Work Preference
Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic
Open To Work
Verified
This profile is verified using an email address.

SACHIN KAMAT

Bengaluru

Work Preference

Job Search Status

Open to work

Work Type

Full Time

Location Preference

On-SiteRemoteHybrid

Summary

Dynamic information security professional with 7 years of experience. with proven ability to navigate complex regulatory landscapes and support organizational integrity. Known for fostering collaborative team environments and consistently achieving compliance goals. Highly adaptable and reliable, with strong focus on attention to detail and analytical thinking. Certified ISACA CISM and CompTIA Security+ professional

Overview

1
1
Certification
8
8
years of professional experience

Work History

Security Compliance Specialist

IBM ISDL
2025.08 - 2026.04
  • Executed compliance audits, including ISMAP, SOC1/SOC2, ISO27001 and ICA internal standards, across IBM PowerVS infrastructures to ensure regulatory alignment.
  • Built an automated AI/Python application that tracks compliance drifts and control implementations, leveraging future-dated compliance validation and automated scheduling to manage 50+ recurring governance alerts simultaneously.
  • Implemented an AI-driven control mapping and evidence tracker to quickly retrieve and analyze structural documentation submitted across prior regulatory evaluation cycles.
  • Formulated technical runbook to standardize evidence collection strategies and bolster overall audit preparedness across cross-functional infrastructure units.
  • Evaluated corporate risk portfolios alongside senior leadership to flag, triage, and remediate potential regulatory violations before external evaluation.

Information Security Analyst

Infosys Ltd.
2023.07 - 2025.08
  • Improved image repository compliance by 30% and runtime container compliance by 50% through the implementation of continuous drift tracking metrics.
  • Led a container security tool evaluation initiative that identified the tool's capabilities and internal critical structural gaps; delivered strategic deployment recommendations to the leadership team to track and secure containerized microservices.
  • Conducted periodic compliance controls across enterprise hybrid-cloud environments, monitoring the security configurations of Kubernetes, RedHat OpenShift, RedHat CoreOS, Rancher, and Docker platforms.
  • Collaboratively achieved API integration, connecting Prisma Cloud, Qualys, and Tripwire scanners to RSA Archer GRC, centralizing vulnerability & configuration compliance management and streamlining remediation workflows based on severity.

Senior Information Security Engineer

Infosys Ltd.
2022.04 - 2023.06
  • Enhanced production and non-production asset compliance to 75% by collaborating with IT team, by testing and deploying custom OS configuration remediation scripts developed by the IT team.
  • Achieved 70% baseline security compliance across corporate web servers and database platforms, managing a tier-based remediation workflow that drove a 20% reduction in total configuration drift without business interruption.
  • Designed an automation for Golden Image assessment pipeline inside RSA Archer GRC application, centralizing the multi-team image inventory and reducing provisioning downtime via periodic renewal alerts.
  • Conducted routine configuration audits on business-critical production servers and primary Active Directory Domain Controllers to flag and remediate compliance anomalies.
  • Delivered cross-functional technical training and guidance to enterprise employees, standardizing secure configuration principles across golden image management cycles.

Information Security Engineer

Infosys Ltd.
2020.12 - 2022.03
  • Validated and enforced CIS benchmarks across high-availability corporate servers and endpoints, including Windows Server and Linux (RHEL), by fetching configurations using PowerShell and Bash and advanced regex patterns to check compliance with the standard benchmark.
  • Remediated 100% of identified structural compliance drifts across legacy network firewalls, switch-router policies, and access control lists (ACLs) to ensure zero-trust network integrity by coordinating with the network engineers.

Software Engineer

Fidrox Technologies Pvt. Ltd.
2020.06 - 2020.09
  • Enhanced the visitor/vendor management application by integrating it with face recognition, temperature/mask detection, ANPR and attendance, reducing visitor checkpoint processing times by 70% while maintaining 100% compliance with security protocols.
  • Developed secure backend data pipelines and interactive client dashboards utilizing C#, .NET, ASP.NET, IIS, and MSSQL databases.
  • Validated system security capabilities during technical demonstrations at the Digiyatra expo hosted by the Chennai Airport Authority and other organizations such as DormaKaba, Continental, and Bangalore Metro (BMRCL), showcasing features and benefits effectively.

Software Engineer

Nascor Technologies Pvt. Ltd.
2018.08 - 2020.05
  • Engineered specialized application components and core updates under contract for Fidrox Technologies, delivering 100% tailored software features to meet strict target technical compliance requirements.
  • Improved the frontend and backend logic using C#, HTML, CSS, and JavaScript to enforce data integrity and secure platform integration across client systems.

Education

Bachelor of Technology - Electronics and Communication

Alliance University
India
2018-04

Skills

  • Governance, Risk & Compliance (GRC): Security Program Management, Information Security Governance, Risk Assessment, Compliance Monitoring, Incident Management, Internal Auditing, Compliance reporting, Compliance oversight
  • SecOps & Infrastructure Validation & Compliance: Container security, vulnerability, and configuration compliance assessment on infrastructure, applications, and network devices
  • Compliance & Frameworks: CIS Benchmarks, ISO27001, ISMAP, SOC1/SOC2, Internal/External Audits
  • Security & GRC Tools: Qualys, Tripwire, Prisma Cloud, RSA Archer GRC, Skybox, ServiceNow, GitHub, IBM Cloud, IBM QRadar
  • Automation & Scripting: AI, PowerShell, Bash, Python, Regex, API Integrations
  • Development & Databases: NET, C#, ASPNET, IIS, MSSQL

Certification

  • Certified Information Security Manager (CISM) – ISACA
  • CompTIA Security+ – CompTIA
  • Applied Cybersecurity Essentials – Purdue University
  • Cybersecurity Essentials – Cisco Networking Academy

Timeline

Security Compliance Specialist

IBM ISDL
2025.08 - 2026.04

Information Security Analyst

Infosys Ltd.
2023.07 - 2025.08

Senior Information Security Engineer

Infosys Ltd.
2022.04 - 2023.06

Information Security Engineer

Infosys Ltd.
2020.12 - 2022.03

Software Engineer

Fidrox Technologies Pvt. Ltd.
2020.06 - 2020.09

Software Engineer

Nascor Technologies Pvt. Ltd.
2018.08 - 2020.05

Bachelor of Technology - Electronics and Communication

Alliance University
SACHIN KAMAT