Ankit Mittal, Developer in Gurugram, Haryana, India
Ankit is available for hire
Hire Ankit

Ankit Mittal

Verified Expert  in Engineering

Cybersecurity Engineer and Developer

Location
Gurugram, Haryana, India
Toptal Member Since
November 10, 2021

Ankit is a cybersecurity expert with 14 years of experience in Cloud Security, incident response, threat hunting and intelligence, forensics, malware analysis, endpoint security, SIEM, data protection, DevSecOps, networking, and vulnerability management. His expertise is backed by 15+ cybersecurity certifications from vendors such as ISC2, AWS, and Microsoft. Ankit is currently working on a few projects related to cloud and cybersecurity.

Portfolio

Confidential
Cloud Security, IT Security, Cyber Threat Hunting, Threat Intelligence...
Sonic Healthcare Services Pty
Security, Certified Ethical Hacker (CEH), IT Security, Penetration Testing...
STMicroelectronics
Cloud Security, Audits, Data Protection, CISSP, DevSecOps, VAPT, Microsoft...

Experience

Availability

Full-time

Preferred Environment

Cybersecurity, Security Operations Centers (SOC), Data Protection, Endpoint Security, Cloud Security, Cyber Threat Hunting, Threat Intelligence, Vulnerability Management, Infrastructure, IT Security, Incident Response

The most amazing...

...projects I've delivered include building SOC from scratch for multiple customers and strategizing the transformation of workloads from on-premises to the cloud.

Work Experience

Information Security Officer

2019 - PRESENT
Confidential
  • Acted as the incident commandant reporting to the CISO. Conducted open-source and classified research on emerging and trending threats and vulnerabilities. Led complex projects cross-functionally and globally.
  • Led a team of cybersecurity professionals responsible for the design, implementation, attack mitigation, and ongoing support of security systems of high complexity to fulfill the business needs.
  • Rewrote the complete IR process, including the SOPs, playbooks, workbooks, and security automation, and mapped the use cases with security frameworks such as MITRE ATT&CK.
  • Managed threat intelligence, threat hunting (IOC vs. TTP), forensics, data protection, EDR, email security, cloud security, malware analysis, and reverse engineering.
  • Reduced the blast radius from a cloud security perspective and managed the cloud security posture assessment. Oversaw the vulnerability management program and prioritization of vulnerabilities.
  • Led the company-wide deployments of multiple security products to secure all resources, infrastructure, applications, and storage. Created 30+ use cases with security automation capabilities.
  • Worked completely on AWS cloud and maintained the current infrastructure from a security perspective.
  • Gained experience in AWS native tools, including AWS VPC, AWS IAM, EC2, subnets, networking, CloudTrail, GuardDuty, Macie, Inspector, and Security Hub, along with Okta implementation.
Technologies: Cloud Security, IT Security, Cyber Threat Hunting, Threat Intelligence, Strategy, Malware Analysis, Vendor Management, MDR, Audits, ATT&CK, Frameworks, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Data Protection, Security Automation, Amazon Web Services (AWS), NetFlow, DNS, Proxy Servers, YARA, Snort, Penetration Testing, Bro Logs, IDS/IPS, TTP, IoC, Python, Windows PowerShell, ISO 27001, PCI DSS, SOC 2, System-on-a-Chip (SoC), NIST, CISSP, Azure, Sentinel, Near-field Communication (NFC), CrowdStrike, Endpoint Detection and Response (EDR), DevOps, Identity & Access Management (IAM), Risk Management, Security Testing, Dynamic Application Security Testing (DAST), Security, CISO, Architecture, Amazon Athena, Cloud Architecture, Azure Network Security Groups, Leadership, Web Security, Datadog, Monitoring, Okta, Prisma, Kubernetes, Google Cloud Platform (GCP), Single Sign-on (SSO), Auth, SharePoint, System Center Configuration Manager (SCCM), Windows Server, VM, Hyper-V, Windows, Container Security, Container Orchestration, Amazon EKS, Secure Containers, Tanium

Cybersecurity Analyst

2023 - 2023
Sonic Healthcare Services Pty
  • Established the process for the maturity of the vulnerability management program.
  • Migrated Tenable SC to Tenable.io and Tenable On-prem tool to a cloud solution.
  • Implemented Tenable AD from scratch, preventing AD attacks in real time, and applied AD security posture management.
Technologies: Security, Certified Ethical Hacker (CEH), IT Security, Penetration Testing, Container Security, Container Orchestration, Amazon EKS, Secure Containers

Staff Engineer

2015 - 2019
STMicroelectronics
  • Managed the SOC and security engineering team, which included leading and mentoring over 13 security experts and meeting business goals. Acted as the incident commandant of the Indian region.
  • Acted as the key member of the digital transformation group that oversaw transitioning to the cloud in a hybrid approach and securitization in Azure.
  • Ran specific programs such as threat detection, content development, EDR transformation, cloud security, Okta security, SOPs for incident response, and security audit, including PCI-DSS, SOC 1/2, ISO27k, and GDPR.
  • Assisted DevOps team in SSDLC, including threat modeling, penetration testing, zero-trust security model, and using the shift-left approach for CI/CD pipelines with Jenkins. Created a baseline for Windows, Mac, and Linux from a security standpoint.
Technologies: Cloud Security, Audits, Data Protection, CISSP, DevSecOps, VAPT, Microsoft, Amazon Web Services (AWS), Frameworks, Cyber Forensics, Threat Intelligence, Cyber Threat Hunting, Azure, Strategy, Cloud, Data Transformation, Security, CISO, Cloud Architecture, Cisco Routers, Azure Network Security Groups, Leadership, Cloudflare, Web Security, Datadog, Monitoring, Prisma, Single Sign-on (SSO), Auth, SharePoint, System Center Configuration Manager (SCCM), System Administration, Windows Server, VM, Hyper-V, Windows, Container Security, Container Orchestration, Amazon EKS, Secure Containers, VLANs, Tanium

Senior Security Specialist

2012 - 2015
BT Group
  • Acted as the shift operations manager for specific customers, including LBG, PepsiCo, Philips, Novartis, and Nestlé.
  • Deployed the SOC for multiple customers, including Dixon and Mars. Provided consultancy services to several customers from SOC and security architecture perspectives.
  • Oversaw the POC for any new tool and technology. Collaborated with the presales team to onboard new customers.
  • Onboarded multiple use cases in SIEM tools to enhance threat detection capabilities. Conducted multiple open-source and classified research projects on emerging and trending threats and vulnerabilities.
  • Used a number of tools and technologies, including SIEM, WAF, DLP, IPS, IDS, firewall, proxy, FireEye APT, AV, REMnux, DDoS, Proofpoint, Wireshark, Burp Suite, PAM, ATT&CK framework, OWASP Top 10, Python, Nipper, and HLD/LLD.
Technologies: Data Protection, Application Security, Security Architecture, Incident Response, PKI, Cryptography, Audits, Email Security, Infrastructure, IT Security, Network Operation Centers (NOC), SecOps, SIEM, User and Entity Behavior Analytics (UEBA), Security, CISO, Check Point, Cisco Routers, Monitoring, Single Sign-on (SSO), Auth, System Center Configuration Manager (SCCM), System Administration, Windows Server, Windows, VLANs, Cisco Switches

Security Engineer

2010 - 2012
Orange Business Services
  • Investigated the abnormal events, classified the potential security breaches, raised the security incident alerts, performed the technical and management escalation, and implemented the second-level mitigation action to confirm security incidents.
  • Led the risk and vulnerability assessments and systems security audits of the servers and provided support in clearing the discrepancies according to PCI-DSS and ISO 27001.
  • Performed host-based forensics and managed the threat intelligence program, hunting program, and DLP data protection program to secure sensitive data.
  • Oversaw creating the SOC matrix data for the management as a shift lead.
Technologies: Incident Response, Malware Analysis, Cyber Threat Hunting, Audits, PCI DSS, Threat Intelligence, ISO 27001, SecOps, Threat Modeling, Threat Detection, IT Security, Infrastructure, Email Security, Application Security, Vulnerability Management, Software Development Lifecycle (SDLC), Security, CISO, Check Point, Cisco Routers, Networking, System Administration, VLANs, Cisco Switches

Security Analyst

2008 - 2010
HCL Technologies
  • Managed the cyber project outsourced by the National Informatics Center for the Indian Government, including the Ministry of External Affairs, Prime Minister, Ministry of Home Affairs, all states, and Bhawan.
  • Deployed multiple tools for day-to-day operations, including the Check Point and Cisco firewalls, Blue Coat proxy, Trend Micro and MacAfee AV, netForensics (SIEM), MacAfee IDS/IPS, and Snort.
  • Updated the security patches and vulnerabilities, manually hunted for IOCs using security tools, and responded to the security alerts.
  • Performed audits of security tools and created security dashboards for specific platforms.
Technologies: Endpoint Security, IT Security, Infrastructure, Incident Response, Application Security, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, Software Development Lifecycle (SDLC), SecOps, Vulnerability Management, Check Point, Cisco Routers, Networking, VLANs, Cisco Switches

Enterprise Security Architecture

My role in this project was to rearchitect the design for B2B and SOA platforms and add security layers considering defense-in-depth—firewalls, IPS/IDS, WAF, VAPT, and DMZ. I also created the security dashboards by internal auditing of systems and servers, including vulnerabilities, configuration hardening, and penetration test findings, and I remediated all findings.

Cloud Journey—Blast Radius Project

During the migration of our workloads to the Cloud, the goal was to minimize the impact of a possible failure and have no dependencies on other products. It mainly included failures due to security incidents, human error, and environmental factors.

Vulnerability Assessment and Penetration Testing (VAPT)

Conducted VAPT testing using the OWASP methodology; this included vulnerability management for the pharmaceutical and semiconductor companies.
Technologies: Nmap, Nessus and Tenable, Qualys, Metasploit framework, Snort, IPsec, burp-suite, Kali Linux, and Wireshark.

SOC Reboot

The aim was to operationalize and institutionalize the process for SOC activities such as log ingestion, SOPs, playbooks, automation, and content development, map the use cases with security frameworks, and standardize responses across the organization.

Audits—ISO27k , ISO27701, SOC 1 & 2, PCIDSS, etc.

Single point of contact for external auditors, specific to SOC and security engineering teams, including technical controls related to endpoint security, VAPT, SIEM, SOAR, data protection, data privacy, infrastructure controls, etc.

Languages

RAPID, SQL, Python

Tools

Amazon Virtual Private Cloud (VPC), VPN, AWS IAM, Prisma, System Center Configuration Manager (SCCM), Hyper-V, Splunk, Sentinel, OpenVPN, Amazon Elastic Container Service (Amazon ECS), IBM QRadar, YARA, Snort, Terraform, Amazon CloudWatch, Wireshark, Tcpdump, Amazon Athena, Azure Network Security Groups, Amazon EKS

Platforms

Linux, Amazon Web Services (AWS), QualysGuard, SharePoint, Windows Server, Windows, Azure, Google Cloud Platform (GCP), Microsoft, Web, Amazon EC2, Unix, Kubernetes

Industry Expertise

Cybersecurity, IT Security, Network Security, Security

Other

Security Operations Centers (SOC), Infrastructure, Incident Response, SecOps, Security Engineering, Architecture, Subnet, Cisco, Network Engineering, Virtual Private Servers, Networks, Documentation, IPv4, IP Networks, IP Routing, CCNP Security, Technical Leadership, Technical Hiring, Interviewing, Team Management, Cloud, Task Analysis, Vulnerability Assessment, PCI, FortiGate, Fortinet Firewall Configuration, Splunk Enterprise Security, Cisco Routers, DNS Configuration, SonicWall, VM, Container Security, VLANs, Cisco Switches, Tanium, Data Protection, Endpoint Security, Cloud Security, Cyber Threat Hunting, Threat Intelligence, Vulnerability Management, Malware Analysis, Data Transformation, APIs, Palo Alto Networks, FedRAMP, Juniper, IPv6, Source Code Review, System Administration, CA Network & Systems Management (NSM), Single Sign-on (SSO), Container Orchestration, Secure Containers, Application Security, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, Software Development Lifecycle (SDLC), Audits, PCI DSS, ISO 27001, Threat Modeling, Threat Detection, Email Security, Security Architecture, PKI, Cryptography, Network Operation Centers (NOC), SIEM, User and Entity Behavior Analytics (UEBA), CISSP, VAPT, Frameworks, Cyber Forensics, Strategy, Vendor Management, MDR, ATT&CK, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Security Automation, Information Security, Risk Management, Disaster Recovery Plans (DRP), Identity & Access Management (IAM), OWASP Top 10, Web Security, Virtualization, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Routing, Networking, Check Point Certified Security Administrator (CCSA), CPA, Red Hat Certified System Administrator (RHCA), Red Hat Certified Engineer (RHCE), System-on-a-Chip (SoC), NetFlow, DNS, Bro Logs, IDS/IPS, TTP, IoC, NIST, Near-field Communication (NFC), CrowdStrike, Endpoint Detection and Response (EDR), SOC 2, Data Privacy, Compliance, Zero-day Vulnerabilities, ISO 27701, Okta, Amazon Route 53, Cloudflare, Security Audits, API Gateways, AWS Transit Gateway, Cloud Infrastructure, DNS Servers, IT Networking, Dynamic Host Configuration Protocol (DHCP), Open Shortest Path First (OSPF), BGP, Web Application Firewall (WAF), Load Balancers, TCP/IP, SSL, Transport Layer Security (TLS), Security Testing, Dynamic Application Security Testing (DAST), Check Point, F5 Networks, CISO, Cloud Architecture, Leadership, Monitoring

Frameworks

COBIT, Windows PowerShell

Libraries/APIs

Auth

Paradigms

HIPAA Compliance, DevSecOps, Automation, Penetration Testing, DevOps, Deep Packet Inspection (DPI)

Storage

Datadog, Amazon S3 (AWS S3)

2004 - 2008

Bachelor's Degree in Electronics and Communication

ITM College - Gurugram, India

FEBRUARY 2021 - PRESENT

Carbon Black Associate Analyst and Threat Hunter

VMware

SEPTEMBER 2020 - PRESENT

Splunk Fundamentals

Splunk

FEBRUARY 2019 - PRESENT

AWS Certified Security—Specialty

Amazon

JUNE 2018 - PRESENT

Certified Information Systems Security Professional

ISC2

MARCH 2018 - PRESENT

Microsoft Certified: Azure Security Engineer Associate

Microsoft

FEBRUARY 2014 - PRESENT

Certified Ethical Hacker

EC-Council

NOVEMBER 2013 - PRESENT

Check Point Certified Security Administrator

Check Point

NOVEMBER 2013 - PRESENT

Check Point Certified Security Expert

Check Point

NOVEMBER 2013 - PRESENT

Check Point Certified Managed Security Expert

Check Point

MARCH 2013 - PRESENT

Blue Coat Certified Proxy Administrator

Blue Coat Systems

MARCH 2013 - PRESENT

Blue Coat Certified Proxy Expert

Blue Coat Systems

APRIL 2011 - PRESENT

Red Hat Certified System Administrator

Red Hat

APRIL 2011 - PRESENT

Red Hat Certified System Expert

Red Hat

NOVEMBER 2010 - PRESENT

Cisco Certified Security Professional

Cisco

APRIL 2009 - PRESENT

Trend Micro Certified Professional

Trend Micro

MARCH 2009 - PRESENT

CCNA Security

Cisco

FEBRUARY 2009 - PRESENT

CCNA

Cisco