Security Architect
Quantiphi Analytics Limited
Total years of experience :12 years, 10 Months
Key Result Areas:
Working as Security Architect to optimise the solution based on Cost, Simplicity, Security and Resources.
Advised and collaborated with IT and business leaders to develop and implement layered security controls for protecting the privacy, confidentiality, integrity and availability of customer information, corporate data and networks.
Eliminated risks and achieved zero service disruption during various migration, coordinating with diverse teams from both organizations for results.
Responded to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation.
Developed organization-wide PCI-DSS policy to ensure compliance with requirements.
Created and reviewed the designs/architecture based on organisation security standards - Both On-premises and Cloud.
Define and implement technical cyber security standards in the region to maximize security infrastructure effectiveness and efficiency.
Implement and revamp cyber security processes and procedures to strengthen defense and incident response capabilities.
Conduct forensics investigations on cyber security incidents for management and regulatory reporting.
As part of Red team, identify vulnerabilities, weaknesses, and potential entry points that malicious hackers could exploit and proactively improve an organization's overall security posture by mimicking real-world attack scenarios.
Design and conduct cyber security risk assessments or tests to identify security exceptions and design practical compensating controls.
Create and review the designs/architecture based on best practises and compliance in AWS/Azure/GCP Cloud.
Manage customer expectation for challenging project and achieved customer satisfaction rate of 98%
Define, design, evaluate and maintain the enterprise IT Security Architecture
Lead and drive the development and implementation of the security architecture in accordance with the firm's technology roadmap.
Evangelize the benefits of architecture, accepted best practice techniques, standards and tools to the Group and external suppliers where necessary.
Work on the RFP/Qs for diverse client across the geography from the technical and delivery perspective
Providing guidance and trainings internally to the team and mentoring them to achieve their goals.
Key Result Areas:
Working as Cloud and Cyber Security Architect for one of the largest Bank in UK
Create and review the designs/architecture based on organisation Cyber Risk Posture
Work with the vendors and technical teams to remediate the risk poses to the customers.
Manage customer expectation for challenging project and achieved customer satisfaction rate of 98%
Communicated the progress to both internal and external stakeholders.
Worked with Technical Team for Priority Cyber Incident and fault detection, identification and diagnosis.
Key Projects:
Zero Day Log4j Vulnerability:
o Project Details: Worked with Vendor and Internal security teams to implement remediation for Zero Day at war footing steps to prevent all the environment.
o Skills Used: Planning, Communication, Cloud (AWS, Azure, GCP, IBM ) Vendor Management, Proxy, On Prem, Firewall
o Status: Completed
Cloud Data Exfiltration Prevention:
o Project Details: Worked with Client and Internal security teams, vendors and cloud providers to implement ambitious complete cloud Exfiltration prevention across the environment.
o Skills Used: Planning, Communication, Cloud (AWS, Azure, GCP, IBM ) Vendor Management, Proxy, Firewall
o Status: In-progress
WSS Cloud Proxy Design and Deployment:
o Project Details: Found security issue in customer environment, prepared and presented technical solution with WSS Cloud proxy, worked with technical team to successfully deliver the solution
o Skill Used: WSS Proxy, Azure AD, Checkpoint and Network
o Status: Successfully Completed
Azure Virtual Desktop (AVD):
o Project Details: As a cyber security architect, reviewed and approved the design for AVD deployment to remediate the offshore VDI with AVD solution.
o Skills Used: Planning, Communication, Azure, Networking, Network Security, Azure, IT Compliance
o Status: In-progress
Garrison Isolation Appliance Design and Deployment:
o Project Details: Found gap in customer environment, presented technical solution for web isolation solution, worked with technical team to successfully deliver the solution
o Skill Used: Garrison Isolation Appliances, ADFS, Bluecoat Proxy, Checkpoint and Network
o Status: Successfully Completed
Awards and Achievements:
Bagged multiple Star of the Quarter and Star of the Month awards
Key Result Areas:
Working as a member of IT cyber security team and responsible to maintain cyber security posture for the HSBC infrastructure by managing network security devices like Routers, Firewall, WAF, IDS, Proxy, DLP, and monitoring tools like SIEM and Solarwinds
Communicated with Team members, senior management and client regarding technical details related to change or cyber incident in an understandable manner
Worked closely with the cyber security architect to complete multiple projects as per organisation requirement
Liaised with vendors regular basis to ensure that vulnerability management can be performed on the production environment
Key Projects:
Third Party Security Review ( TPSR )
o Project Details: Worked with vendors and third parties to periodically assess their security posture by completing the third party security review ( TPSR )
o Skill Used: IT compliance, Cyber Security Architect, Networking, Application and Network Security
o Status: Successfully Completed TPSR for 13 vendors and third party
Skybox
o Project Details: Skybox is one of the firewall assurance tool so reviewed, designed and deployed it as per the bank standards
o Skill Used: Tools, Networking, Application and Network Security
o Status: Successfully Completed Firewall Assurance Tool Deployment
Automation:
o Project Details: Automated manual tasks like Daily backup and health check-up, VPN reporting and other manual tasks
o Skills Used: Planning, Automation, Networking, Firewall, Load Balancer, Routing, Switching, IP networking
o Status: Successfully completed
Key Result Areas:
Working as part of network and security team and responsible to maintain network and security for the Mphasis infrastructure by managing customer’s network and security devices.
Worked closely with the design Team to implement multiple projects as per customer’s requirement.
Engaged 3rd party vendors to fix priority and escalated incidents.
Communicated with internally and clients regarding technical details related to change or incident in an understandable manner.
Key Projects:
Checkpoint Implementation and Upgradation
o Project Details: Worked with technical teams to Hardware replacement of End-of-life IPSO devices to new checkpoint appliances and upgradation of 460 firewalls from R77.30 to R81.
o Skill Used: Checkpoint Firewall, IP Networking, Routing, Switching
o Devices: Checkpoint Hardware appliances including 4200, 4400, 4600, 4800 and 5800
o Status: Successfully Completed
VPN Migration:
o Project details: Worked with implementation teams to migrate VPN from legacy an out-of-support Net Screen firewall to Checkpoint Firewalls
o Skills Used: Firewall (Checkpoint and Net screen ), Stakeholder co-ordination.
o Status: Successfully Completed
Awards and Achievements:
Bagged star of the Quarter Award for Automating repeating tasks
Key Result Areas:
Member of Network Security team and responsible for Planning, implementation, administration and automation for network security of critical customer environment as per organization requirement
Analysed the incidents and reported, provided advisories and recommendations to the clients to take appropriate measures.
Coordinating with clients and vendors regarding the latest threats and with third parties to resolve the potential threats.
Working with various teams within the company to identify and resolve the threats and incidents.
Develop and maintain information security operations documentation.
Completed changes as per ITIL standard which helps in improving the quality of work and builds trust with business.
Key Projects:
F5 Local Traffic Manager ( LTM ) and Global Traffic Manager ( LTM ) Implementation
o Project Details: Implemented Local Traffic Manager (LTM) and Global Traffic Manager (GTM) Solution for customer’s business-critical websites with global Ratio load balancing methods
o Skill Used: F5 LTM, GTM & ASM, Application Security, IP Networking, VPN, Load Balancing, DNS,
o Devices: F5 8900
o Status: Successfully Complete
Awards and Achievements:
Won the following awards:
o Star Performer of the Batch - TCS Initial Learning Program
o TCS Star of The Quarter (November 2012)