Gary Sandhu

Experience

• 

  GPS Industries

  Jun 2007 - Feb 2009

  IT Manager / Senior Systems Administrator

  I led a team responsible for providing infrastructure support and managing security incident response at a national call center. We conducted investigations, implemented cybersecurity policies, and successfully established a robust infrastructure with enhanced security defenses.As part of this effort, I devised a strategic plan and executed the deployment of a national VPN using Cisco ASA firewall technology. This initiative securely interconnected all sites, creating a cohesive network infrastructure for the organization. Show less

• 

  Fortinet

  Nov 2009 - Jan 2016

  Product Manager / Security Systems Architect / Dev QA

  Over a six-year tenure, I provided leadership across a multifaceted role, skillfully leveraging the Fortinet Security Fabric to establish enterprise-level architectural testing environments. Demonstrating expertise, I led the integration of security measures within complex infrastructures. As a leader within the design and development team for Fortiauthenticator, a central identity, access, and authentication security device, I played a pivotal role in executing complex software enhancements and ensuring their effective integration. This leadership contribution propelled the advancement of this multi-million dollar product. Show less

• 

  PAI Health

  Jan 2018 - Sept 2018

  Data Protection Officer / Information Security Analyst

  I offered specialized consultation in a DevOps environment, leading the entire compliance project from start to finish. This project covered the classification of sensitive data, PHI, and PII, full GDPR control enforcement, and a comprehensive data impact assessment, resulting in zero compliance breaches. Additionally, I played a key role in developing a comprehensive cybersecurity program and successfully securing GDPR compliance certification for the enterprise. Furthermore, I conducted thorough security assessments of our AWS infrastructure, identifying vulnerabilities and potential risks, and subsequently implemented robust security controls to enhance data confidentiality, integrity, and the availability of services and data. Show less

• 

  Zenabis Global Inc.

  Jan 2019 - Mar 2020

  IT Manager, Cybersecurity and Compliance

  I spearheaded the establishment of the IT Security and Compliance department, where I orchestrated the recruitment, training, and supervision of a dynamic team comprising four skilled individuals. This initiative aimed at formulating and implementing a strategic network security program throughout the organization resulted in a significant enhancement of cybersecurity measures, regulatory compliance adherence, risk mitigation strategies, and operational continuity. In developing a strategic plan, I conducted a comprehensive assessment, taking ownership of regulatory requirements and aligning security services across all information technology departments. Throughout this process, I provided executive stakeholders with valuable guidance and strategically built and led a cohesive team, ensuring the successful execution of our cybersecurity and compliance objectives. Show less

• 

  Long View Systems

  Dec 2020 - Nov 2021

  Senior Security Solutions Architect / Cloud Security Engineer

  As a client-facing cloud security architect, I conducted security assessments and collaborated with various organizations to develop and implement robust cybersecurity strategies. This included orchestrating cloud security solutions for IaaS, SaaS, and PaaS, implementing identity and access management systems, and utilizing user entity behavior analytics to detect anomalies. I also contributed to system design decisions related to security using Microsoft Security Products (AZ-500 / MS-500), all with the primary aim of securing client cloud environments and supporting business growth. Show less

• 

  Fastloop

  Nov 2021 - Jun 2023

  Head of Cybersecurity and Privacy

  In a client-facing/internal leadership role, I leveraged my expertise in risk management to define a comprehensive strategy and guide the practical implementation of robust cybersecurity and privacy measures. This involved meticulous development of security protocols and guidelines, establishing a strategic foundation to shield information systems, networks, and crucial data from cyber threats. My approach prioritized compliance with privacy regulations and industry standards, solidifying trust in our commitment to asset protection.My contributions extended to championing strategic cybersecurity initiatives, where I translated specialized knowledge into the execution of security policies and actions. I possessed direct experience in intrusion prevention, detection processes, security threat-risk assessments, user endpoint security, and data leak protection. I played a pivotal role in crafting security architecture, ensuring clear communication of essential design elements to all involved teams.Additionally, I provided technical guidance to data analytics teams in implementing Google Cloud Platform (GCP) security services. I cultivated strong partnerships with enterprise clients, committed to the continuous improvement of our security posture through proactive measures, and remained updated on emerging threats and industry trends. Show less