PROJECTS
#1: OSL Digital asset management platform:
Role: Cybersecurity Engineer and Manager
Key Responsibilities with OSL Digital Asset Management Platform:
⟢ Drive the delivery of strategic initiatives including the prioritization, delegation, reporting, and final delivery to ensure the Security Roadmap objectives set by the CISO are met.
⟢ Implemented a cloud security posture management (CSPM) tool to automate the assessment and monitoring of security configurations using customized security policies and automated compliance checks, ensuring adherence to industry standards (e.g., CIS benchmarks, NIST guidelines).
⟢ Developed & implemented secure coding practices, application security frameworks, and vulnerability management processes through collaborative efforts with cross-functional teams, oversee security assessments, & ensure secure deployment of applications to enhance our security posture.
⟢ Analyze and decipher findings from on web/mobile applications penetration tests and security assessments, offering expert guidance on remediation and mitigation strategies to the business and suggesting measures for risk reduction before a new application is deployed in cloud.
⟢ Facilitate managing and responding to security incidents within the organization effectively.
⟢ Anchoring security in the software development lifecycle (SDLC) of an agile tech organization (application security requirements, SAST, DAST, vulnerability management, CI/CD security, training).
⟢ Perform and implement, continuously monitor security compliances and certification audits required for SOC 2 Security Certification.
⟢ Maintain up-to-date knowledge on cloud security, latest attacks and trends, vulnerabilities, mitigation strategies, and industry best practices and regulations.
Key Achievements with OSL Digital Asset Management Platform:
⟢ Designed & developed cloud security posture management, innovative security automation solutions, reducing manual efforts, cloud security risks by 65% due to misconfigurations & improving efficiency.
⟢ Conceptualized and developed security controls, improved cyber security defense, attack preparedness, incident response readiness, recovery procedures and contingency plan ensured compliance with industry standards and regulations and helped us to achieve SOC 2 Type 2 Security Certification.
#1: Mox Bank platform:
Role: Cloud DevSecOps Engineer and Lead
Key Responsibilities with Mox Bank Platform:
⟢ Provide key security input and innovation to the security direction related to the bank’s cloud strategy.
⟢ Provide support in vulnerability and patch management operation, including scheduling regular system and network infrastructure, applications systems, and endpoints vulnerability scanning, classify and prioritize findings, identify relevant risks and co-operate with relevant parties for remedy actions.
⟢ Implemented identity and access management (IAM) policies and role-based access controls (RBAC) to enhance the access control and compliant to regulations and achieved significant user productivity gains.
⟢ Implemented “Shift left” security as a shared responsibility using SNYK for detecting vulnerabilities throughout the SDLC.
⟢ Successfully designed and implemented a secure software development training program, increasing security awareness among developers, and reducing the number of security vulnerabilities in code.
⟢ Collaborated with development teams to implement secure deployment practices using Infrastructure as Code (IaC) tools and manage the Kubernetes ecosystem hosted in AWS Cloud using IaC.
⟢ Configure, maintain, analyze, and monitor SIEM systems to collect and correlate security logs and events, ensuring timely and accurate detection of security incidents.
⟢ Assist in regular cyber-attack simulation exercises and regular internal cyber security assessments to test the organization’s security controls sufficiency.
⟢ Participate in the 24x7 on-call support for incident response and mitigation workflows as needed.
⟢ Continuously validate new cloud and architecture services, Identify, and suggest improvements and work on it to make our Mox bank app better while still ensuring convenience, security, and high-quality service.
⟢ A Self-starter, striving to innovate and embrace a culture of continuous learning.
Key Achievements with Mox Bank Platform:
⟢ Implemented container security & vulnerability management program, infrastructure security automation, automated mundane security tasks achieved time savings and reduced the risk of potential breaches and human errors and inconsistencies by 80% resulting improvement of security measures of our cloud infrastructure.
⟢ Designed reliable continuous monitoring and alerting including comprehensive runbook. Developed SIEM dashboards helped us to ensure appropriate security logs are integrated into SIEM, aggregate & analyze activity from many different resources & guaranteeing comprehensive coverage. Then seamlessly embedded these processes into our Security Operations, creating a cohesive & efficient security framework.
⟢ Setup reliable monitoring and alerting, SIEM dashboards which helped us to aggregates and analyzes activity from many different resources.
#2: Acatus platform:
Role: Cloud DevSecOps Engineer and Lead
Key Responsibilities with Acatus Platform:
⟢ Lead our Organization’s Cybersecurity strategy and architecture to enable our business to achieve its strategic goals and objectives.
⟢ Continually building knowledge of best practice regarding cyber security preparedness and awareness techniques while ensuring continuity of service.
⟢ Establish Security policies, frameworks, SOPs and overseeing/leading the implementation, operations and transformation of SOC into NextGen SOC.
⟢ Proactively manage evolving cyber security risks and implementation of processes to detect, mitigate and respond.
⟢ Supporting management in decision making.
Key Achievements with Acatus Platform:
⟢ Automated security processes, reducing manual effort and improving incident response time by 40%.
⟢ Achieved 200,000€ savings for 2 years for architecting and migrating our Acatus platform to Microsoft Azure under the Azure Sponsorship program ensuring secure and seamless transitions.
#3: Robotics as a Service (RaaS):
Role: Cloud DevOps Engineer and Lead
Key Responsibilities with Robotics as a Service:
⟢ Perform regular vulnerability assessments & penetration testing to identify weaknesses in the infrastructure and applications. Coordinate with relevant teams to remediate vulnerabilities and track progress.
⟢ Provision of critical system security by leveraging best practices and prolific cloud security solutions.
⟢ Plan, research and design robust security application architectures and patterns for all projects.
⟢ Identifying, introducing, and improving security controls in B2B apps compute, platform engineering, and cloud infrastructure disciplines.
⟢ Work independently as a self-starter, and within a team environment. Led a team in securing applications and cloud environments, driving innovation and problem-solving.
⟢ Advanced understanding of business technology drivers and their impact on architecture design, performance and monitoring, best practices and align security strategies with JPMC policies and objectives while maintaining compliance.
Key Achievements with Robotics as a Service:
⟢ Built a cloud security framework which enabled R&D team to design & deployment of multi-cloud infrastructure securely.
⟢ Participated in JPMC hackathon 2019 and helped an R&D team migrate and create a template for their application migration to the cloud and created a ‘one-click’ cloud deployment model. It became their first ever cloud deployment and provided a pathway for migrating the rest of their applications to the cloud.
⟢ Created ‘one-click’ cloud deployment model for robotics infrastructure to be fully integrated and at some point, fully migrated to the cloud.
#4: HomeCare, Small Cell Care and Provisioning (SCP) and UNIFIED BDD (UBDD)
Role: Security and DevSecOps Engineer and Lead
Key Responsibilities with HomeCare, SCP and UBDD:
⟢ Design, develop, manage the build, support and enable CI/CD pipelines to ship faster and reliable.
Work with RandD team to configure, deploy, automate cloud-based solutions using AWS cloud infrastructure with scalability, fail-over and security.
⟢ Develop and implement policies, standards, guidelines, and procedures regarding areas such as information security, cyber security, disaster recovery, loss and fraud prevention and privacy, emergency and incident responses.
⟢ Work with R&D team to configure, deploy, automate cloud-based solutions using AWS cloud infrastructure with scalability, fail-over and security best practices and design patterns.
⟢ Investigate and evaluate new tools and Cybersecurity tools chains focusing on continuous improvement.
⟢ Software Archiving of binaries, code & documents as required under NSA.
Key Achievements with HomeCare, SCP and UBDD:
⟢ Implemented security controls for container orchestration platform — Kubernetes to ensure secure deployment, service discovery, and access management.
⟢ Recommended for “Award of Excellence” for my contribution to HomeCare and other product development.
⟢ 91,000€ savings per year beginning with 2016 – The result is based on a survey considering three product teams. UBDD is now being used by more than ten teams and its reach and money saved is much more than what is estimated in the survey results.
⟢ Recommended for “Award of Excellence” for my contribution to HomeCare and other products development.
"Arise,awake and donot stop until the goal is reached."
Swami Vivekananda
“You have to grow from the inside out. None can teach you, none can make you spiritual. There is no other teacher but your own soul.”
Swami Vivekananda