stakeholders to ensure security was a key enabler in product delivery.

• Managed application security suite, bridging management and Tech Leads, while driving compliance and client satisfaction.
• Crafted API/Mobile/AWS Secure Configuration Guidelines for robust security standards.
• Implemented infrastructure hardening for AWS, containers, and assets.
• Led diverse security assessments including Web App, API, Network, and Mobile Penetration Testing.
• Conducted Architecture Reviews, managed Bug Bounty Program, and automated security through Jenkins (CI/CD) for Avail finance.

• Managed security testing projects across BFSI, e-commerce, and healthcare, aligning assessments with OWASP and compliance requirements.
• Built and led a 4-member security team, fostering growth and operational excellence.
• Partnered with sales and delivery teams to drive pre-sales security engagements.

• Transitioned from intern to permanent position at Iviz Security, specializing in web and mobile app vulnerability scanning according to OWASP and SANS standards.
• Reviewed penetration testing reports, conducted assessments for diverse clients including top banks and IT firms in India, and communicated findings and remediation strategies. Skilled in identifying business-level threats.

• Delivered CEH and cybersecurity training for corporate teams and law enforcement.
• Partnered with cybercrime city police for specialized awareness workshops.