Pratik Nagda
Security Analyst
Mumbai
Summary
Cybersecurity professional with 4+ years of experience in Governance, Risk, and Compliance (GRC), specializing in risk assessments, vendor audits, incident response, and regulatory compliance (ISO 27001, SOC 2, PCI DSS, HIPAA, GDPR, DORA). Certified CEH and ISO/IEC 27001 Lead Auditor. Proficient in SIEM tools, threat intelligence, vulnerability management, Microsoft Defender, 6clicks, and OSINT platforms.
Overview
4
4
years of professional experience
4
4
years of post-secondary education
2
2
Certifications
Work History
Security Analyst
Modulr
07.2024 - Current
- Led third-party security assessments for 30+ vendors, assigning risk scores and preparing comprehensive risk reports for senior leadership.
- Performed internal audits and risk assessments to identify compliance gaps and mitigate risks.
- Developed and implemented strategic mitigation plans, resulting in a 20% reduction in vendor-related risk exposure
- Advised stakeholders on remediation strategies aligned with ISO 27001, PCI DSS, HIPAA, SOC 2, NIST and DORA.
- Managed GRC workflows and automated compliance tracking using the 6clicks platform, improving audit readiness and process efficiency.
- Utilized Microsoft Defender to oversee vulnerability management and endpoint protection for 500+ endpoints.
- Key Achievement: Enhanced audit readiness, contributing to 100% compliance across five regulatory frameworks.
Associate Security Operations
Netsurion Technologies
02.2021 - 07.2024
- Triaged and escalated 3,000+ security alerts annually using EventTracker, prioritizing and responding to critical incidents within SLA.
- Monitored and analyzed firewalls, IDS/IPS, and Active Directory logs to detect and mitigate security threats.
- Conducted third-party risk assessments in line with ISO 27001, SOC 2, GDPR, HIPAA, NIST, DORA, and PCI DSS requirements.
- Used OSINT tools for external threat intelligence and hunting.
- Responded to malware, phishing, and access violation incidents across client networks.
- Key Achievement: Maintained 95% SLA compliance in incident response for over 30 client organizations.
- Key Achievement: Reduced false positives by 15% through fine-tuning correlation rules and alerts.
Education
Bachelor of Science - Computer Engineering
University of Mumbai
06.2013 - 05.2017
Skills
Security information and event management
Vulnerability assessment
Identity and Access management
Intrusion detection
undefinedCertification
Certified Ethical Hacker (CEH v10), EC-Council, 01/01/21
KEY PROJECTS AND ACHIEVEMENTS
- Designed and implemented an automated workflow for vendor risk assessments, reducing manual effort by 50% and improving assessment turnaround time from 2 weeks to 5 days.
- Developed and delivered a security awareness program that increased phishing simulation detection rates from 60% to 90% across the organization.
Technical skills
- GRC Platforms: 6clicks, ServiceNow, OneTrust
- SIEM & Monitoring: Microsoft Defender, Splunk, EventTracker
- Threat Intel & Response: MITRE ATT&CK, Cyber Kill Chain, OSINT, IOC/IOA analysis
- Security Operations: Log analysis, IDS/IPS, firewall monitoring, vulnerability scanning
- Systems & Networks: TCP/IP, DNS, HTTP/S, Kali Linux, Windows Server, Active Directory
- Cloud: Microsoft Azure & AWS
Timeline
Security Analyst
Modulr
07.2024 - Current
Associate Security Operations
Netsurion Technologies
02.2021 - 07.2024
Bachelor of Science - Computer Engineering
University of Mumbai
06.2013 - 05.2017
Similar Profiles
Suraj SethSuraj Seth
Assistant Manager – Direct Tax at CBV & Associates LLPAssistant Manager – Direct Tax at CBV & Associates LLP
Aditya ApteAditya Apte
Product Manager at ProgIST Solutions LtdProduct Manager at ProgIST Solutions Ltd
Tamanna AgarwalTamanna Agarwal
Consultant Specialist at HSBCConsultant Specialist at HSBC
Bhoomi KumbhaniBhoomi Kumbhani
Clinical Physiotherapist at Umiya Physiotherapy ClinicClinical Physiotherapist at Umiya Physiotherapy Clinic
Balaji VBalaji V
Security Analyst at Motherson Technology Service Ltd.Security Analyst at Motherson Technology Service Ltd.