Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Palak Garg

Bengaluru

Summary

Goal-focused expert with 9 years of experience in directing Corporate IT Security initiatives, delivering robust zero trust security frameworks, and refining controls to foster a secure and efficient operational landscape.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Senior IT Security Engineer

Atlan
Bengaluru
10.2024 - Current
  • Orchestrated the end-to-end implementation of enterprise-grade security controls anchored in a Zero Trust architecture. Led the deployment of Netskope-powered DLP solutions-including Secure Web Gateway (SWG), Endpoint DLP, and CASB/API Protection-ensuring data protection across web, endpoint, and SaaS layers. Designed and enforced device trust policies to effectively segment and control access between managed and unmanaged devices, aligning with organizational risk posture and compliance objectives.
  • Directed organization-wide email security modernization by architecting and managing SPF, DKIM, and DMARC configurations, along with inbound email protection strategies. Partnered with different teams to strengthen brand protection, mitigate spoofing and phishing threats, and enhance domain trust, visibility, and deliverability.
  • Championed complex enterprise migrations and identity integrations across business-critical platforms, including Slack Enterprise Grid, Apple MAID claim, and SCIM/SSO implementations for GitHub, 1Password, and Google Workspace etc.
  • Integrated key business applications with Vanta (TPRM platform) to automate security and compliance control checks across the organization. Enabled continuous monitoring of third-party risks by establishing API-based auto-checks for critical systems. Led internal security audits and played a key role in external assessments, including GDPR and other regulatory compliance audits, by aligning technical controls, documentation, and evidence gathering with audit frameworks.
  • Defined and operationalized security-led procurement and compliance workflows, introducing structured risk acceptance processes, embedding security review checkpoints for third-party tools.
  • Spearheaded company-wide security awareness and enablement, delivering targeted phishing simulation campaigns, publishing real-time security advisories, leading live training sessions, and scaling self-serve security documentation to empower end users and reduce human risk.
  • Led cross-functional incident response operations, coordinating containment, communication, and post-mortem analysis for phishing, impersonation threats, and geopolitical risk-driven campaigns. Published security advisories tailored for executives, operational teams, and end users.

Senior Information Security Engineer

Unacademy
Bengaluru
04.2022 - 10.2024
  • Improve the security posture of five entities - Unacademy, Prepladder, Codechef, Relevel, and Graphy - by conducting in-depth security assessments and providing recommendations aligned with CIS Benchmarks, NIST guidelines, and ISO 27001 standards.
  • Manage identities at scale across multiple domains, including the implementation and administration of AWS IAM, and integrate various SaaS applications with centralized identity platforms to streamline and secure access.
  • Ensure email security by implementing and managing EasyDMARC, while continuously monitoring and optimizing DMARC, DKIM, and SPF records to mitigate phishing and spoofing, thereby enhancing domain reputation and deliverability.
  • Oversee Cloud Security Posture Management (CSPM) using Prisma Cloud, and actively respond to security threats across multiple AWS accounts - including IAM misconfigurations, exposed services, and network vulnerabilities.
  • Administer Google Workspace to enforce enterprise-level data protection, identity management, and respond to phishing attempts and password leak incidents effectively.
  • Integrate security controls across IT infrastructure, covering endpoint protection, identity and access management, and network security, to ensure a robust and compliant environment.

Security Engineer

Flipkart Internet Pvt Ltd
Bengaluru
05.2021 - 04.2022
  • Design and solution security controls across enterprise environments, ensuring alignment with organizational needs and regulatory requirements.
  • Perform security reviews for platforms such as Google Workspace, AWS, Nessus, Forcepoint DLP, and Google MDM, optimizing their effectiveness based on industry best practices including NIST, CIS, and ISO 27001.
  • Assess third-party and vendor risks, evaluating security implications of external integrations to maintain a strong security posture.
  • Baseline and standardize security controls for deployed tools and technologies, ensuring consistency and compliance across the organization.
  • Lead security awareness initiatives by developing and delivering training programs, phishing simulations, and internal communications to educate employees and reduce cyber risk.

Endpoint Security Administrator

ZS
Pune
03.2019 - 05.2021
  • Own and manage the organization's overall endpoint security posture, serving as the primary SME for secure web gateway solutions including Zscaler Internet Gateway and Cisco Umbrella.
  • Administer and investigate endpoint threats using CrowdStrike (NGAV), perform real-time response actions, and enforce DLP policies via Endpoint Protector and Safend to prevent data loss.
  • Manage application control and threat prevention by configuring rules in Carbon Black, monitoring endpoint compliance through internal audits, and deploying critical patches and updates via SCCM.
  • Collaborate with internal stakeholders and external vendors on technical escalations, support customer security audits, and generate strategic security reports to inform organization-wide decisions.

Cyber Security Analyst

Cognizant Technology Solutions
Pune
11.2016 - 02.2019
  • Have worked for a banking sector client as a security analyst and provided support with high confidentiality.
  • Managed security tools that include Cisco Ironport and Proofpoint for email security, Palo Alto Firewall, Cisco Ironport and Forcepoint for secure web gateway, McAfee and Sophos for Antivirus, Nessus for vulnerability scanning, Carbon Black for application control.

Education

B.Tech - Electronics and Communication Engineering

Jaypee University of Engineering and Technology
Guna
06.2016

Skills

  • Data protection regulations - GDPR, DPDPA, HIPAA, PCI-DSS
  • Zero trust architecture
  • Security analytics and technologies
  • Web security solutions
  • Next-gen antivirus and endpoint detection
  • Data loss prevention strategies
  • Email security protocols
  • Cloud security posture management
  • Security frameworks - CIS, NIST, ISO 27001
  • Identity and access management practices
  • Stakeholder engagement
  • Cross-functional collaboration techniques
  • Security awareness training

Certification

  • AWS Certified Security Specialty
  • AWS Certified Cloud Practitioner
  • Zscaler Certified Cloud Professional - Internet Access
  • Zscaler Certified Cloud Administrator - Security Specialist
  • CompTIA Security+ce Certification
  • Zscaler Certified Cloud Administrator - Internet Access
  • VMware Carbon Black App Control Associate Analyst
  • AWS Certified Solutions Architect - Associate

Timeline

Senior IT Security Engineer

Atlan
10.2024 - Current

Senior Information Security Engineer

Unacademy
04.2022 - 10.2024

Security Engineer

Flipkart Internet Pvt Ltd
05.2021 - 04.2022

Endpoint Security Administrator

ZS
03.2019 - 05.2021

Cyber Security Analyst

Cognizant Technology Solutions
11.2016 - 02.2019

B.Tech - Electronics and Communication Engineering

Jaypee University of Engineering and Technology

Similar Profiles

CREATE PROFILE
Palak Garg