Kshitiz Kohli (KK)

Experience

• 

  Nordstrom

  Aug 2012 - Feb 2013

  Software Engineer/System Administrator

  Worked as a Linux/Unix administrator on both project and steady-state operation activities, supporting 600+ virtual machines.Turned off services to remediate firewall issues for unsecured ports as part of the PCI audit response.Deployed 200 identical VMs using VMware vSphere templates at a rapid pace within two weeks.Upgraded Xymon, a tool for monitoring the availability of servers and applications, in both test and production environments.Created and updated System Administrators documentation. Show less

• 

  Deutsche Bank

  Feb 2013 - Aug 2013

  Software Engineer/System Administrator

  Linux/Unix administrator, responsible for deploying physical and virtual infrastructure and production support of 50,000+ servers. Installed, configured, managed, and maintained various server operating systems.Patched Linux and Unix hosts to install the latest updates and address security vulnerabilities.Participated in business continuity and disaster recovery exercises.Created onboarding documentation explaining the functionality & use of several tools to help new hires get acquainted with the environment as quickly as possible. Show less

• 

  Quest Diagnostics

  Sept 2013 - Dec 2014

  Software Engineer/System Administrator

  Windows/VMware administrator responsible for production support of 3000+ Windows servers and 300+ ESXi hosts and managing IT infrastructure deployment projects.Worked as a Windows resource in a company-wide Managed Print Services project.Worked on various projects to deploy & migrate Windows Server 2003 and 2008 servers, both virtual and physical.Managed and conducted the recovery of Active Directory in a DR exercise.Created audit reports for E&Y external audit requests Show less

• 

  EBay

  Dec 2014 - Jun 2017

  System Administrator/Analyst

  Transitioned from Systems Administrator to Solutions Architect within six months, driving collaboration with multiple business units to architect and design end-to-end infrastructure and web-based solutions. Validated that delivered solutions solved intended business objectives. Delegated tasks to the operations team resources for 3000+ compute server build requests, consistently meeting or exceeding established SLA by 20%.Worked on several information-security projects to mitigate the risk of exposed applications & services.Implemented rapid deployment of VMs using templates & post OS customization scripts, replacing Microsoft SCCM OSD provisioning process.Led a team of several system administrators across the globe which played a key role in meeting the deadline for the eBay and PayPal split.Redesigned the server request process to make it technically accurate & efficient for an overall better & fluid customer experience.Improved the post deployment asset tracking process to make it consistent and saving ~15 minutes per server request.Increased cross-functional communication and relationship building to implement highly available solutions in primary data centers as well as smaller remote offices.Vetted server requests, designed solutions that meet the needs of the customers while adhering to company security policies.Collaborated with senior technical architects to define datacenter & remote office hardware standards.Managed hardware procurement from multiple vendors to ensure best value for the company.Created first level troubleshooting documentation & trained new sys-admins and solution architects. Show less

• 

  IBM

  Jul 2017 - Feb 2018

  System Administrator/Analyst

  Worked as a Windows/VMware administrator responsible for supporting development, QA, and production environments of 1,000+ Windows servers and 100+ ESXi hosts.Created Windows server 2008 and 2012 templates for rapid deployment of virtual machines.Deployed Windows server 2008 and 2012 VMs from templates.Migrated live virtual machines between hosts via VMware vMotion to eliminate application downtime from planned server maintenance.Performed P2V and V2V migrations using VMWare converter.Deployed ESXi 5.5 on HP rack mount and Dell VRTX servers. Show less

• 

  EBay

  Mar 2018 - Mar 2024

  Served as the Information Security point of contact, bridging technical and non-technical individuals across multiple engineering development, product, and business teams. Created proposals for and executed security roadmaps and cross-functional technical program management initiatives across geographies in a matrix organization, addressing cybersecurity, compliance, and privacy issues.Spearheaded IT security engineering focused projects by developing project schedules, identifying critical dependencies, monitoring progress, tracking risks to schedule and product quality, and taking required correctional steps to align with critical path, completing them an average of 15% ahead of schedule.Conducted reviews of existing & new solutions as a vital member of the Security Architecture Council, focusing on security functions such as Identity and Access Management (IAM), Privileged Access Management (PAM), network security, data classification, asset management, and vulnerability management, influencing the improvement of underlying technologies.Evaluated, questioned, and improved cross-functional processes, resulting in 25% faster security assessments, bolstering organizational efficiency and stakeholder management.Orchestrated cross-functional team efforts to detect and mitigate unauthorized external sharing of over 2000 files with PII data hosted in cloud platforms, protecting sensitive information exfiltration.Oversaw the effort to evaluate 200+ SaaS tools, proactively blocking 20% of them with inadequate terms of service and low confidence scores, preserving the confidentiality and ownership of company data.Championed the promotion of InfoSec data classification policy understanding by conducting 15+ awareness sessions, resulting in a 30% reduction in incidents of incorrect data classification. Show less Led the cloud security program with a portfolio of over 20 projects. Coordinated entire project and product lifecycles, including defining metrics, analysis, design, development, QA testing, implementation, and post-implementation activities. Fostered sustainable partnerships with distributed teams across time zones, operated with autonomy, and influenced without direct authority, delivering enhanced security.Led the delivery of a Cloud Access Security Broker (CASB) product by evaluating and selecting a vendor from among six contenders via a metrics-driven approach, ensuring seamless integration with existing infrastructure and improving incident detection & prevention capabilities by 50%.Defined security standards for 15+ Azure PaaS services, resulting in a 90% reduction in configuration vulnerabilities across the organization.Managed a pilot project for password-less logins for 500+ Windows laptops, leveraging mobile phone device proximity & biometrics to implement two-factor authentication, enhancing security, and improving user satisfaction by 50%.Created actionable epics and stories as a Scrum master to secure 1000+ Linux workstations by leading the development and launch of software built through a collaboration of internal teams and an external vendor, reducing help desk calls by 70% and enhancing compliance with internal security policies.Oversaw the deployment of vulnerability management solution on 2000+ Linux servers, identifying and mitigating 95% of critical vulnerabilities within the first three months.Managed the integration between Azure Adaptive Auth, Azure App Proxy, Ping ID, and 10+ internally hosted applications, making them externally available based on a user's risk profile. Assisted other project managers by working with stakeholders to gather & define requirements for various complex projects to bring clarity to the ask. Show less

  • TPM | Information Security Engineer, MTS 2

    Aug 2020 - Mar 2024

  • Technical Project Manager & System Analyst

    Mar 2018 - Aug 2020
• 

  TikTok

  Jun 2024 - now

  TPM, USDS Security Engineering & Data Defense