Experience

• 

  Veritas technologies llc

  May 2011 - Jun 2014

  Led security testing, design, and architecture initiatives, focusing on enhancing the security posture of enterprise solutions.Conducted comprehensive vulnerability assessments and penetration testing, identifying critical security flaws.Designed robust security architectures aligned with industry standards, ensuring compliance with best practices.Collaborated with cross-functional teams to implement security controls and remediate identified risks.Utilized tools and techniques for security testing, ensuring the integrity and confidentiality of data. Show less Managed NetBackup Management Console: OpsCenter, overseeing configuration and maintenance of backup environments.Executed manual testing, including smoke, functionality, usability, compatibility, regression, install/upgrade, and comparison testing.Developed and designed test cases for various functional areas, ensuring comprehensive coverage across different modules.Installed and configured NetBackup servers, robots, drives, and tapes, creating backup and restore jobs for functional testing.Analyzed logs, identified bugs, and retested after fixes using the Etrack Defect Tracking tool.Simulated customer environments based on escalation analysis, creating realistic testing setups.Performed install/upgrade testing on multiple platforms, including Solaris, SUSE, Redhat, AIX, and Windows. Show less

  • Security Consultant

    Sept 2013 - Jun 2014

  • ASQA

    May 2011 - Sept 2013
• 

  Druva

  Jul 2014 - Jun 2022

  Cyber security advisor

  Led IT security implementations and comprehensive security audits for enterprise-level clients and engineering teams, ensuring robust security postures.Conducted and managed NIST, PCI DSS, SOC 2audits, driving compliance and safeguarding organizational data.Delivered targeted security awareness training programs, enhancing the cybersecurity literacy of internal teams.Executed detailed risk assessments to identify, analyze, and mitigate potential threats, adding significant value to the organization’s security strategy.Performed AWS Security and Compliance assessments, ensuring cloud environments adhered to industry standards.Spearheaded Cloud Security assessments and audits, reinforcing the integrity of cloud infrastructure.Deployed Cloud Security Posture Management (CSPM) tools, optimizing cloud configurations to prevent security vulnerabilities.Reviewed Vulnerability Assessment and Penetration Testing (VAPT) reports, driving continuous improvement in security defenses. Show less

• 

  Pwc

  May 2022 - Mar 2023

  External security consultant

  Risk Assessment & Mitigation:Conducted comprehensive risk assessments, identifying vulnerabilities and threats across IT infrastructure and data systems.Analyzed potential security incidents' impact, assessing the likelihood and developing robust risk mitigation strategies.Prioritized security efforts based on thorough risk analysis, significantly reducing exposure to potential cyber threats.Compliance Management:Ensured adherence to critical regulations and industry standards, including GDPR, HIPAA, ISO 27001, and NIST.Developed and maintained compliance policies, procedures, and documentation, enabling the organization to meet stringent cybersecurity and data protection requirements.Led audits and compliance checks, resulting in successful certification renewals and minimized compliance risks. Show less

• 

  Seccomply

  Mar 2023 - now

  Founder & principal advisor

  As the Founder & Principal Advisor at SecComply, I lead comprehensive cybersecurity consulting initiatives for global startups, fintech firms, banks, and manufacturing industries. With expertise in cybersecurity strategy, data privacy, and regulatory compliance, I have successfully delivered over 100+ projects, significantly enhancing the digital security frameworks of diverse organizations.My role involves:Cybersecurity Consulting: Providing tailored cybersecurity strategies and solutions to mitigate risks and protect critical assets.Data Privacy Management: Ensuring compliance with international data protection regulations like GDPR, HIPAA, and ISO 27001.Risk Assessment & Mitigation: Conducting thorough risk assessments to identify and prioritize security vulnerabilities.Regulatory Compliance: Advising on and implementing industry-standard compliance frameworks (e.g., NIST, PCI-DSS).Client Engagement: Collaborating closely with clients to deliver customized security solutions that align with their business objectives. Show less