Rahul Mhatre
Thane,MH
Summary
I tackle challenges with positivity, finding growth opportunities in every scenario. Equipped with skills perfectly matched to the job, I'm poised for excellence. Thriving both solo and in teams, I actively aid colleagues in reaching shared objectives. Outside of work, I engage in team sports, highlighting my collaborative spirit. Bringing a positive influence and innovative thinking, I'm dedicated to personal and company growth, ensuring our continued success in the market.
Experienced leader with 20 years of strong background in guiding teams, managing complex projects, and achieving strategic objectives. Excels in developing efficient processes, ensuring high standards, and aligning efforts with organizational goals. Known for collaborative approach and commitment to excellence.
Demonstrated leadership in aligning cybersecurity strategies with global regulatory standards, including ITIL, ISO 27001/27701, NIST, SOC 2, PCI-DSS, CCPA, GDPR, and IRDAI compliance frameworks. Adept at translating complex compliance requirements into actionable security measures, while fostering clear communication and collaboration with cross-functional stakeholders to ensure successful implementation and governance
Overview
20
20
years of professional experience
12
12
Certification
Skills
- Security operations center expertise
- Cybersecurity framework design
- Information security governance
- Risk assessment expertise
- Incident response management
- Cyber security program management
- Cloud security expertise in AWS, Azure, and GCP
- Decision-making
- Cybersecurity threat analysis
- Vendor risk evaluation
- Team leadership
- Skilled in team management
- Strategic decision-making
- Coaching and mentoring
- Documentation expertise
- Budget planning and oversight
Accomplishments
- Designed and Implemented Global SOC
Successfully built and operationalized a 24/7 Security Operations Center (SOC) from the ground up, integrating log sources, threat intelligence, and automated detection using UEBA. - Led ISO 27001:2013 Certification
Spearheaded end-to-end implementation and audit readiness for ISO 27001 across multiple regions, ensuring full compliance with international information security standards. - Security Architecture for Cloud Environments
Developed secure architecture and governance models for Azure, Microsoft 365, and hybrid cloud deployments, aligning with zero-trust principles. - Incident Response Leadership
Acted as the primary escalation point for critical incidents, managing real-time security breaches with coordinated cross-functional response and root cause analysis. - Mentored Cybersecurity Talent
Mentored and unskilled junior analysts to mid-level engineers / Managers, creating a high-performing, certified team spanning L1 to L3 operations. - Deployed Threat Detection Frameworks
Implemented threat hunting and behavioral analytics using SIEM platforms, reducing false positives and improving MTTD/MTTR significantly. - Governance, Risk & Compliance (GRC) Ownership
Owned and operated the GRC function, conducting risk assessments, vendor reviews, policy development, and internal audits across multiple business units. - Automated Security Operations
Led automation of key SOC processes, including alert triaging, IOC enrichment, and response playbooks using SOAR tools. - Penetration Testing & Vulnerability Management
Conducted internal red team exercises and external penetration testing, remediating critical vulnerabilities and improving system resilience. - Recognized Cybersecurity Leader
Awarded internally for excellence in cybersecurity leadership and acknowledged by peers for driving strategic security transformation across business units.
Awards
- CSO TOP 100 CISO Award by The EVANGELIST 100 - 2023
- Appreciated by FORENSIC FUSION- 2024
- ZEE Team Award for Incident Handler-2022
- Best Cyber Security Team award by CISO Conclave Nov 2023,
- CAPCO Top Information Security Award-2018.,
- CAPCO Best Mentor-2018
- IBM Manager's Choice Award – 2016
- Star performer award from HP for Information Security-2013
- Star performer award from Harjai computers for Information Security-2013
- Appreciated from Bank of India as best performer in Information Security-2011
Certification
- C-CISO Certified Information Security Officer.
- CRISC - Certified in Risk and Information Systems Control
- CISM - Certified Information Security Manager
- CISA - Certified Information Security Auditor
- Certified in Generative AI in Cloud Computing & Core Concepts
- Certified Executive Leadership program
- Certified Trend micro security Cloud Computing
- TCTP-Certified Trend Micro Fundamentals of Malware
- Certified Exploits and Vulnerabilities specialist
- MCP-Microsoft Certified Professional
- CEH- EC-council Certified Ethical Hacker
- AFCEH- Certified Ethical Hacker
- ECSA- EC-Council certified Security Analyst
- RSA Envision Certified
- LPT- Licensed Penetration Tester
- Diploma in Hardware and Networking
Work History
Information Security Architect / V-CISO
Freelance
01.2024 - Current
• SOC Development for OTT providers, successfully established multiple Security Operations Centers (SOCs) for OTT hosting providers in the U.S. and APAC, enhancing their security monitoring and incident response capabilities.
• Advanced Security Implementation, Implemented Just-In-Time (JIT) security for DevSecOps, along with comprehensive application and cloud security solutions, improving cybersecurity resilience and operational efficiency.
• As a V-CISO My responsible for leading the Information Security Risk Management function across IT, Application Development, and Security Operations. My role focuses on ensuring the effectiveness and sustainability of Application Security, DLP, DAM, Cloud Security, IDAM, EDR/XDR, SOC, and infra / App Security.
• I oversee the development and maintenance of cybersecurity policies, standards, procedures, and technical measures to strengthen the organization's security posture. I manage security programs, including SIEM, XDR, and Cloud Security, and coordinate audits such as ISO 27001, IRDAI & ensuring regulatory compliance.
• Key responsibilities include vendor and third-party security assessments, risk management, control design, and facilitating internal assessments. I work closely with internal and external teams, auditors, and partners to address security gaps, monitor controls, and enhance security programs while aligning with the Risk Management Framework.
• Engaged business and technology stakeholders to gather goals and requirements.
Associate Director Information Security
ZEE Entertainment Enterprise/Zee5 /HIPPY
11.2021 - 12.2023
- Architect, design, implement, and integrate a comprehensive cybersecurity solution for Zee.
- Manage teams: Cloud Security, Security Engineering, Threat Hunting & Red Team, SOC (Blue Team), DLP, CASB, MDM, VA/PT. (Team Size 30)
- Utilize cloud-based security solutions: AWS Guard Duty, AWS Cloud Guard, Azure Security Center, Azure Firewall, Google Cloud (GCP), GCP Security Command Center.
- Develop technology plans for Cyber Security and Management, ensuring compliance with policy requirements for 27001 Compliance.
- Lead vendor selection, budget management, and collaborate with internal and international teams.
Founder, Director
BREATH TECHNOLOGY SOLUTIONS
09.2019 - 11.2021
- Company Overview: (Self Employment)
- Comprehensive Cybersecurity Support: Deliver end-to-end cybersecurity services, including threat detection, incident response, and risk management tailored to client needs.
- Client-Centric Solutions: Ensure seamless integration and continuous support of cybersecurity frameworks, aligning with clients’ business objectives and regulatory requirements.
CISO/Sr. Manager Information Security
ACCELYA SOLUTIONS
01.2019 - 09.2019
- Company Overview: (Limited Contract)
- Oversee the deployment of comprehensive security programs, including SOC, VAPT, Baseline Security, Incident Management, Endpoint Security, AWS, DLP, PAM, ATP, and ATP.
- Threat Response and Incident Management, Direct real-time monitoring, identification, analysis, and response to security incidents, executing containment, mitigation, and protection processes.
- Security Compliance and Governance, maintain a robust program aligned with PCI DSS, ISO 27001, GDPR, and privacy policies, ensuring compliance across all security technologies and personnel.
- Vendor Collaboration and Security Investments, collaborate with vendor management on security requirements in contracts, manage budgets, conduct VA/PT, and create business cases to prioritize security strategy investments.
Deputy CISO/Global Manager Information Security
CAPCO Technologies Private Limited
01.2018 - 01.2019
- Led Capco's cybersecurity practice, providing consulting and advisory services to the financial services sector globally.
- Developed remediation plans shifting the company to a proactive, risk-based cybersecurity approach.
- Managed a global team of 26 employees, overseeing security architecture, system design, implementation, and management of information security systems.
- Directed SOC operations, vulnerability management, endpoint security, and patch management teams. Conducted ISO 27001 audits, oversaw compliance reporting, and maintained vulnerability dashboards. Built and operated endpoint security controls, established 3rd party vendor support for SOC services, and provided technical design and review services.
Sr. Information Security Delivery Specialist
IBM India Private Limited
08.2016 - 12.2017
Information Security Manager
CONTINUUM Managed Services
10.2014 - 08.2016
Information Security Admin L3
Hewlett-Packard India- Contract
12.2010 - 09.2014
Sr. InfoSec Analyst
Elixer Computech
12.2008 - 11.2010
Windows & Network Administrator
HINDALCO INDUSTRIES Ltd.
08.2005 - 12.2008
Technology Implementations and Operations
- SIEM Experience: - Symantec (SSIM), RSA Envision, HP-ArcSight, EIQ SecureVue, and IBM Qradar, Securonix, Chronicle, Sentinel
- VA/PT Tools: - Nessus Cloud, Nexpose Rapid7, HP Web-Inspect, Vega, OWASP Zap, Iron WASP, Paros, Burp suite. AnyRun.
- Cloud Security Tool: - PingSafe, Prisma, AWS Guard duty, ORCA, GCP SCC, Defender O365, API-Traceable, Akamai, JIT Security, Security, Defender, O365 Defender, AWS Security HUB, AWS WAF
- GRC Tools: - Vanta, SecureFrame, Drata, Archer.
- Other Cyber Security Tools: - Palo Alto XDR, SOPHOS EDR, Zscaler, Fortinet, MAS360, jamF, Thales, Forcepoint, Check-Point DLP, Cloudflare, Akamai, F5, Darktrace, ZeroFox, Brandefense, DarkWebID, ThreatConnect, Bitdefender, VirusTotal.
Education
Bachelor’s Degree - commerce
Jaipur National University
Diploma - Information Technology
Jetking
Thane, India06-2007
LNGG
English
Hindi
Marathi
German B1
Work Preference
Work Type
Full TimePart TimeContract WorkLocation Preference
On-SiteRemoteHybridImportant To Me
Work-life balanceCareer advancementCompany CultureFlexible work hoursPersonal development programsHealthcare benefitsWork from home optionTeam Building / Company RetreatsWork Availability
monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse
Disclaimer
I hereby declare that the details furnished above are correct to my knowledge & belief.
Thanks & Regards
Rahul Mhatre +919930191416 |+918425899701
Date: - 01.04.2025
Quote
Every problem is a gift—without problems we would not grow.
Tony Robbins