Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Vinay Puntambekar

Pune

Summary

Proven Senior Security Engineer with a robust background in application security and risk management, notably at FINTECH. Excelled in enhancing enterprise security through innovative threat modeling and vulnerability management. Demonstrated leadership in driving security solutions and improvements, achieving significant risk reduction. Skilled in fostering stakeholder collaboration and delivering results with precision and efficiency.

Overview

11
11
years of professional experience
1
1
Certification

Work History

Senior Security Engineer

Mastercard
04.2022 - Current
  • Assess effectiveness of security controls such as- data protection, IAM, detective controls, infrastructure/network security, incident response. Work on identifying and driving implementation of appropriate controls, processes, and remediation of noncompliance.
  • Work with stakeholders to design and document the conceptual and detailed designs of security solutions.
  • Lead the development of security standards, reference architectures, patterns, and guidelines.
  • Create and review threat models using Visio Studio.
  • Contribute automated security scanning tools (SCA, SAST, DAST, etc.) into the CI/CD pipeline and assist with triage and risk assessment of results.
  • Review current and proposed integrations between MC infrastructure and third party SaaS platforms and integrations partners/clients. Assist Security Risk team with risk assessments of these platforms and integrations and the IAM team with any required service accounts, API keys, etc.

Cybersecurity Specialist

Boeing
11.2021 - 04.2022
  • Conducted security assessments and made recommendations for disaster recovery, remote access, network appliances, servers and directory services security.
  • Work with Various Project managers to work on the Risk and Compliance part.
  • Analyzed existing network and application architectures, presenting findings on possible enhancements and improvements to senior decision-makers.
  • Conducted security audits to identify vulnerabilities.
  • Recommend improvements in security systems and procedures.

Security Specialist

FIS
11.2018 - 11.2021
  • Engage with team members to assess flawed root causes and plan for remediation. Design and develop cloud focused security standards and procedures. Such as SIEM, IAM, Account management (SSO, SAML).
  • Perform Regular firewall rule reviews to help identify network security weaknesses with the help of Firemon and Tufin before abuse and allow rules to be updated as needed to address technology changes or new threats.
  • Guided periodic property safety inspections and oversaw remedial action to identified potential hazards
  • Ensure compliance controls are in place to determine security effectiveness. Managed information system regulatory compliance to meet updated guidelines.
  • Coordinate with security team members to conduct security analysis of cloud environments including prospective and existing workloads in Recommend improvements in security systems and procedures.
  • Performed risk analyses following NIST, CIS, ISO27001, CSA Framework to identify. appropriate security countermeasures.
  • Perform and manage externally hosted/3rd party applications Risk Assessments as per process documents.
  • Assist with the firm wide PCI DSS compliance program and provide end-to-end control oversight, assurance of compliance with requirements of the Data Security Standard, as well as risk and issue management and analysis.
  • Work with various departments to improve detection of security threats and breaches. Generated security documentation, including: security assessment reports, system security plans, contingency plans.

Senior Security Analyst

FIS
10.2016 - 10.2018
  • Provided safety reports and data analysis to building managers to inform security processes.
  • Completed vulnerability scans to identify at-risk systems and remediate issues.
  • Outlined and maintained security patching schedule to efficiently address ongoing system issues.
  • Encrypted data and erected firewalls to protect confidential information.
  • Migration of the firewalls.
  • Administered and maintained user access controls, processes, and procedures to prevent unauthorized access, modification, or misuse of resources.
  • Obtain an understanding of technology and information systems deployments at FIS and provide recommendations to enhance corporate security policy.
  • Installed and maintained commercial firewall solution, working with security vendors to consistently apply best practices and software updates.

Senior Security Engineer

Vodafone
10.2015 - 11.2016
  • Reviewed violations of computer security procedures and developed mitigation plans. Incident management: - End to end management of customer networks and providing rapid response to the raised queries. Add or delete changes on the network as per standard change process.
  • Manage Escalated Issues with the customers Manage configuration and implementation of Juniper SRX, Checkpoint and Cisco ASA firewalls.
  • Managing ACL internet routers, Troubleshooting and resolve complex Data issues. Interact and advice customer on technical issues.
  • Installed and maintained commercial firewall solution, working with security vendors to consistently apply best practices and software updates.
  • Created standardized incident response program to outline immediate and consistent remediation of security breaches.

Network Engineer

Cubix Micro Systems Ind.Pvt.Ltd
08.2013 - 11.2015
  • Conducted security assessments and made recommendations for disaster recovery, remote access, network appliances, servers and directory services security.
  • Provided firewall and VPN management, security and incident response.
  • Provided complete end-to-end engineering and installation of route-based IP network solutions.
  • Performed troubleshooting for Juniper, Cisco and packet analysis.
  • Completed efficient and effective troubleshooting of complex multi-vendor network service provider issues.
  • Provided detailed technical documentation, including network diagrams, process flow charts and procedural guidelines.
  • Analyzed existing network and application architectures, presenting findings on possible enhancements and improvements to senior decision-makers.
  • Installed and configured network security solutions such as VPNs, Firewalls and intrusion detections and mitigation tools.

Education

Bachelor of Computer Applications - Computer Application

Sinhagad College
Pune, India
05.2012

Diploma in E/TC - E/TC

MIT
Pune
06.2008

Skills

  • Application Security
  • Threat Modelling
  • Risk management
  • Vulnerability management
  • Data security
  • Enterprise security
  • Threat Modelling
  • API Security
  • SAST, DAST
  • PCIDSS

Certification

  • CISSP
  • PCI-DSS
  • JNCIS-Sec

Timeline

Senior Security Engineer

Mastercard
04.2022 - Current

Cybersecurity Specialist

Boeing
11.2021 - 04.2022

Security Specialist

FIS
11.2018 - 11.2021

Senior Security Analyst

FIS
10.2016 - 10.2018

Senior Security Engineer

Vodafone
10.2015 - 11.2016

Network Engineer

Cubix Micro Systems Ind.Pvt.Ltd
08.2013 - 11.2015

Bachelor of Computer Applications - Computer Application

Sinhagad College

Diploma in E/TC - E/TC

MIT
  • CISSP
  • PCI-DSS
  • JNCIS-Sec

Similar Profiles

  • Faith Oluwayomi Bello

    Faith Oluwayomi BelloFaith Oluwayomi Bello

    Forage Internship at MasterCardForage Internship at MasterCard

    View Profile
  • Sunil Banyal

    Sunil BanyalSunil Banyal

    Software Engineer II at MastercardSoftware Engineer II at Mastercard

    View Profile
  • Viviane Lacerda

    Viviane LacerdaViviane Lacerda

    Specialist, Product Operations at MastercardSpecialist, Product Operations at Mastercard

    View Profile
Vinay Puntambekar