Ankit Mittal
Verified Expert in Engineering
Cybersecurity Engineer and Developer
Ankit is a cybersecurity expert with 15+ years of experience in cloud security, incident response, threat hunting and intelligence, forensics, malware analysis, endpoint security, SIEM, data protection, DevSecOps, networking, and vulnerability management. His expertise is backed by 15+ cybersecurity certifications from vendors such as ISC2, AWS, and Microsoft.
Portfolio
Experience
Availability
Preferred Environment
Cybersecurity, Security Operations Centers (SOC), Data Protection, Endpoint Security, Cloud Security, Cyber Threat Hunting, Threat Intelligence, Vulnerability Management, IT Security, Infrastructure
The most amazing...
...projects I've delivered include building SOC from scratch for multiple customers and strategizing the transformation of workloads from on-premises to the cloud.
Work Experience
Staff Engineer
STMicroelectronics
- Acted as the key digital transformation group member overseeing transitioning to the cloud in a hybrid approach and securitization in Azure and AWS.
- Ran specific programs such as threat detection, content development, EDR transformation, cloud security, Okta security, SOPs for incident response, and security audit, including PCI-DSS, SOC 1/2, ISO27k, and GDPR.
- Assisted the DevOps team in SSDLC, including threat modeling, penetration testing, and the zero-trust security model, and used the shift-left approach for CI/CD pipelines with Jenkins. Created a baseline for Windows, Mac, and Linux from a security standpoint.
- Acted as the incident commandant reporting to the CISO. Conducted open-source and classified research on emerging and trending threats and vulnerabilities. Led complex projects cross-functionally and globally.
- Led a team of cybersecurity professionals responsible for the architecture reviews, design, implementation, attack mitigation, and ongoing support of security systems of high complexity to fulfil business needs.
- Rewrote the complete IR process, including the SOPs, playbooks, workbooks, and security automation, and mapped the use cases with security frameworks such as MITRE ATT&CK.
- Managed threat intelligence, threat hunting (IOC vs. TTP), forensics, data protection (DLP), EDR, email security, cloud security, malware analysis, and reverse engineering.
- Reduced the blast radius from a cloud security perspective and managed the cloud security posture assessment. Oversaw the vulnerability management program and prioritization of vulnerabilities.
- Gained experience in AWS native tools, including AWS VPC, AWS IAM, EC2, subnets, networking, CloudTrail, GuardDuty, Macie, Inspector, and Security Hub, along with Okta implementation.
- Used Zscaler, Netskope, Palo Alto, McAfee, and Symantec. Along with DLP, I have strong experience in CASB, Zero Trust, Shadow IT, etc.
Senior Security Specialist
BT Group
- Acted as the shift operations manager for specific customers, including LBG, PepsiCo, Philips, Novartis, and Nestlé.
- Deployed the SOC for multiple customers, including Dixon and Mars. Provided consultancy services to several customers from SOC and security architecture perspectives.
- Oversaw the POC for any new tool and technology. Collaborated with the presales team to onboard new customers.
- Onboarded multiple use cases in SIEM tools to enhance threat detection capabilities. Conducted multiple open-source and classified research projects on emerging and trending threats and vulnerabilities.
- Used a number of tools and technologies, including SIEM, WAF, DLP, IPS, IDS, firewall, proxy, FireEye APT, AV, REMnux, DDoS, Proofpoint, Wireshark, Burp Suite, PAM, ATT&CK framework, OWASP Top 10, Python, Nipper, and HLD/LLD.
- Ran specific programs such as threat detection, content development, EDR transformation, cloud security, Okta security, SOPs for incident response, and security audit, including PCI DSS, SOC 1/2, ISO27K, and GDPR.
Security Engineer
Orange Business Services
- Investigated the abnormal events, classified the potential security breaches, raised the security incident alerts, performed the technical and management escalation, and implemented the second-level mitigation action to confirm security incidents.
- Led the risk and vulnerability assessments and systems security audits of the servers and provided support in clearing the discrepancies according to PCI-DSS and ISO 27001.
- Performed host-based forensics and managed the threat intelligence program, hunting program, and DLP data protection program to secure sensitive data.
- Oversaw creating the SOC matrix data for the management as a shift lead.
Security Analyst
HCL Technologies
- Managed the cyber project outsourced by the National Informatics Center for the Indian Government, including the Ministry of External Affairs, Prime Minister, Ministry of Home Affairs, all states, and Bhawan.
- Deployed multiple tools for day-to-day operations, including the Check Point and Cisco firewalls, Blue Coat proxy, Trend Micro and MacAfee AV, netForensics (SIEM), MacAfee IDS/IPS, and Snort.
- Updated the security patches and vulnerabilities, manually hunted for IOCs using security tools, and responded to the security alerts.
- Performed audits of security tools and created security dashboards for specific platforms.
Experience
Enterprise Security Architecture
Cloud Journey—Blast Radius Project
Vulnerability Assessment and Penetration Testing (VAPT)
Technologies: Nmap, Nessus and Tenable, Qualys, Metasploit framework, Snort, IPsec, burp-suite, Kali Linux, and Wireshark.
SOC Reboot
Audits—ISO27k , ISO27701, SOC 1 & 2, PCIDSS, etc.
Skills
Languages
RAPID, SQL, Python
Libraries/APIs
RADIUS, Auth
Tools
Amazon Virtual Private Cloud (VPC), VPN, AWS IAM, Prisma, System Center Configuration Manager (SCCM), Hyper-V, FirePower, Duo 2FA, Azure Key Vault, AWS CLI, VMware, Splunk, Sentinel, OpenVPN, Amazon Elastic Container Service (Amazon ECS), IBM QRadar, YARA, Snort, Terraform, Amazon CloudWatch, Wireshark, Tcpdump, Amazon Athena, Azure Network Security Groups, Amazon EKS
Paradigms
DevSecOps, DDoS, HIPAA Compliance, Automation, Penetration Testing, DevOps, Deep Packet Inspection (DPI)
Platforms
Linux, Amazon Web Services (AWS), QualysGuard, SharePoint, Windows Server, Windows, AWS ALB, Azure, Google Cloud Platform (GCP), Microsoft, Web, Amazon EC2, Unix, Kubernetes
Industry Expertise
Cybersecurity, Network Security
Storage
Azure Cloud Services, Datadog, Amazon S3 (AWS S3)
Other
Security Operations Centers (SOC), Infrastructure, Incident Response, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, SecOps, Malware Analysis, Audits, PCI DSS, ISO 27001, Threat Modeling, Threat Detection, SIEM, User and Entity Behavior Analytics (UEBA), CISSP, IT Security, Identity & Access Management (IAM), Security Engineering, Networking, Architecture, Subnet, Cisco, Network Engineering, Virtual Private Servers, Networks, Documentation, IPv4, IP Networks, IP Routing, CCNP Security, Technical Leadership, Technical Hiring, Interviewing, Team Management, Cloud, Task Analysis, Vulnerability Assessment, PCI, FortiGate, Fortinet Firewall Configuration, Splunk Enterprise Security, Cisco Routers, DNS Configuration, System Administration, SonicWall, VM, Container Security, VLANs, Cisco Switches, Tanium, Infrastructure as Code (IaC), CI/CD Pipelines, CCNA, CCNP, Cisco Adaptive Security Virtual Appliance (ASAv), Cisco AnyConnect, Microsoft 365, Web App Security, Data Loss Prevention (DLP), Data Protection, Endpoint Security, Cloud Security, Cyber Threat Hunting, Threat Intelligence, Vulnerability Management, Data Transformation, APIs, Palo Alto Networks, FedRAMP, Juniper, IPv6, Source Code Review, CA Network & Systems Management (NSM), Single Sign-on (SSO), Container Orchestration, Secure Containers, File Servers, Google Workspace, Business Continuity & Disaster Recovery (BCDR), Application Security, Software Development Lifecycle (SDLC), Email Security, Security Architecture, PKI, Cryptography, Network Operation Centers (NOC), VAPT, Frameworks, Cyber Forensics, Strategy, Vendor Management, MDR, ATT&CK, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Security Automation, Information Security, Risk Management, Disaster Recovery Plans (DRP), OWASP Top 10, Web Security, Virtualization, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Routing, Check Point Certified Security Administrator (CCSA), CPA, Red Hat Certified System Administrator (RHCA), Red Hat Certified Engineer (RHCE), System-on-a-Chip (SoC), NetFlow, DNS, Bro Logs, IDS/IPS, TTP, IoC, NIST, Near-field Communication (NFC), CrowdStrike, Endpoint Detection and Response (EDR), SOC 2, Security, Data Privacy, Compliance, Zero-day Vulnerabilities, ISO 27701, Okta, Amazon Route 53, Cloudflare, Security Audits, API Gateways, AWS Transit Gateway, Cloud Infrastructure, DNS Servers, IT Networking, Dynamic Host Configuration Protocol (DHCP), Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), Web Application Firewall (WAF), Load Balancers, TCP/IP, SSL, Transport Layer Security (TLS), Security Testing, Dynamic Application Security Testing (DAST), Check Point, F5 Networks, CISO, Cloud Architecture, Leadership, Monitoring
Frameworks
COBIT, Windows PowerShell
Education
Bachelor's Degree in Electronics and Communication
ITM College - Gurugram, India
Certifications
Splunk Fundamentals
Splunk
AWS Certified Security—Specialty
Amazon
Carbon Black Associate Analyst and Threat Hunter
VMware
Certified Information Systems Security Professional
ISC2
Microsoft Certified: Azure Security Engineer Associate
Microsoft
Certified Ethical Hacker
EC-Council
Check Point Certified Security Administrator
Check Point
Check Point Certified Security Expert
Check Point
Check Point Certified Managed Security Expert
Check Point
Blue Coat Certified Proxy Administrator
Blue Coat Systems
Blue Coat Certified Proxy Expert
Blue Coat Systems
Red Hat Certified System Administrator
Red Hat
Red Hat Certified System Expert
Red Hat
Cisco Certified Security Professional
Cisco
Trend Micro Certified Professional
Trend Micro
CCNA Security
Cisco
CCNA
Cisco
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring