Summary
Overview
Work History
Education
Skills
Certification
KEY PROJECTS AND ACHIEVEMENTS
Technical skills
Timeline
Generic

Pratik Nagda

Security Analyst
Mumbai

Summary

Cybersecurity professional with 4+ years of experience in Governance, Risk, and Compliance (GRC), specializing in risk assessments, vendor audits, incident response, and regulatory compliance (ISO 27001, SOC 2, PCI DSS, HIPAA, GDPR, DORA). Certified CEH and ISO/IEC 27001 Lead Auditor. Proficient in SIEM tools, threat intelligence, vulnerability management, Microsoft Defender, 6clicks, and OSINT platforms.

Overview

4
4
years of professional experience
4
4
years of post-secondary education
2
2
Certifications

Work History

Security Analyst

Modulr
07.2024 - Current
  • Led third-party security assessments for 30+ vendors, assigning risk scores and preparing comprehensive risk reports for senior leadership.
  • Performed internal audits and risk assessments to identify compliance gaps and mitigate risks.
  • Developed and implemented strategic mitigation plans, resulting in a 20% reduction in vendor-related risk exposure
  • Advised stakeholders on remediation strategies aligned with ISO 27001, PCI DSS, HIPAA, SOC 2, NIST and DORA.
  • Managed GRC workflows and automated compliance tracking using the 6clicks platform, improving audit readiness and process efficiency.
  • Utilized Microsoft Defender to oversee vulnerability management and endpoint protection for 500+ endpoints.
  • Key Achievement: Enhanced audit readiness, contributing to 100% compliance across five regulatory frameworks.

Associate Security Operations

Netsurion Technologies
02.2021 - 07.2024
  • Triaged and escalated 3,000+ security alerts annually using EventTracker, prioritizing and responding to critical incidents within SLA.
  • Monitored and analyzed firewalls, IDS/IPS, and Active Directory logs to detect and mitigate security threats.
  • Conducted third-party risk assessments in line with ISO 27001, SOC 2, GDPR, HIPAA, NIST, DORA, and PCI DSS requirements.
  • Used OSINT tools for external threat intelligence and hunting.
  • Responded to malware, phishing, and access violation incidents across client networks.
  • Key Achievement: Maintained 95% SLA compliance in incident response for over 30 client organizations.
  • Key Achievement: Reduced false positives by 15% through fine-tuning correlation rules and alerts.

Education

Bachelor of Science - Computer Engineering

University of Mumbai
06.2013 - 05.2017

Skills

Security information and event management

Vulnerability assessment

Identity and Access management

Intrusion detection

undefined

Certification

Certified Ethical Hacker (CEH v10), EC-Council, 01/01/21

KEY PROJECTS AND ACHIEVEMENTS

  • Designed and implemented an automated workflow for vendor risk assessments, reducing manual effort by 50% and improving assessment turnaround time from 2 weeks to 5 days.
  • Developed and delivered a security awareness program that increased phishing simulation detection rates from 60% to 90% across the organization.

Technical skills

  • GRC Platforms: 6clicks, ServiceNow, OneTrust
  • SIEM & Monitoring: Microsoft Defender, Splunk, EventTracker
  • Threat Intel & Response: MITRE ATT&CK, Cyber Kill Chain, OSINT, IOC/IOA analysis
  • Security Operations: Log analysis, IDS/IPS, firewall monitoring, vulnerability scanning
  • Systems & Networks: TCP/IP, DNS, HTTP/S, Kali Linux, Windows Server, Active Directory
  • Cloud: Microsoft Azure & AWS

Timeline

Security Analyst

Modulr
07.2024 - Current

Associate Security Operations

Netsurion Technologies
02.2021 - 07.2024

Bachelor of Science - Computer Engineering

University of Mumbai
06.2013 - 05.2017
Pratik NagdaSecurity Analyst