Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Sandip Gaware

Pune

Summary

Information Security Specialist with passion for aligning security architecture plans and processes with security standards and business goals. Extensive experience developing and testing security framework for cloud-based software.

Overview

16
16
years of professional experience
1
1
Certification

Work History

Lead Security Engineer

Mastercard Ltd.
Pune
09.2019 - Current
  • Led the TRM Unlocked program for 1.5 years, enhancing audit readiness, governance, and control implementation.
  • Led ISO 27001 end‑to‑end audit cycles including evidence gathering, gap analysis, remediation planning, and successful certification support for XBS/MTS.
  • I represented the organization during PwC ISO audits and drove the closure of NCRs, observations, and OFIs.
  • Supported RBI, FBA, and PSS regulatory audits covering technology controls, logging/monitoring, configuration compliance, and audit documentation.
  • Conducted SIEM log coverage assessments, monitoring maturity reviews, and configuration checks aligned with ISO and RBI CSF.
  • Performed CIS benchmark-based configuration assessments across cloud and on-prem environments.
  • Managed a team of 4 as India POC, coordinating cross‑functional remediation across SOC, DevOps, infrastructure, and engineering teams.
  • Administered and optimized Splunk, including search strings, dashboards, syslog‑ng ingestion, and real‑time alerting.
  • Implemented threat‑modeling enhancements within SDLC and collaborated with teams to strengthen development security.
  • Handled SIEM infrastructure improvements, integrating new log sources, building automation playbooks, and reducing incident triage time.
  • Developed custom automation scripts (Shell, Python, Perl) for detection, response, and operational tasks.
  • Performed Tripwire FIM administration including rule creation, device onboarding, and real‑time alerts.
  • Troubleshot Bluecoat, Palo Alto, and security infrastructure issues to ensure continuous availability.
  • Executed ITGC/ITSM control validations—access governance, incident mgmt, change mgmt, backups, and policy compliance.
  • Delivered audit walkthroughs, SOPs, evidence packs, and process documentation for internal and external auditors.

Sr. Security Consultant

PRI India Pvt. Ltd. (Mastercard India)
Pune
07.2018 - 09.2019
  • Managed and supported Splunk infrastructure, resolving platform issues and administering users and data sources.
  • Designed, tested, and optimized Splunk search queries, dashboards, reports, and real‑time alerts.
  • Led troubleshooting efforts for log ingestion and Splunk integrations in coordination with multiple teams.
  • Administered Tripwire FIM, including device onboarding, rule configuration, and real‑time alert generation.
  • Provided operational support for Bluecoat web security and Palo Alto firewall‑related issues.
  • Ensured stability and reliability of security monitoring and logging platforms.

Associate Security Consultant

Tech Mahindra
Pune
11.2015 - 06.2018
  • Played a key role in integrating FortiSIEM (AccelOps) with the enterprise logging ecosystem, including dashboards, reporting, event logging, and performance monitoring.
  • Coordinated event collection, log management, event correlation, and compliance automation across security platforms.
  • Developed and executed standard operating procedures for SIEM administration, content management, patching, and lifecycle management.
  • Performed end‑to‑end FortiSIEM administration including configuration, testing, integration, content creation, and platform maintenance.
  • Supported daily event parsing and data quality remediation to ensure accurate and reliable SIEM analytics.
  • Assisted in security incident investigations, including email analysis and sandboxing, and actively supported the incident management process.

Information Security Analyst

Datamatics HR Pvt. Ltd. (Tech Mahindra Pvt. Ltd.)
Pune
01.2015 - 11.2015
  • Installed, tested, and deployed Splunk monitoring solutions, including forwarder and data source configurations.
  • Provided technical support for project requirements, user requests, and security data analysis.
  • Supported change management processes and resolved configuration‑related issues in coordination with infrastructure teams.
  • Analyzed and monitored incident management workflows, assisting in incident resolution and root‑cause analysis.
  • Managed assigned systems and Splunk administration, ensuring stable and reliable security monitoring operations.
  • Served as IBM Guardium Administrator, performing full platform administration and database security monitoring tasks.

Engineer (Information Security)

Collabera Technologies (IBM India Pvt. Ltd.)
Pune
08.2012 - 11.2014
  • Installed, tested, and deployed Splunk monitoring solutions, including forwarder and data source configurations.
  • Provided technical support for project requirements, user requests, and security data analysis.
  • Supported change management processes and resolved configuration‑related issues in coordination with infrastructure teams.
  • Analyzed and monitored incident management workflows, assisting in incident resolution and root‑cause analysis.
  • Managed assigned systems and Splunk administration, ensuring stable and reliable security monitoring operations.
  • Served as IBM Guardium Administrator, performing full platform administration and database security monitoring tasks.

Junior Support Engineer

Suma Soft Pvt. Ltd.
Pune
06.2010 - 08.2012
  • Performed database backup, maintenance, and recovery operations, including incremental backup implementation for MySQL.
  • Developed scripts to automate database backup and cleanup processes, ensuring operational reliability.
  • Installed and configured Apache Tomcat, Java, and Bugzilla across production and test environments.
  • Configured and monitored MySQL Replication, DRBD, and NDB clustering to support high availability.
  • Monitored web and database servers to ensure system uptime and performance.
  • Handled API interactions (XML requests/responses), change requests, and technical documentation in coordination with development teams.

Education

Master of Computer Management - Computer And Information Systems Security

IMRRD
Ahmednagar
06.2008

Bachelor of Science - Chemistry

Jai HInd College Dule
Dhule
06.2006

Skills

  • IBM Guardium
  • ISO 27001 audits
  • Regulatory compliance
  • Risk management
  • ISO 27001 Audits
  • ISMS Assessments
  • Internal Audits
  • Audit Readiness
  • Risk Assessment
  • Gap Analysis
  • Evidence Management
  • Policy Reviews
  • Control Testing
  • Regulatory Audits
  • Vendor Assessments
  • Splunk
  • Splunk Enterprise Security
  • Bluecoat
  • PaloAlto Carbon Black
  • Azure Sentinel
  • Tripwire FIM

Certification

Computer Hacking Forensic Investigator-CHFI, 09/2019

Timeline

Lead Security Engineer

Mastercard Ltd.
09.2019 - Current

Sr. Security Consultant

PRI India Pvt. Ltd. (Mastercard India)
07.2018 - 09.2019

Associate Security Consultant

Tech Mahindra
11.2015 - 06.2018

Information Security Analyst

Datamatics HR Pvt. Ltd. (Tech Mahindra Pvt. Ltd.)
01.2015 - 11.2015

Engineer (Information Security)

Collabera Technologies (IBM India Pvt. Ltd.)
08.2012 - 11.2014

Junior Support Engineer

Suma Soft Pvt. Ltd.
06.2010 - 08.2012

Master of Computer Management - Computer And Information Systems Security

IMRRD

Bachelor of Science - Chemistry

Jai HInd College Dule

Similar Profiles

CREATE PROFILE
Sandip Gaware