SOUPTIK SAHA
Kolkata
Summary
Highly skilled and dedicated Security Engineer with 3.5+years of experience in designing, implementing, and managing secure cloud environments. Always looking for an opportunity to leverage my expertise in cloud security, risk assessment, DevOps methodologies, automation and software development to enhance organizational security posture to protect critical data and infrastructure in a dynamic organization
Overview
5
5
years of professional experience
8080
8080
years of post-secondary education
7
7
Certifications
3
3
Languages
Work History
Cloud Security Engineer/ DevSecOps Engineer
TOYOTA CONNECTED INDIA
11.2021 - Current
- Currently working with the TCIN CYBERSECURITY team as a security engineer with experience in various cloud platforms (AWS, Azure, GCP) on handling the infrastructure security with proper implementation of cloud security guardrails.
- Worked with Toyota Kirloskar Motors(TKM) on their Connected Car sustenance project where I was responsible for strengthening the vulnerability management process, identifying and remediating over critical vulnerabilities within SLAs, and reducing potential attack surface inside connected car ecosystem.
- Worked with Toyota Connected Europe (TCEU) as a cloud security specialist for fixing cloud misconfigurations using Terraform to enhance security and compliance.
- Built a high performance Cloud Engineering Team that operates with a culture of business and customer centricity by providing technical leadership and direction for cloud infrastructure and security design
- Experience in setting up AWS guardrails services like Security Hub, Config, Guardduty, Organisation SCPs, Macie, Inspector and Access Analyser across multiple accounts at the org level. Designed secure VPC architectures and implemented encryption strategies to protect sensitive data in transit and at rest. Performed incident response and guided cross-functional teams on secure AWS architecture best practices to reduce risks and meet compliance goals.
- Experience in designing and implementing secure cloud infrastructure using modern tools like Infrastructure as Code (IaC) and AWS Cloud Formation.Familiarity with intrusion detection systems, security information and event management (SIEM) solutions. Implemented infrastructure-as-code (IaC) using tools like Terraform, enabling automated and consistent provisioning of secure cloud environments.
- Worked with Toyota Kirloskar Motors(TKM) on their Connected Car sustenance project where I was responsible for strengthening the vulnerability management process, identifying and remediating over critical vulnerabilities within SLAs, and reducing potential attack surface inside connected car ecosystem
. - Enhanced cloud security posture by implementing automated compliance checks, ensuring 100% alignment with organization and regulatory security standards. Collaborated cross-functionally to monitor and secure multi-cloud environments, securing 50+ workloads across AWS and Azure by enforcing least-privilege access and conducting routine risk assessments.
- Developed actionable security reports, improving leadership visibility into system vulnerabilities and cloud compliance. Conducted monthly security assessments of connected car findings, identifying and mitigating critical security risks that improved system reliability.
- Collaborated with development and operations teams to identify security requirements and integrate security controls into the development lifecycle. Implemented secure CI/CD pipelines using GitLab CI/CD, enabling rapid and reliable application deployments.
- Collaborated with development and operations teams to integrate security practices into the DevOps pipeline, promoting a culture of security throughout the organization.
- Monitor and respond to security incidents by participating in 24x7 oncall rotations and coordinate with cross-functional teams to mitigate risks and minimize impact.
- Designed and implemented AWS-based infrastructure solutions, including VPCs, EC2 instances, S3 buckets, and RDS databases, resulting in improved scalability, cost optimization and security.
- Conducted regular security audits and implemented best practices for securing cloud resources, including IAM roles, security groups, and encryption mechanisms.
- Worked on cost-optimisation strategies/efforts for Infosec team by reducing AWS infrastructure costs by 20% through resource right-sizing and reducing log ingestion cost inside sentinel by 30-40%.
- Designed and implemented secure cloud architectures for multiple teams, ensuring compliance with industry standards and regulatory requirements.
- Developed and documented cloud security policies, procedures, and guidelines for the organization.
- Implemented and managed security controls such as identity and access management, encryption, and network security across cloud environments.
- Conducted security audits and provided recommendations for improving the overall security posture of cloud environments.
- Conducted vulnerability assessments to identify security weaknesses and implemented appropriate controls to mitigate risks using tools like Orca Security, Cloudguard, Prisma Cloud and Alert Logic.
- Configured security baselines including Patching status incident scanning and also configured RBAC controls for security integration in Devops Life cycle.
- Taken part in cloud migration activities and helped product teams in migrating accounts from Azure to AWS.
- Worked on SAST deployment using SonarQube as part of the DevSecOps initiative, integrating SAST, IaC, and secret scanning into a secure pipeline. Enhanced code security by integrating automated SAST scanning into the development lifecycle, ensuring early identification of vulnerabilities.
Associate Consultant, Data Engineer
Ernst And Young GDS
06.2021 - 10.2021
- Have worked with the EY GDS DNA Technology Consulting Insurance practice team. As a data engineer worked on a POC project on azure platform for an US-based Insurance client where my responsibilities includes designing and developing Azure Pipelines using linked services/datasets/azure key vaults to extract, transform and load (ETL) data to and from different sources like ADLS, blob storage, azure SQL, Datawarehouses(like snowflake), azure sql databases
- Also worked on powerful reporting tools like Power BI for creating strong reports for business analysis
SDE Intern
JPMorgan Chase & Co
03.2020 - 04.2020
- The Virtual Internship consisted of 3 different task involved in:
- Establishing financial data feeds
- Front end web development
- Data visualization with perspective
- I had the opportunity to assist with some development to add a dataset chart to a trader’s dashboard allowing them to better identify under/over- valued stocks. I also used JPMorgan Chase's frameworks and tools to develop a React app.This app is used for data visualization so that there can be a proper understanding of the given stocks.The app gives the users/traders to have a complete picture of all the trading strategies being monitored.It also uses TypeScipt which displays an assortment of live and historical data at their workstation.
Education
M.Tech - Cloud Computing
Birla Institute Of Science And Technology
B.Tech - COMPUTER SCIENCE ENGINEERING
SRM Institute Of Science And Technology
ISC - Science
Calcutta Boys' School
ICSE -
Calcutta Boys' School
Skills
Programming Skills: C/C, Python
CSPM Tool: Orca Security, CloudGuard (Dome9), Alert Logic, Twistlock
CI/CD Security: SAST (SonarQube), Dependency scanning (Trivy), Secret Scan (Orca & Trufflehog)
DevOps Tools and Technologies: Git, GitLab/Github, CI/CD, IaC (Terraform CloudFormation), Docker, Kubernetes
undefinedCertification
AWS Associate Solution Architect
Accomplishments
- PRESENTED TECHNICAL PAPER ON “USER CENTRIC AND COLLABORATIVE MOVIE
RECOMMENDATION SYSTEM UNDER CUSTOMISED PLATFORM” AT THE IEEE INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND COMMUNICATION
Timeline
Cloud Security Engineer/ DevSecOps Engineer
TOYOTA CONNECTED INDIA
11.2021 - Current
Associate Consultant, Data Engineer
Ernst And Young GDS
06.2021 - 10.2021
SDE Intern
JPMorgan Chase & Co
03.2020 - 04.2020
M.Tech - Cloud Computing
Birla Institute Of Science And Technology
B.Tech - COMPUTER SCIENCE ENGINEERING
SRM Institute Of Science And Technology
ISC - Science
Calcutta Boys' School
ICSE -
Calcutta Boys' School
Similar Profiles
Michel VirjhyMichel Virjhy
Response Specialist at Toyota ConnectedResponse Specialist at Toyota Connected
Nikhil ChallagullaNikhil Challagulla
IOS Team Lead at Toyota ConnectedIOS Team Lead at Toyota Connected
Brittany StricklandBrittany Strickland
Technical Support Advisor at Toyota ConnectedTechnical Support Advisor at Toyota Connected
Ankita Kumari RajakAnkita Kumari Rajak
Associate Engineer, Fibre and Network Delivery at BT ESERV INDIA PVT LTDAssociate Engineer, Fibre and Network Delivery at BT ESERV INDIA PVT LTD
Swati Parvatham GhoshSwati Parvatham Ghosh
Marketing Lead – SEO, Content & Social Media at No Nirvana DigitalMarketing Lead – SEO, Content & Social Media at No Nirvana Digital