Verified Expert in Engineering
Cybersecurity Engineer and Developer
Ankit is a cybersecurity expert with 14 years of experience in Cloud Security, incident response, threat hunting and intelligence, forensics, malware analysis, endpoint security, SIEM, data protection, DevSecOps, networking, and vulnerability management. His expertise is backed by 15+ cybersecurity certifications from vendors such as ISC2, AWS, and Microsoft. Ankit is currently working on a few projects related to cloud and cybersecurity.
Cybersecurity, Security Operations Centers (SOC), Data Protection, Endpoint Security, Cloud Security, Cyber Threat Hunting, Threat Intelligence, Vulnerability Management, Infrastructure, IT Security, Incident Response
The most amazing...
...projects I've delivered include building SOC from scratch for multiple customers and strategizing the transformation of workloads from on-premises to the cloud.
Information Security Officer
- Acted as the incident commandant reporting to the CISO. Conducted open-source and classified research on emerging and trending threats and vulnerabilities. Led complex projects cross-functionally and globally.
- Led a team of cybersecurity professionals responsible for the design, implementation, attack mitigation, and ongoing support of security systems of high complexity to fulfill the business needs.
- Rewrote the complete IR process, including the SOPs, playbooks, workbooks, and security automation, and mapped the use cases with security frameworks such as MITRE ATT&CK.
- Managed threat intelligence, threat hunting (IOC vs. TTP), forensics, data protection, EDR, email security, cloud security, malware analysis, and reverse engineering.
- Reduced the blast radius from a cloud security perspective and managed the cloud security posture assessment. Oversaw the vulnerability management program and prioritization of vulnerabilities.
- Led the company-wide deployments of multiple security products to secure all resources, infrastructure, applications, and storage. Created 30+ use cases with security automation capabilities.
- Worked completely on AWS cloud and maintained the current infrastructure from a security perspective.
- Gained experience in AWS native tools, including AWS VPC, AWS IAM, EC2, subnets, networking, CloudTrail, GuardDuty, Macie, Inspector, and Security Hub, along with Okta implementation.
Sonic Healthcare Services Pty
- Established the process for the maturity of the vulnerability management program.
- Migrated Tenable SC to Tenable.io and Tenable On-prem tool to a cloud solution.
- Implemented Tenable AD from scratch, preventing AD attacks in real time, and applied AD security posture management.
- Managed the SOC and security engineering team, which included leading and mentoring over 13 security experts and meeting business goals. Acted as the incident commandant of the Indian region.
- Acted as the key member of the digital transformation group that oversaw transitioning to the cloud in a hybrid approach and securitization in Azure.
- Ran specific programs such as threat detection, content development, EDR transformation, cloud security, Okta security, SOPs for incident response, and security audit, including PCI-DSS, SOC 1/2, ISO27k, and GDPR.
- Assisted DevOps team in SSDLC, including threat modeling, penetration testing, zero-trust security model, and using the shift-left approach for CI/CD pipelines with Jenkins. Created a baseline for Windows, Mac, and Linux from a security standpoint.
Senior Security Specialist
- Acted as the shift operations manager for specific customers, including LBG, PepsiCo, Philips, Novartis, and Nestlé.
- Deployed the SOC for multiple customers, including Dixon and Mars. Provided consultancy services to several customers from SOC and security architecture perspectives.
- Oversaw the POC for any new tool and technology. Collaborated with the presales team to onboard new customers.
- Onboarded multiple use cases in SIEM tools to enhance threat detection capabilities. Conducted multiple open-source and classified research projects on emerging and trending threats and vulnerabilities.
- Used a number of tools and technologies, including SIEM, WAF, DLP, IPS, IDS, firewall, proxy, FireEye APT, AV, REMnux, DDoS, Proofpoint, Wireshark, Burp Suite, PAM, ATT&CK framework, OWASP Top 10, Python, Nipper, and HLD/LLD.
Orange Business Services
- Investigated the abnormal events, classified the potential security breaches, raised the security incident alerts, performed the technical and management escalation, and implemented the second-level mitigation action to confirm security incidents.
- Led the risk and vulnerability assessments and systems security audits of the servers and provided support in clearing the discrepancies according to PCI-DSS and ISO 27001.
- Performed host-based forensics and managed the threat intelligence program, hunting program, and DLP data protection program to secure sensitive data.
- Oversaw creating the SOC matrix data for the management as a shift lead.
- Managed the cyber project outsourced by the National Informatics Center for the Indian Government, including the Ministry of External Affairs, Prime Minister, Ministry of Home Affairs, all states, and Bhawan.
- Deployed multiple tools for day-to-day operations, including the Check Point and Cisco firewalls, Blue Coat proxy, Trend Micro and MacAfee AV, netForensics (SIEM), MacAfee IDS/IPS, and Snort.
- Updated the security patches and vulnerabilities, manually hunted for IOCs using security tools, and responded to the security alerts.
- Performed audits of security tools and created security dashboards for specific platforms.
Enterprise Security Architecture
Cloud Journey—Blast Radius Project
Vulnerability Assessment and Penetration Testing (VAPT)
Technologies: Nmap, Nessus and Tenable, Qualys, Metasploit framework, Snort, IPsec, burp-suite, Kali Linux, and Wireshark.
Audits—ISO27k , ISO27701, SOC 1 & 2, PCIDSS, etc.
RAPID, SQL, Python
Amazon Virtual Private Cloud (VPC), VPN, AWS IAM, Prisma, System Center Configuration Manager (SCCM), Hyper-V, Splunk, Sentinel, OpenVPN, Amazon Elastic Container Service (Amazon ECS), IBM QRadar, YARA, Snort, Terraform, Amazon CloudWatch, Wireshark, Tcpdump, Amazon Athena, Azure Network Security Groups, Amazon EKS
Linux, Amazon Web Services (AWS), QualysGuard, SharePoint, Windows Server, Windows, Azure, Google Cloud Platform (GCP), Microsoft, Web, Amazon EC2, Unix, Kubernetes
Cybersecurity, IT Security, Network Security, Security
Security Operations Centers (SOC), Infrastructure, Incident Response, SecOps, Security Engineering, Architecture, Subnet, Cisco, Network Engineering, Virtual Private Servers, Networks, Documentation, IPv4, IP Networks, IP Routing, CCNP Security, Technical Leadership, Technical Hiring, Interviewing, Team Management, Cloud, Task Analysis, Vulnerability Assessment, PCI, FortiGate, Fortinet Firewall Configuration, Splunk Enterprise Security, Cisco Routers, DNS Configuration, SonicWall, VM, Container Security, VLANs, Cisco Switches, Tanium, Data Protection, Endpoint Security, Cloud Security, Cyber Threat Hunting, Threat Intelligence, Vulnerability Management, Malware Analysis, Data Transformation, APIs, Palo Alto Networks, FedRAMP, Juniper, IPv6, Source Code Review, System Administration, CA Network & Systems Management (NSM), Single Sign-on (SSO), Container Orchestration, Secure Containers, Application Security, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, Software Development Lifecycle (SDLC), Audits, PCI DSS, ISO 27001, Threat Modeling, Threat Detection, Email Security, Security Architecture, PKI, Cryptography, Network Operation Centers (NOC), SIEM, User and Entity Behavior Analytics (UEBA), CISSP, VAPT, Frameworks, Cyber Forensics, Strategy, Vendor Management, MDR, ATT&CK, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Security Automation, Information Security, Risk Management, Disaster Recovery Plans (DRP), Identity & Access Management (IAM), OWASP Top 10, Web Security, Virtualization, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Routing, Networking, Check Point Certified Security Administrator (CCSA), CPA, Red Hat Certified System Administrator (RHCA), Red Hat Certified Engineer (RHCE), System-on-a-Chip (SoC), NetFlow, DNS, Bro Logs, IDS/IPS, TTP, IoC, NIST, Near-field Communication (NFC), CrowdStrike, Endpoint Detection and Response (EDR), SOC 2, Data Privacy, Compliance, Zero-day Vulnerabilities, ISO 27701, Okta, Amazon Route 53, Cloudflare, Security Audits, API Gateways, AWS Transit Gateway, Cloud Infrastructure, DNS Servers, IT Networking, Dynamic Host Configuration Protocol (DHCP), Open Shortest Path First (OSPF), BGP, Web Application Firewall (WAF), Load Balancers, TCP/IP, SSL, Transport Layer Security (TLS), Security Testing, Dynamic Application Security Testing (DAST), Check Point, F5 Networks, CISO, Cloud Architecture, Leadership, Monitoring
COBIT, Windows PowerShell
HIPAA Compliance, DevSecOps, Automation, Penetration Testing, DevOps, Deep Packet Inspection (DPI)
Datadog, Amazon S3 (AWS S3)
Bachelor's Degree in Electronics and Communication
ITM College - Gurugram, India
Carbon Black Associate Analyst and Threat Hunter
AWS Certified Security—Specialty
Certified Information Systems Security Professional
Microsoft Certified: Azure Security Engineer Associate
Certified Ethical Hacker
Check Point Certified Security Administrator
Check Point Certified Security Expert
Check Point Certified Managed Security Expert
Blue Coat Certified Proxy Administrator
Blue Coat Systems
Blue Coat Certified Proxy Expert
Blue Coat Systems
Red Hat Certified System Administrator
Red Hat Certified System Expert
Cisco Certified Security Professional
Trend Micro Certified Professional