Diligent CISO / Head Cyber Security with strong background in information security leadership. Successfully implemented cybersecurity strategies and risk management protocols for large-scale organizations. Demonstrated expertise in threat analysis and incident response.
KEY ACHIEVEMENTS
Cybersecurity & Risk Management
Ø Architected security governance frameworks for Indian Bank, Mahindra Finance, CRISIL, and CAMS, aligning with business risk appetites.
Ø Implemented risk assessment models and enhanced the security posture of Indian Bank, Mahindra Financial Services, CAMS, CRISIL, and clients of Satyam, SISA, and E-Security audit.
Ø Creating a risk assessment framework based on the risk appetite of the organization Risk-based approach for application adoption as applied to off-the-shelf applications and in-house developed applications for Indian Bank, Mahindra Finance, and the clients of Satyam and CRISIL.
Ø Designed secure IT infrastructure and architecture for banking and financial services, ensuring seamless regulatory compliance.
Ø Efficiently devised information strategies, governance, risk, and security architecture & portfolio management for the entire Mahindra Finance Service Sector, CRISIL, CAMS, and partly for the Indian Bank.
Leadership & Strategic Impact
Ø Functioned as CIO during the CIO’s absence at Mahindra Finance, leading digital security transformations.
Ø Spearheaded risk-based application security adoption for in-house and off-the-shelf applications.
Ø Established robust security policies and technology adoption frameworks, managing 60+ cybersecurity technologies.
Ø Been the voice to the board on Cyber Security matters and advised the board at Mahindra Financial Services, CAMS, and Indian Bank.
Regulatory Compliance & Audits
Ø Led security audits & compliance assessments for global financial organizations, ensuring adherence to PCI DSS, RBI, SEBI, and IRDA standards.
Ø Reviewed and optimized data center (DC), disaster recovery (DR), network, ATM, and SWIFT architectures for the Indian Bank.
Ø Led PCI DSS & patch management projects for GE Capital & Money, ensuring secure transactions.
Technology Innovation & Implementation
Ø Revamped the entire network architecture & design for the Mahindra Financial Services Sector.
Ø Core strength in technology has aided my progress as a fast-changing, disruptive technological innovator and adopter of the latest and disruptive technologies, be it on-prem or the cloud, with ML & AI being the latest traction. I adopted close to sixty technologies in the Cybersecurity and network arena for the Mahindra Financial Services Sector.
Ø Architected the Application Security life cycle and IT Risk, security strategy consulting for various clients in Petrochem, Retail, and financial services domains across the globe for Satyam.
Ø Reviewed the DC, DR, Network, ATM, and Swift architectures that connected to external agencies, government, and cooperative banks for the Indian Bank
Technologies adopted
Ø Data Loss Prevention, End-user system Protection, Zero-Trust Architecture
Ø Network Access Control, Privileged Access Management, TACACS+
Ø Web Proxy
Ø Network Monitoring
Ø Nextgen Firewalls, Web Application Firewalls
Ø EDR, UEBA
Ø SIEM, SOAR, and NBAD
Ø Anti-APT
Ø AI & ML Deep learning-based Network Threat Analytics, Deception technology
Technology Innovation & Implementation
Ø Led enterprise-wide cloud security implementations, integrating AI-driven threat intelligence.
Ø Implemented HSM (Hardware Security Module) in 2006, one of the earliest deployments in banking.
Ø Designed Geographical Visibility & Control Architecture, presented at the IT Sec Conference, LV, USA.
Process
Ø Consulted ISMS, BCP\DRP for the clients of Satyam, SISA, and E-Security Audit, which included RFP assessment, proposal writing, and defense.
Ø Actively implemented ISMS/OCTAVE, penetration testing, vulnerability assessment, Firewalls, IDS/IPS assessment, and Business development end-to-end for clients of SISA & E-Security Audit.
Ø Performed software License compliance review/audit on behalf of BSA/NASSCOM, system integration, security management, and assessment of IT infrastructure and network components for clients of SISA & E-Security Audit.