Saugat Roy

Job Function: Team Lead – Zero Trust Initiatives on PwC Global Firewall Environment (April 2021 – Present)

Leadership & Team Management:
• Provide strong leadership and strategic direction to a multidisciplinary technical team responsible for designing, implementing, and maintaining Zero Trust network firewall solutions across PwC's global environment.
• Manage day-to-day team operations, including workload distribution, performance monitoring, skill development, and conflict resolution, ensuring the team remains focused on project milestones and deliverables.
• Foster collaboration and effective communication within the team and across global security, infrastructure, and application teams to align efforts with Zero Trust security principles.

Project Delivery & Execution:
• Lead the end-to-end delivery of critical Zero Trust network firewall projects including:
 Identity Based Firewall: Enforce user authentication against PwC global directory to ensure only known, authorized users can access globally hosted applications.
 Server Egress Filtering: Restrict outbound server network traffic to explicit, business-approved destinations, minimizing risk of data exfiltration and external attacks.
 Member Firm Network Segmentation: Implement granular segmentation and default-deny policies between Member Firms to reduce lateral movement opportunities and strengthen network isolation.
 Administrative VPN Gateways: Deploy and enforce Zero Trust policies through implementation of administrative VPN gateways (SNI GP) to control and restrict remote administrative access to PwC Global Data Centers, preventing access from standard user workstations.

Technical Oversight & Solution Governance:
• Oversee project planning, resource allocation, risk management, and issue resolution to deliver on scope, budget, and schedule commitments.
• Guide the technical architecture and firewall rule configurations to support Identity Based Access Controls, strict egress filtering, fine-grained network segmentation, and secured administrative remote access in line with PwC's global security policies.
• Ensure compliance with regulatory requirements and industry best practices related to network security, access controls, VPN gateway usage, and Zero Trust frameworks.
• Conduct regular technical reviews and testing to validate firewall policies and VPN gateway configurations achieve the intended security posture without impacting business continuity.

Stakeholder Engagement & Communication:
• Act as the primary liaison between technical teams, security leadership, and business stakeholders to gather requirements, report status, and incorporate feedback during project phases.
• Prepare and present comprehensive status updates, risk assessments, and impact analyses to senior management and governance committees.
• Coordinate with regional and global teams to ensure consistent implementation and adherence to Zero Trust network standards.

Continuous Improvement & Innovation:
• Drive continuous refinement of network firewall and remote access strategies to enhance Zero Trust capabilities, reduce attack surfaces, and respond to evolving cyber threats.
• Encourage team adoption of automation tools and advanced monitoring techniques to increase efficiency and effectiveness in firewall and VPN gateway management.
• Lead post-implementation reviews and lessons learned sessions to optimize processes and improve future project delivery.

Job Function: Firewall Hygiene SME – PwC Global Firewall Environment (October 2018 – March 2021)

Firewall Rulebase Vulnerability Identification & Compliance:
• Conduct thorough identification and assessment of firewall rulebase vulnerabilities across PwC managed firewalls globally, ensuring compliance with PwC ISP (Information Security Policy) and established Firewall Risk Criteria.
• Perform detailed analysis to detect overly permissive, redundant, obsolete, or non-compliant firewall rules that may increase security risks or operational inefficiencies.

Traffic Analysis & Monitoring:
• Analyze firewall traffic logs and data using SPLUNK to understand real-time and historical traffic patterns traversing the firewalls.
• Utilize insights from log analysis to prioritize vulnerabilities, validate rule changes, and detect anomalous or unauthorized network activities.

Collaboration & Coordination:
• Work closely with global firewall teams across multiple regions to communicate findings, discuss remediation strategies, and facilitate timely resolution of identified vulnerabilities.
• Coordinate cross-team activities and synchronize efforts to align with global firewall hygiene standards and risk mitigation objectives.

Remediation Tracking & Reporting:
• Maintain detailed trackers for monitoring the progress of firewall vulnerability remediation initiatives.
• Provide regular, comprehensive status reports to project leadership and stakeholders, highlighting remediation progress, outstanding issues, and risk areas needing attention.

Firewall Hygiene Process Management:
• Lead the ongoing management and continuous improvement of the firewall hygiene process globally, ensuring systematic identification, prioritization, and remediation of firewall rulebase vulnerabilities.
• Establish and enforce standardized best practices and workflows to maintain optimal firewall configurations aligned with PwC's security posture.
• Mentor and guide new joiners and junior team members on firewall hygiene processes, tools, and PwC security policies.

Job Function: Information Security Analyst for a Leading UK-based Spirit Manufacturer

Network Vulnerability Assessment & Remediation:
• Conduct comprehensive vulnerability assessments across corporate networks using industry-standard tools (e.g., Nessus, Qualys) to identify potential security weaknesses and attack vectors.
• Analyze scan results to prioritize vulnerabilities based on risk impact and exploitability; develop and recommend actionable remediation plans to mitigate identified risks.
• Collaborate with IT and infrastructure teams to implement security patches, configuration changes, and hardening standards to reduce attack surfaces across endpoints and network devices.

Patch Management & Endpoint Hardening:
• Monitor organizational patch compliance status, ensuring timely deployment of critical security patches across all managed endpoints.
• Define and enforce hardening standards based on CIS benchmarks and internal security policies for systems and applications to prevent unauthorized access and reduce vulnerabilities.
• Document and maintain patching procedures, working closely with system administrators to resolve patch-related issues.

Security Incident Investigation & Response:
• Lead investigation into security incidents, including initial detection, root cause analysis, and documentation of findings for audit and compliance purposes.
• Track and document security events and incidents using security information and event management (SIEM) tools.
• Develop and implement controls and remediation actions to address vulnerabilities and prevent security incidents.

Social Engineering & Security Awareness:
• Conduct routine social engineering exercises such as phishing simulations and physical security assessments (e.g., clean-desk audits) to evaluate employee compliance with security policies.
• Plan and deliver interactive security awareness sessions for end-users to promote a security-conscious culture and reduce human-related security risks.

Security Policy Enforcement & Compliance:
• Investigate suspected or confirmed security violations to identify gaps in existing security policies or controls; recommend appropriate policy updates or new security measures.
• Ensure compliance with organizational information security policies, standards, and regulatory requirements through periodic assessments and audits.

Disaster Recovery Planning & Testing:
• Develop, test, and update network disaster recovery and business continuity plans to maintain availability and resilience of critical IT services during adverse events.
• Coordinate with business and technical stakeholders to conduct periodic recovery drills and validate plan effectiveness.

Security Documentation & Process Management:
• Maintain and update comprehensive security process documentation including vulnerability management, incident response procedures, patch management workflows, and user guidelines.

Job Function: Network-Security Engineer - Cattlefield In-house Infrastructure

Firewall Administration & Monitoring:
• Proactively monitor and administer Check Point Firewall and Iptables configurations to ensure network perimeter security, continuous policy compliance, and optimized traffic filtering.
• Analyze firewall logs and alerts to detect unauthorized access attempts, unusual traffic patterns, or potential security breaches, swiftly initiating remediation actions.
• Maintain firewall rulebase integrity by regularly reviewing and updating rules to eliminate redundancies and mitigate emerging threats.

Linux Server Security & Log Management:
• Continuously monitor Linux server environments for system vulnerabilities by reviewing security patches, service status, and configuration settings to maintain hardened systems.
• Manage and analyze system logs using event log and syslog mechanisms to identify suspicious activities or anomalies that could indicate security incidents.
• Coordinate with system administrators to resolve identified risks and ensure server uptime and compliance with security standards.

Penetration Testing & Vulnerability Assessment:
• Plan and execute penetration tests on network infrastructure components and applications at regular intervals to uncover exploitable weaknesses.
• Document identified vulnerabilities and collaborate with respective teams to prioritize and implement corrective measures to strengthen overall security posture.
• Stay abreast of the latest attack vectors and penetration testing methodologies to continually enhance assessment effectiveness.

Network Security Monitoring & Availability Management:
• Actively monitor network traffic and performance metrics to ensure high availability and security for authorized users while preventing unauthorized access or denial of service.
• Utilize security monitoring tools and dashboards for real-time anomaly detection and rapid response to emerging threats or network disruptions.
• Maintain network segmentation and access controls to uphold confidentiality and integrity of critical systems and data.

Proof of Concept (POC) Evaluation & Tool Implementation:
• Conduct Proof of Concepts (POCs) for new network security devices, systems, or tools as required to evaluate their suitability and effectiveness in strengthening security infrastructure.
• Collaborate with cross-functional teams to assess vendor solutions, prepare demonstration environments, and present findings and recommendations for adoption.
• Document POC processes and results to assist in strategic security technology decisions and implementation planning.