Siddharth Pattnaik
Bhubaneswar
Summary
Seasoned Chief Information Security Officer from iServeU with a proven track record in spearheading comprehensive risk assessments and implementing robust cloud security strategies on GCP. Expert in PCI compliance and cloud architecture, demonstrating exceptional leadership in developing and executing security policies. Skilled in fostering cross-departmental collaboration for enhanced security postures.
Overview
13
13
years of professional experience
1
1
Certification
Work History
Chief Information Security Officer (CISO)
iServeU
01.2024 - Current
- Managed compliance with PCI PIN security requirements, ensuring robust encryption practices for sensitive payment data
- Conducted comprehensive risk assessments across technology and financial domains, identifying vulnerabilities and defining mitigation strategies
- Spearheaded DLSAR audit processes, ensuring alignment with regulatory expectations and business objectives
- Designed and implemented cloud security strategies for mission-critical systems hosted on GCP
- Established and improved ISMS for critical operational environments, leveraging GCP-native tools like Cloud Security Command Center and VPC Service Controls
- Defined and implemented architecture blueprints for secure multi-cloud and hybrid deployments
- Developed and implemented security policies, standards and procedures to protect company information systems.
- Conducted regular vulnerability assessments to identify weaknesses in existing infrastructure.
- Coordinated with other departments on security initiatives such as risk management, disaster recovery planning, and business continuity planning.
- Assisted in developing strategies for responding to cyber threats such as malware attacks, phishing attempts, or distributed denial-of-service attacks.
Senior Cloud Architect
LDTech
09.2023 - 01.2024
- Conducted in-depth risk assessments for cloud environments, focusing on IAM policies and network configurations
- Designed secure architectures compliant with PCI DSS and PCI PIN standards
- Planned and deployed scalable, resilient infrastructure solutions in GCP using Terraform and Kubernetes
- Resolved complex problems related to infrastructure scalability, availability, latency, and cost optimization in the cloud environment.
- Implemented security measures such as identity access management, encryption keys, firewalls to secure data stored in the cloud.
Senior Cybersecurity Engineer
Quest Global
01.2013 - 09.2023
- Conducted PCI DSS, PCI PIN, and DLSAR audits, ensuring compliance with payment security standards and regulatory frameworks
- Performed risk assessments and developed risk treatment plans for cloud-native and on-premises applications
- Implemented container security solutions leveraging GKE and Istio in GCP environments
- Led secure application design initiatives, integrating DevSecOps practices and secure SDLC methodologies
Datacenter Engineer
Reliance Telecommunications
06.2011 - 01.2013
- Managed data center operations and implemented secure architecture designs for scalable infrastructure
- Conducted risk assessments and planned redundancy mechanisms for critical systems
- Maintained and monitored data center infrastructure to ensure high availability of services.
- Configured, tested, and troubleshot server hardware components such as CPUs, memory, disk drives and network interface cards.
- Installed and configured operating systems on servers and created user accounts.
Education
Bachelor of Technology - Computer Science
VMDU
Skills
- Cloud Security & Architecture
- Google Cloud Platform (GCP)
- AWS
- Azure
- Cloud Security Command Center
- VPC Service Controls
- Cloud Armor
- IAM
- Data Loss Prevention (DLP)
- Infrastructure as Code (IaC)
- Terraform
- Ansible
- Containerization
- Kubernetes (GKE)
- Docker
- Istio
- Security & Compliance
- PCI DSS
- PCI PIN
- ISO 27001
- NIST CSF
- CIS Critical Security Controls
- Audit Expertise
- DLSAR
- SAR
- SOC2
- Risk Assessment
- Threat modeling
- Risk quantification
- Mitigation planning
- Architecture Planning
- Secure multi-cloud and hybrid architecture design
- Network segmentation
- VPC planning
- High-availability
- Disaster recovery solutions
- Programming & Automation
- Python
- Bash
- PowerShell
- CI/CD
- Jenkins
- GitLab
Personal Information
Title: Chief Information Security Officer (CISO)
Certification
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- PCI Professional (PCIP)
- PCI PIN Security Implementer
- ISO 27001 Lead Implementer
- Google Professional Cloud Security Engineer
Accomplishments
- Successfully implemented and maintained PCI DSS and PCI PIN compliance programs for payment systems.
- Achieved ISO 27001 certification within stringent timelines for multiple organizations.
- Designed a GCP architecture plan reducing cloud-related risks by 40% through optimized VPC and IAM configurations.
- Conducted DLSAR audits, achieving full regulatory compliance with no significant findings.
- Led risk reduction initiatives resulting in a 30% improvement in overall security posture.
Technicalskills
Google Cloud Platform (GCP), AWS, Azure, Cloud Security Command Center, VPC Service Controls, Cloud Armor, IAM, Data Loss Prevention (DLP), Terraform, Ansible, Kubernetes (GKE), Docker, Istio, PCI DSS, PCI PIN, ISO 27001, NIST CSF, CIS Critical Security Controls, DLSAR, SAR, SOC2, Threat modeling, risk quantification, mitigation planning, Secure multi-cloud and hybrid architecture design, Network segmentation and VPC planning, High-availability and disaster recovery solutions, Python, Bash, PowerShell, Jenkins, GitLab
Timeline
Chief Information Security Officer (CISO)
iServeU
01.2024 - Current
Senior Cloud Architect
LDTech
09.2023 - 01.2024
Senior Cybersecurity Engineer
Quest Global
01.2013 - 09.2023
Datacenter Engineer
Reliance Telecommunications
06.2011 - 01.2013
Bachelor of Technology - Computer Science
VMDU
Similar Profiles
Shaswati SahuShaswati Sahu
Project Manager at iServeUProject Manager at iServeU
BIKASH RANJAN MOHAPATRABIKASH RANJAN MOHAPATRA
Software Engineer III at ISERVEU Technology Pvt LtdSoftware Engineer III at ISERVEU Technology Pvt Ltd
Ranjit Kumar SahooRanjit Kumar Sahoo
Software Engineer-1 at ISERVEU TECHNOLOGY PRIVATE LIMITEDSoftware Engineer-1 at ISERVEU TECHNOLOGY PRIVATE LIMITED
Kartikey PandeyKartikey Pandey
Curriculum Developer - Logical Reasoning & Mathematics at Kidway Education Pvt. Ltd.Curriculum Developer - Logical Reasoning & Mathematics at Kidway Education Pvt. Ltd.
GAUTAM VATSGAUTAM VATS
Junior Research Fellow at National Bureau of Plant Genetic Resources (NBPGR)Junior Research Fellow at National Bureau of Plant Genetic Resources (NBPGR)