Ankit Mittal, Developer in Bengaluru, Karnataka, India
Ankit is available for hire
Hire Ankit

Ankit Mittal

Verified Expert  in Engineering

Cybersecurity Engineer and Developer

Location
Bengaluru, Karnataka, India
Toptal Member Since
November 10, 2021

Ankit is a cybersecurity expert with 15+ years of experience in cloud security, incident response, threat hunting and intelligence, forensics, malware analysis, endpoint security, SIEM, data protection, DevSecOps, networking, and vulnerability management. His expertise is backed by 15+ cybersecurity certifications from vendors such as ISC2, AWS, and Microsoft.

Portfolio

STMicroelectronics
Cloud Security, Audits, Data Protection, CISSP, DevSecOps, VAPT, Microsoft...
BT Group
Data Protection, Application Security, Security Architecture, Incident Response...
Orange Business Services
Incident Response, Malware Analysis, Cyber Threat Hunting, Audits, PCI DSS...

Experience

Availability

Part-time

Preferred Environment

Cybersecurity, Security Operations Centers (SOC), Data Protection, Endpoint Security, Cloud Security, Cyber Threat Hunting, Threat Intelligence, Vulnerability Management, IT Security, Infrastructure

The most amazing...

...projects I've delivered include building SOC from scratch for multiple customers and strategizing the transformation of workloads from on-premises to the cloud.

Work Experience

Staff Engineer

2015 - 2024
STMicroelectronics
  • Acted as the key digital transformation group member overseeing transitioning to the cloud in a hybrid approach and securitization in Azure and AWS.
  • Ran specific programs such as threat detection, content development, EDR transformation, cloud security, Okta security, SOPs for incident response, and security audit, including PCI-DSS, SOC 1/2, ISO27k, and GDPR.
  • Assisted the DevOps team in SSDLC, including threat modeling, penetration testing, and the zero-trust security model, and used the shift-left approach for CI/CD pipelines with Jenkins. Created a baseline for Windows, Mac, and Linux from a security standpoint.
  • Acted as the incident commandant reporting to the CISO. Conducted open-source and classified research on emerging and trending threats and vulnerabilities. Led complex projects cross-functionally and globally.
  • Led a team of cybersecurity professionals responsible for the architecture reviews, design, implementation, attack mitigation, and ongoing support of security systems of high complexity to fulfil business needs.
  • Rewrote the complete IR process, including the SOPs, playbooks, workbooks, and security automation, and mapped the use cases with security frameworks such as MITRE ATT&CK.
  • Managed threat intelligence, threat hunting (IOC vs. TTP), forensics, data protection (DLP), EDR, email security, cloud security, malware analysis, and reverse engineering.
  • Reduced the blast radius from a cloud security perspective and managed the cloud security posture assessment. Oversaw the vulnerability management program and prioritization of vulnerabilities.
  • Gained experience in AWS native tools, including AWS VPC, AWS IAM, EC2, subnets, networking, CloudTrail, GuardDuty, Macie, Inspector, and Security Hub, along with Okta implementation.
  • Used Zscaler, Netskope, Palo Alto, McAfee, and Symantec. Along with DLP, I have strong experience in CASB, Zero Trust, Shadow IT, etc.
Technologies: Cloud Security, Audits, Data Protection, CISSP, DevSecOps, VAPT, Microsoft, Amazon Web Services (AWS), Frameworks, Cyber Forensics, Threat Intelligence, Cyber Threat Hunting, Azure, Strategy, Cloud, Data Transformation, Security, CISO, Cloud Architecture, Cisco Routers, Azure Network Security Groups, Leadership, Cloudflare, Web Security, Datadog, Monitoring, Prisma, Single Sign-on (SSO), Auth, SharePoint, System Center Configuration Manager (SCCM), System Administration, Windows Server, VM, Hyper-V, Windows, Container Security, Container Orchestration, Amazon EKS, Secure Containers, VLANs, Tanium, File Servers, CCNA, CCNP, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco AnyConnect, FirePower, Duo 2FA, Microsoft 365, Identity & Access Management (IAM), Azure Key Vault, Web App Security, Google Workspace, DDoS, AWS ALB, AWS CLI, VMware, Business Continuity & Disaster Recovery (BCDR), Data Loss Prevention (DLP), Cisco, Palo Alto Networks, CrowdStrike, Endpoint Detection and Response (EDR), DevOps, Data Privacy, Compliance, Amazon Virtual Private Cloud (VPC), VPN, Architecture, AWS IAM, Networks, Virtual Private Servers, Network Engineering, Okta, Amazon S3 (AWS S3), Security Audits, IT Networking, IP Routing, IP Networks

Senior Security Specialist

2012 - 2015
BT Group
  • Acted as the shift operations manager for specific customers, including LBG, PepsiCo, Philips, Novartis, and Nestlé.
  • Deployed the SOC for multiple customers, including Dixon and Mars. Provided consultancy services to several customers from SOC and security architecture perspectives.
  • Oversaw the POC for any new tool and technology. Collaborated with the presales team to onboard new customers.
  • Onboarded multiple use cases in SIEM tools to enhance threat detection capabilities. Conducted multiple open-source and classified research projects on emerging and trending threats and vulnerabilities.
  • Used a number of tools and technologies, including SIEM, WAF, DLP, IPS, IDS, firewall, proxy, FireEye APT, AV, REMnux, DDoS, Proofpoint, Wireshark, Burp Suite, PAM, ATT&CK framework, OWASP Top 10, Python, Nipper, and HLD/LLD.
  • Ran specific programs such as threat detection, content development, EDR transformation, cloud security, Okta security, SOPs for incident response, and security audit, including PCI DSS, SOC 1/2, ISO27K, and GDPR.
Technologies: Data Protection, Application Security, Security Architecture, Incident Response, PKI, Cryptography, Audits, Email Security, IT Security, Infrastructure, Network Operation Centers (NOC), SecOps, SIEM, User and Entity Behavior Analytics (UEBA), Security, CISO, Check Point, Cisco Routers, Monitoring, Single Sign-on (SSO), Auth, System Center Configuration Manager (SCCM), System Administration, Windows Server, Windows, VLANs, Cisco Switches, CCNA, CCNP, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco AnyConnect, RADIUS, FirePower, Duo 2FA, Microsoft 365, Identity & Access Management (IAM), Azure Key Vault, Web App Security, Google Workspace, DDoS, AWS ALB, AWS CLI, VMware, Business Continuity & Disaster Recovery (BCDR), Cybersecurity, Data Loss Prevention (DLP), Cisco, Palo Alto Networks, CrowdStrike, Endpoint Detection and Response (EDR), DevOps, Data Privacy, Compliance, Amazon Virtual Private Cloud (VPC), VPN, Architecture, AWS IAM, Networks, Virtual Private Servers, Network Engineering, Okta, Amazon S3 (AWS S3), Security Audits, IT Networking, IP Routing, IP Networks

Security Engineer

2010 - 2012
Orange Business Services
  • Investigated the abnormal events, classified the potential security breaches, raised the security incident alerts, performed the technical and management escalation, and implemented the second-level mitigation action to confirm security incidents.
  • Led the risk and vulnerability assessments and systems security audits of the servers and provided support in clearing the discrepancies according to PCI-DSS and ISO 27001.
  • Performed host-based forensics and managed the threat intelligence program, hunting program, and DLP data protection program to secure sensitive data.
  • Oversaw creating the SOC matrix data for the management as a shift lead.
Technologies: Incident Response, Malware Analysis, Cyber Threat Hunting, Audits, PCI DSS, Threat Intelligence, ISO 27001, SecOps, Threat Modeling, Threat Detection, IT Security, Infrastructure, Email Security, Application Security, Vulnerability Management, Software Development Lifecycle (SDLC), Security, CISO, Check Point, Cisco Routers, Networking, System Administration, VLANs, Cisco Switches, CCNA, CCNP, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco AnyConnect, RADIUS, FirePower, Duo 2FA, Azure Key Vault, Web App Security, DDoS, Cybersecurity, Data Loss Prevention (DLP), Cisco, Palo Alto Networks, CrowdStrike, Endpoint Detection and Response (EDR), DevOps, Data Privacy, Compliance, Amazon Virtual Private Cloud (VPC), VPN, Architecture, AWS IAM, Networks, Virtual Private Servers, Network Engineering, Okta, Amazon S3 (AWS S3), Security Audits, IT Networking, IP Routing, IP Networks

Security Analyst

2008 - 2010
HCL Technologies
  • Managed the cyber project outsourced by the National Informatics Center for the Indian Government, including the Ministry of External Affairs, Prime Minister, Ministry of Home Affairs, all states, and Bhawan.
  • Deployed multiple tools for day-to-day operations, including the Check Point and Cisco firewalls, Blue Coat proxy, Trend Micro and MacAfee AV, netForensics (SIEM), MacAfee IDS/IPS, and Snort.
  • Updated the security patches and vulnerabilities, manually hunted for IOCs using security tools, and responded to the security alerts.
  • Performed audits of security tools and created security dashboards for specific platforms.
Technologies: Endpoint Security, IT Security, Infrastructure, Incident Response, Application Security, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, Software Development Lifecycle (SDLC), SecOps, Vulnerability Management, Check Point, Cisco Routers, Networking, VLANs, Cisco Switches, CCNA, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco AnyConnect, RADIUS, FirePower, Duo 2FA, Cybersecurity, Cisco, Palo Alto Networks, Data Loss Prevention (DLP), Networks, Virtual Private Servers, Network Engineering, Okta, Amazon S3 (AWS S3), Security Audits, IT Networking, IP Routing, IP Networks

Enterprise Security Architecture

My role in this project was to rearchitect the design for B2B and SOA platforms and add security layers considering defense-in-depth—firewalls, IPS/IDS, DLP, WAF, VAPT, and DMZ. I also created the security dashboards through the internal auditing of systems and servers, including vulnerabilities, configuration hardening, and penetration test findings, and I remediated all findings.

Cloud Journey—Blast Radius Project

During the migration of our workloads to the Cloud, the goal was to minimize the impact of a possible failure and have no dependencies on other products. It mainly included failures due to security incidents, human error, and environmental factors.

Vulnerability Assessment and Penetration Testing (VAPT)

Conducted VAPT testing using the OWASP methodology; this included vulnerability management for the pharmaceutical and semiconductor companies.
Technologies: Nmap, Nessus and Tenable, Qualys, Metasploit framework, Snort, IPsec, burp-suite, Kali Linux, and Wireshark.

SOC Reboot

The aim was to operationalize and institutionalize the process for SOC activities such as log ingestion, SOPs, playbooks, automation, and content development, map the use cases with security frameworks, and standardize responses across the organization.

Audits—ISO27k , ISO27701, SOC 1 & 2, PCIDSS, etc.

Single point of contact for external auditors, specific to SOC and security engineering teams, including technical controls related to endpoint security, VAPT, SIEM, SOAR, data protection, data privacy, infrastructure controls, etc.

Languages

RAPID, SQL, Python

Libraries/APIs

RADIUS, Auth

Tools

Amazon Virtual Private Cloud (VPC), VPN, AWS IAM, Prisma, System Center Configuration Manager (SCCM), Hyper-V, FirePower, Duo 2FA, Azure Key Vault, AWS CLI, VMware, Splunk, Sentinel, OpenVPN, Amazon Elastic Container Service (Amazon ECS), IBM QRadar, YARA, Snort, Terraform, Amazon CloudWatch, Wireshark, Tcpdump, Amazon Athena, Azure Network Security Groups, Amazon EKS

Paradigms

DevSecOps, DDoS, HIPAA Compliance, Automation, Penetration Testing, DevOps, Deep Packet Inspection (DPI)

Platforms

Linux, Amazon Web Services (AWS), QualysGuard, SharePoint, Windows Server, Windows, AWS ALB, Azure, Google Cloud Platform (GCP), Microsoft, Web, Amazon EC2, Unix, Kubernetes

Industry Expertise

Cybersecurity, Network Security

Storage

Azure Cloud Services, Datadog, Amazon S3 (AWS S3)

Other

Security Operations Centers (SOC), Infrastructure, Incident Response, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, SecOps, Malware Analysis, Audits, PCI DSS, ISO 27001, Threat Modeling, Threat Detection, SIEM, User and Entity Behavior Analytics (UEBA), CISSP, IT Security, Identity & Access Management (IAM), Security Engineering, Networking, Architecture, Subnet, Cisco, Network Engineering, Virtual Private Servers, Networks, Documentation, IPv4, IP Networks, IP Routing, CCNP Security, Technical Leadership, Technical Hiring, Interviewing, Team Management, Cloud, Task Analysis, Vulnerability Assessment, PCI, FortiGate, Fortinet Firewall Configuration, Splunk Enterprise Security, Cisco Routers, DNS Configuration, System Administration, SonicWall, VM, Container Security, VLANs, Cisco Switches, Tanium, Infrastructure as Code (IaC), CI/CD Pipelines, CCNA, CCNP, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco AnyConnect, Microsoft 365, Web App Security, Data Loss Prevention (DLP), Data Protection, Endpoint Security, Cloud Security, Cyber Threat Hunting, Threat Intelligence, Vulnerability Management, Data Transformation, APIs, Palo Alto Networks, FedRAMP, Juniper, IPv6, Source Code Review, CA Network & Systems Management (NSM), Single Sign-on (SSO), Container Orchestration, Secure Containers, File Servers, Google Workspace, Business Continuity & Disaster Recovery (BCDR), Application Security, Software Development Lifecycle (SDLC), Email Security, Security Architecture, PKI, Cryptography, Network Operation Centers (NOC), VAPT, Frameworks, Cyber Forensics, Strategy, Vendor Management, MDR, ATT&CK, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Security Automation, Information Security, Risk Management, Disaster Recovery Plans (DRP), OWASP Top 10, Web Security, Virtualization, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Routing, Check Point Certified Security Administrator (CCSA), CPA, Red Hat Certified System Administrator (RHCA), Red Hat Certified Engineer (RHCE), System-on-a-Chip (SoC), NetFlow, DNS, Bro Logs, IDS/IPS, TTP, IoC, NIST, Near-field Communication (NFC), CrowdStrike, Endpoint Detection and Response (EDR), SOC 2, Security, Data Privacy, Compliance, Zero-day Vulnerabilities, ISO 27701, Okta, Amazon Route 53, Cloudflare, Security Audits, API Gateways, AWS Transit Gateway, Cloud Infrastructure, DNS Servers, IT Networking, Dynamic Host Configuration Protocol (DHCP), Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), Web Application Firewall (WAF), Load Balancers, TCP/IP, SSL, Transport Layer Security (TLS), Security Testing, Dynamic Application Security Testing (DAST), Check Point, F5 Networks, CISO, Cloud Architecture, Leadership, Monitoring

Frameworks

COBIT, Windows PowerShell

2004 - 2008

Bachelor's Degree in Electronics and Communication

ITM College - Gurugram, India

SEPTEMBER 2019 - PRESENT

Splunk Fundamentals

Splunk

FEBRUARY 2019 - PRESENT

AWS Certified Security—Specialty

Amazon

FEBRUARY 2019 - PRESENT

Carbon Black Associate Analyst and Threat Hunter

VMware

JUNE 2018 - PRESENT

Certified Information Systems Security Professional

ISC2

MARCH 2018 - PRESENT

Microsoft Certified: Azure Security Engineer Associate

Microsoft

FEBRUARY 2014 - PRESENT

Certified Ethical Hacker

EC-Council

NOVEMBER 2013 - PRESENT

Check Point Certified Security Administrator

Check Point

NOVEMBER 2013 - PRESENT

Check Point Certified Security Expert

Check Point

NOVEMBER 2013 - PRESENT

Check Point Certified Managed Security Expert

Check Point

MARCH 2013 - PRESENT

Blue Coat Certified Proxy Administrator

Blue Coat Systems

MARCH 2013 - PRESENT

Blue Coat Certified Proxy Expert

Blue Coat Systems

APRIL 2011 - PRESENT

Red Hat Certified System Administrator

Red Hat

APRIL 2011 - PRESENT

Red Hat Certified System Expert

Red Hat

NOVEMBER 2010 - PRESENT

Cisco Certified Security Professional

Cisco

APRIL 2009 - PRESENT

Trend Micro Certified Professional

Trend Micro

MARCH 2009 - PRESENT

CCNA Security

Cisco

FEBRUARY 2009 - PRESENT

CCNA

Cisco

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring