IT Security Leader | 15+ Years | VAPT, SOC, DFIR, DevSecOps, ZeroTrust, GRC, AI/ML & Cloud Security

Experienced IT Security Leader

with 15+ years of comprehensive cybersecurity expertise spanning AI/ML Security, IT/OT/IoT Security, and enterprise security architecture across multinational organizations. Proven track record of implementing cutting-edge security solutions while driving operational excellence and regulatory compliance.

Core Expertise:

• AI/ML Security Innovation: Pioneered machine learning-based threat detection systems, reducing threat identification time by 78% and implementing AI security governance for GenAI deployments
• IT/OT/IoT Security: Designed comprehensive security architectures for hybrid environments, securing critical infrastructure and industrial control systems
• DevSecOps Leadership: Transformed secure software development lifecycles by embedding security automation in CI/CD pipelines, increasing deployment velocity by 60% while maintaining compliance
• Cloud Security Architecture: Architected Zero Trust implementations across AWS, Azure, and GCP environments with advanced IAM/PAM solutions managing 1,000+ privileged accounts

Technical Specializations:

• SOC/SIEM Operations: Led complete SOC transformation incorporating threat intelligence platforms and SOAR automation, reducing MTTD from 72 hours to 4 hours
• Vulnerability Assessment & Penetration Testing (VAPT): Directed comprehensive security assessments, red team exercises, and penetration testing programs following OWASP and SANS methodologies
• Threat Intelligence & Modeling: Implemented MITRE ATT&CK-based threat modeling and automated threat intelligence analysis using STRIDE, PASTA, and DREAD methodologies
• Application Security: Established secure coding practices and conducted extensive security testing for web, mobile, and API applications

Governance & Compliance:

• Risk Management: Built Enterprise Risk Management frameworks using FAIR methodologies, establishing third-party risk management programs that reduced vendor incidents by 35%
• GRC Leadership: Ensured compliance with ISO 27001, NIST CSF, SOC 2, PCI-DSS, GDPR, and other regulatory frameworks through comprehensive audit and control programs
• Incident Response: Redesigned incident response capabilities incorporating automated forensics and business continuity planning with executive-level tabletop exercises

Leadership Impact:

Successfully led global security teams across Asia, Europe, and the Middle East, mentoring security professionals and driving security awareness programs. Collaborated with C-suite executives to align cybersecurity strategies with business objectives, managing complex security projects within budget and timeline constraints while maintaining stakeholder engagement.