Sunil Kulkarni
Chief Information Security Officer
Mumbai
Summary
With a comprehensive understanding of IT infrastructure, risk management, and information security standards and frameworks, possesses the expertise to make a significant impact in securing, designing, and implementing IT infrastructure. Knowledge in these areas allows to contribute to the development of future-proof strategies and architectures. By leveraging this broader and in-depth knowledge, able to provide a powerful combination of skills that enhance the overall effectiveness of any organization's IT infrastructure.
Overview
23
23
years of professional experience
4
4
Certifications
4
4
Languages
Work History
Vice President, CISO
Protean eGov Technologies Limited
08.2022 - Current
- Developed and implemented comprehensive information security strategies aligned with business objectives and risk tolerance.
- Led the development and maintenance of security policies, standards, and procedures.
- Provided strategic direction and guidance to executive leadership on cyber security matters.
- Conducted thorough risk assessments and threat modeling to identify and prioritize vulnerabilities.
- Developed and managed security budgets and resources.
- Ensured compliance with relevant laws, regulations, and industry standards (e.g., DPDP, RBI, MEITY, IRDAI, SEBI, CERT-In).
- Manage day-to-day operations of the security team, including incident response, threat hunting, and vulnerability management
- Built and maintained strong relationships with internal and external stakeholders, including legal, IT, and business leaders.
- Fostered a culture of security awareness and education across the organization
- Developed and implemented professional development plans for security team members.
- Motivated and inspired the security team to achieve organizational goals
CISO
Bajaj Allianz Life Insurance & Bajaj Housing Finance Limited
11.2018 - 07.2022
- Developed and implemented comprehensive information security strategies aligned with business objectives and risk tolerance.
- Provided strategic direction and guidance to executive leadership on cyber security matters.
- Conducted thorough risk assessments and threat modeling to identify and prioritize vulnerabilities.
- Manage day-to-day operations of the security team, including incident response, threat hunting, and vulnerability management
- Ensured compliance with relevant laws, regulations, and industry standards (e.g., DPDP, RBI, MEITY, IRDAI, SEBI, CERT-In).
- Built and maintained strong relationships with internal and external stakeholders, including legal, IT, and business leaders.
- Developed and implemented professional development plans for security team members.
- Motivated and inspired the security team to achieve organizational goals
General Manager - Lead - IT Security
AGS Transact Technologies Ltd.
04.2017 - 10.2018
- Developed and implemented comprehensive security controls as per PCI DSS, ISO 27001:2013 standard across in-scope locations, business process/functions
- Conducted thorough risk assessment for all in-scope locations, business process/functions
- Led the team to effectively managed IT Security operations and governance activities.
- Led the team to develop and review IT security policies, procedures, guidelines etc., from business perspective as and when required or at-least annually
- Manage day-to-day operations of the security team, such as WAF (Web Application Firewall), SIEM, SOC, PIM, FIM, DLP
- Led the team to support and review of IT DR/BCP Drills
Senior Manager - Business Information Security Officer
Reliance Capital
12.2014 - 04.2017
- Led the team for Implementation & Review of ISO 27001 27001:2013 standard across in-scope locations, business process/functions
- Developed and implemented comprehensive risk assessment for all in-scope locations, business process/functions
- Reviewed and analyzed Data flow analysis, Business impact analysis reports for all in-scope locations, business process/functions
- Developed and implemented comprehensive information security strategies aligned with business objectives and risk tolerance.
- Led the development and maintenance of security policies, standards, and procedures.
- Led the team for designing and implementing Information Security Awareness Programme
- Manage day to day operations which includes management and security operations of Information security initiatives such as WAF (Web Application Firewall), MDM, BYOD, SIEM, SOC, Incident Management and Monitoring which include DLP/User violations (Data Leakage Prevention), IPS (Intrusion Prevention System), Unauthorized access reviews, User Reviews, IT incidents (Virus, Proxy, Theft, server-level, backup)
- Led the team to support and review IT/BCP Drills
- Managed internal assurance audits for 3rd party vendors, in-scope branches, business process/functions
Manager Information Security
HDFCLife
04.2013 - 12.2014
- Management, IS Governance, Implementation of ISMS ISO 27001:2013 Standard (RA-RT, MOE)
- Management and Implementation of new Information security initiatives such as PIM (Privilege Identity Manager), Anti-APT (Advance Persistent Threat)
- Management and Monitoring of DLP (Data Leakage Prevention)
- Management of Security operations team (GSOC)
- Assurance Audits as per Audit plan
Senior Consultant - Network Security
ControlCase India
07.2010 - 04.2013
- Conducting PCI Data Security Standard (DSS) Pre-Assessment, Auditing & Certification for clients which include Banks, Merchants, and Service Providers
- Involved in ISO 27001/ BS7799:2005 Consulting Assignments
Senior Engineer - Security Management
Wipro Infotech
10.2007 - 07.2010
- Risk analysis/GAP Analysis on client's IT Infrastructure
- Technical/Process Audits on clients IT Infrastructure with reference to clients IT Security Policy & ISO 27001 ISMS Controls
- Web Applications Penetration Testing for clients
- Network & System Penetration Testing for clients
- Vulnerability Assessments & Management for clients
- Configuration Audit for Network & Security devices
- Configuration Audit for Windows & UNIX Operating Systems
- Provide Mentorship to regional engineers & Technical support on escalated technical calls
- SPOC for all new services like Physical Security & Security Compliance
- Develop in-house trainings to regional engineers
Senior Network Engineer
(n) Code Solutions Pvt. Ltd.
11.2004 - 09.2007
- Monitoring and managing Hardware/Network/Security operations
- Reporting suspected security violations and security breaches to the Network Manager
- Updating and installing patches to all network equipments including software and hardware
- Responsible for operations, maintenance and troubleshooting of network operations
- Monitoring back-up status, reporting and failures to concerned personnel
- Responsible for monitoring and reviewing uptime of Network equipments
- Performing an important role of CA-CP Admin for Entrust enable PKI Products/Devices, Sun Solaris Servers, this includes Installing, Configuring, Administration, Troubleshooting and Monitoring
- Performing Vulnerability Assessments and configuration checks/audits on Network/Systems/Security Devices
Network Engineer
Gujarat Info. Petro. Ltd.
11.2002 - 10.2004
- Company Overview: Present Organization is a Category A ISP, With OFC backbone & Microwave Connectivity, specializing in providing Internet connectivity's on cables, Services include Lease Line Solutions, IT Consultancy, Networking Solutions, Video Conferencing, VOIP, Web Hosting
- Troubleshooting and Maintenance of LAN and WAN networks
- Administering and monitoring wireless routers
- Adept at handling all types of IT consultancy that includes, IT projects
- Adept at handling and troubleshooting problems for all types of connectivity related devices like Layer 2 Switches, Hubs, Cisco Routers, Repeaters, Lease Line Modems (RAD, TAINET, ERRICSON)
- Interacting with customers and providing the necessary technical support
- Ensuring optimum connectivity's for Links and monitoring to detect any faults
- Present Organization is a Category A ISP, With OFC backbone & Microwave Connectivity, specializing in providing Internet connectivity's on cables, Services include Lease Line Solutions, IT Consultancy, Networking Solutions, Video Conferencing, VOIP, Web Hosting
Customer Support Executive
Technet-Online Pvt. Limited
10.2001 - 11.2002
- Company Overview: Present Organization is an ISP specializing in providing cable Internet connections using the MAN/LAN Technology
- Troubleshooting and Maintenance of LAN and MAN network
- Administering and monitoring wireless as well as PC routers
- Adept at handling and troubleshooting problems for all types of connectivity related devices like Switches, Hubs, Routers, and Repeaters
- Installation and configuration of All Windows/Linux based networks
- Interacting with customers and providing the necessary technical support
- Ensuring optimum data carrying capacity for cables and monitoring to detect any faults
- Present Organization is an ISP specializing in providing cable Internet connections using the MAN/LAN Technology
Education
Bachelors' in Commerce (BCOM) -
M. S. University
Masters in Business Administration (MBA) - undefined
MGU University
Diploma in Basic Electronics - undefined
Jetking School of Electronics
Certificate in Computing - undefined
Jetking School of Electronics
Diploma in Hardware and Networking - undefined
Jetking School of Electronics
Advanced Diploma in Networking - undefined
Jetking School of Electronics
Skills
Team leadership
Strategic planning
Coaching and mentoring
Decision-making
ISO 27001 : 2013 Governance
PCI DSS Auditing
IT General Controls Auditing
Information Security Risk Management
Vulnerability assessments
Penetration Testing
Certification
CISSP Certification - Certified Information Systems security professional, 04/24
Academicandotherprofessionalcourses
- PCI DSS QSA (Qualified Security Assessor), 10/11
- CEH (Certified Ethical Hacker) version 4.0 Certification, 12/04
- CCNA (Cisco Certified Network Associate), 05/02
- CNE, CAN (Certified Novell Engineer), 07/01
- McAfee Risk & Compliance Management Training Series, 07/09
- In-house training for ISO 27001:2005 Information Security Management System (ISMS) Implementations
- Bachelors' in Commerce (BCOM) from M. S. University, Baroda
- Masters in Business Administration (MBA) from MGU University, Meghalaya
Currentcompany
Protean eGov Technologies Limited
Altemailaddress
kulkarni78@gmail.com
Altcontactdetails
+919867818537
Personal Information
- Total Experience: 19+ Years (Information Security/BFSI - 12+ Yrs)
- Notice Period: 90 Days (Negotiable)
- Date of Birth: 07/23/78
Timeline
Vice President, CISO
Protean eGov Technologies Limited
08.2022 - Current
CISO
Bajaj Allianz Life Insurance & Bajaj Housing Finance Limited
11.2018 - 07.2022
General Manager - Lead - IT Security
AGS Transact Technologies Ltd.
04.2017 - 10.2018
Senior Manager - Business Information Security Officer
Reliance Capital
12.2014 - 04.2017
Manager Information Security
HDFCLife
04.2013 - 12.2014
Senior Consultant - Network Security
ControlCase India
07.2010 - 04.2013
Senior Engineer - Security Management
Wipro Infotech
10.2007 - 07.2010
Senior Network Engineer
(n) Code Solutions Pvt. Ltd.
11.2004 - 09.2007
Network Engineer
Gujarat Info. Petro. Ltd.
11.2002 - 10.2004
Customer Support Executive
Technet-Online Pvt. Limited
10.2001 - 11.2002
Masters in Business Administration (MBA) - undefined
MGU University
Diploma in Basic Electronics - undefined
Jetking School of Electronics
Certificate in Computing - undefined
Jetking School of Electronics
Diploma in Hardware and Networking - undefined
Jetking School of Electronics
Advanced Diploma in Networking - undefined
Jetking School of Electronics
Bachelors' in Commerce (BCOM) -
M. S. University