Rajneesh Upadhaya
Dubai
Summary
A seasoned cybersecurity professional with a strong background in cyber security governance, risk management, compliance, and security operations. A proven track record of leading and managing critical security efforts, ensuring compliance with industry standards. My expertise includes business continuity management, security policy development, training and mentoring teams for cyber resilience. Multi-certified in Cyber Security Management, Auditing, Defense, Investigation, and Cloud Security. Results-oriented Senior Executive driven to always be improving business operations. Specializing in Cyber Security with 12 years of track record of success.
CISSP, CISA, ISO 27001, CCISO, CISMP, ITIL, CEH, ECSA, CHFI, ECIH, CEI, CPSP
Overview
12
12
years of professional experience
Work History
AVP TISO (Technical Information Security Officer)
Deutsche Bank
09.2022 - 03.2024
- As a Technical Information Security Officer (TISO), I lead and manage the security efforts for critical applications, ensuring their integrity and compliance
- I provide guidance and training to application owners, empowering them to meet security standards
- My proactive approach to risk management and compliance demonstrates my leadership in fostering a secure digital environment
- I also coordinate Business Continuity Management, strategizing for uninterrupted operations during downtime scenarios
- My role involves collaborating with cross-functional teams, demonstrating my ability to communicate complex security concepts effectively
- My dedication to continuous improvement and my proactive management style contribute to the overall resilience of our organization's security posture.
Information Security Officer
Patona Pty. Ltd.
07.2020 - 09.2022
- Demonstrated exceptional leadership and project management skills in the field of Information Security
- Lead the design, planning, and implementation of Information Security technical solutions and services, I have ensured the alignment of our security measures with industry standards
- Developed and maintained minimum security baseline designs for all compute platforms, enhancing our overall security posture
- Additionally, I was responsible for developing, maintaining, and monitoring Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for our Cyber Security program, ensuring its effectiveness
- Operating and maintaining Information Security toolsets and services, I facilitated security assessments for new vendors/suppliers and conducted Risk Assessments for critical assets, third parties, and BAU processes
- As a representative of the Information Security team, I participated in various projects, providing valuable insights and expertise
- I also played a key role in creating and reviewing information security policies, processes, procedures, standards, guidelines, and frameworks
- Part of global Security Operations Center (SOC) activities, including threat analysis, incident response, forensics, and malware analysis, highlighting my ability to manage complex security operations
- My role also involved compiling detailed investigation and analysis reports for delivery to management, demonstrating my strong communication and reporting skills
- Furthermore, I played a pivotal role in training and mentoring the Technical, HR, and Management Team, ensuring that they were well-equipped to handle Information Security challenges
- Additionally, I headed the ISO 27001 and PCI/DSS Implementation and Certification Process, as well as the Vulnerability Management Program, showcasing my ability to lead and drive successful security initiatives.
HSBC (Senior External Risk Consultant)
ivitesse
Pune
08.2019 - 06.2020
- As I worked directly under the second line of defense for critical assets
- My role included conducting Risk Assessments for Internal Applications, Cloud, and Vendors (Third Party), ensuring adherence to Information Security Policy
- I reviewed standards, identifying areas where expected controls were missing and providing challenges to enhance security measures
- Additionally, I offered advice on policy control requirements and conducted assurance activities to address issues and strategic changes within the risk area
- I guided risk owners in meeting Key Risk Indicators (KRI) and monitored preventative thresholds and trends
- I also reviewed and approved any disruptions to the Information Security Policy, including those resulting from non-compliance
- My responsibilities also included providing independent assurance to management and the Risk Audit committees, as well as overseeing Software Acquisition, On-Boarding/Off-Boarding checks, and Formal Audits.
Information Security Corporate Trainer
Koenig Solutions Ltd, India/Dubai
09.2012 - 07.2019
- Seasoned Information Security Corporate Trainer with a proven track record of helping organizations worldwide enhance their cyber resilience
- Adept at managing teams, collaborating with stakeholders, and modeling key cyber threats
- Skilled in providing guidance on vulnerability management and application security, conducting simulated cyber-attacks and penetration tests, and advising clients through cyber security incidents and crisis situations
- Experienced in designing, implementing, and maintaining InfoSec Management Systems based on ISO/IEC 27000 series standards, including certification against ISO/IEC 27001 and adherence to security assessment standards like NIST, OWASP, PTES, OSSTMM
- Proficient in InfoSec risk assessments, compliance monitoring, and improving activities to ensure adherence to internal security policies and applicable laws and regulations such as HIPPA, GDPR, PCI/DSS, SOX, etc
- Extensive experience in conducting InfoSec training and awareness programs, implementing encryption standards, and supervising teams during assessments and investigations
- Have trained thousands of professionals for over hundreds of organizations in 20+ countries across the globe, including ministries, defense, energy services, health and care sector, telecom, financial institutions, big 4 organizations, etc.
Cyber Security Analyst
Wegilant Solutions Pvt.Ltd
01.2012 - 09.2012
- I began my career in the information security domain, demonstrating a strong aptitude from the outset
- I identified and evaluated potential threats and vulnerabilities in client portals, applications, and networks
- I monitored live systems for real-time threats, demonstrating the effectiveness of security controls
- Specializing in cyber threat modeling, application security, and vulnerability management, I conducted assessments and tests on client systems, including penetration tests and vulnerability assessments
- I also assisted in the implementation and review of information security program strategies, policies, processes, and technologies, collaborating closely with various teams to integrate cybersecurity into new and evolving information systems.
Education
M.Tech Software System - Cyber Security
BITS Pilani (WILP)
01-2024
Master of Science - Network Security and Telecom Management
Venkateshwara Open University (Distance)
08-2019
Bachelor of Science - Infrastructure Management System
IIHT Academy, DehradunSikkim Manipal University (Regular)
Skills
- Risk Management
- Governance
- Compliance
- Internal Auditing
- Cloud Security
- Vulnerability Management
- Penetration Testing
- Incident Response
- Business Continuity
- Cyber Security Mentor
- PCI/DSS
- ISO 27001
- SOX
- GDPR
Affiliations
Advisory Board member of EC-Council
Speaker:
· GISEC Abudabhi, UAE
· GITEX Dubai, UAE
· GCC Cyber Security Summit
· Cyber Defence Summit, Uganda.
· Naïf Arab Security Conference, KSA.
Awards
Circle of Excellence, Instructor of the year 2016,2018 (EC-Council)
Timeline
AVP TISO (Technical Information Security Officer)
Deutsche Bank
09.2022 - 03.2024
Information Security Officer
Patona Pty. Ltd.
07.2020 - 09.2022
HSBC (Senior External Risk Consultant)
ivitesse
08.2019 - 06.2020
Information Security Corporate Trainer
Koenig Solutions Ltd, India/Dubai
09.2012 - 07.2019
Cyber Security Analyst
Wegilant Solutions Pvt.Ltd
01.2012 - 09.2012
M.Tech Software System - Cyber Security
BITS Pilani (WILP)
Master of Science - Network Security and Telecom Management
Venkateshwara Open University (Distance)
Bachelor of Science - Infrastructure Management System
IIHT Academy, DehradunSikkim Manipal University (Regular)
Similar Profiles
Dnyaneshwar BhogilDnyaneshwar Bhogil
Trade and Transaction Analyst at Deutsche Bank Group, Deutsche BankTrade and Transaction Analyst at Deutsche Bank Group, Deutsche Bank
PRADEEP KUMARPRADEEP KUMAR
Assistant Vice President at Deutsche India Private Limited (Deutsche Bank Group)Assistant Vice President at Deutsche India Private Limited (Deutsche Bank Group)
Manoj Singh SolankiManoj Singh Solanki
Senior Analyst at Deutsche India Pvt. Ltd- Deutsche Bank GroupSenior Analyst at Deutsche India Pvt. Ltd- Deutsche Bank Group
Amit KulkarniAmit Kulkarni
Vice President at Deutsche India Pvt. Ltd, Deutsche Bank of India, DBOIVice President at Deutsche India Pvt. Ltd, Deutsche Bank of India, DBOI
Yasmin Ahmed Hassan HusseinYasmin Ahmed Hassan Hussein
Science Teacher at Al-maadi SchoolScience Teacher at Al-maadi School