toptal.com
Contact us: +1.888.867.7001
Ankit Mittal, Cybersecurity Developer in Gurugram, India
Ankit Mittal

Cybersecurity Developer in Gurugram, India

Member since November 10, 2021
Ankit is a cybersecurity expert with 14 years of experience in Cloud Security, incident response, threat hunting and intelligence, forensics, malware analysis, endpoint security, SIEM, data protection, DevSecOps, networking, and vulnerability management. His expertise is backed by 15+ cybersecurity certifications from vendors such as ISC2, AWS, and Microsoft. Ankit is currently working on a few projects related to cloud and cybersecurity.
Ankit is now available for hire
Hire Ankit

Portfolio

  • Confidential
    Cloud Security, IT Security, Threat Hunting, Threat Intelligence, Strategy...
  • STMicroelectronics
    Cloud Security, Audits, Data Protection, CISSP, DevSecOps, VAPT, Microsoft...
  • BT Group
    Data Protection, Application Security, Security Architecture...

Experience

  • Security Operations Centers (SOC) 13 years
  • Cybersecurity 13 years
  • Incident Response 13 years
  • Data Protection 11 years
  • Vulnerability Management 10 years
  • Threat Hunting 8 years
  • Security Engineering 8 years
  • Cloud Security 6 years

Location

Gurugram, India

Availability

Part-time

Preferred Environment

Cybersecurity, Security Operations Centers (SOC), Data Protection, Endpoint Security, Cloud Security, Threat Hunting, Threat Intelligence, Vulnerability Management, Infrastructure Security, Incident Response

The most amazing...

...projects I've delivered include building SOC from scratch for multiple customers and strategizing the transformation of workloads from on-premises to the cloud.

Employment

  • Information Security Officer

    2019 - PRESENT
    Confidential
    • Acted as the incident commandant reporting to the CISO. Conducted open-source and classified research on emerging and trending threats and vulnerabilities. Led complex projects cross-functionally and globally.
    • Led a team of cybersecurity professionals responsible for the design, implementation, attack mitigation, and ongoing support of security systems of high complexity to fulfill the business needs.
    • Rewrote the complete IR process, including the SOPs, playbooks, workbooks, and security automation, and mapped the use cases with security frameworks such as MITRE ATT&CK.
    • Managed threat intelligence, threat hunting (IOC vs. TTP), forensics, data protection, EDR, email security, cloud security, malware analysis, and reverse engineering.
    • Reduced the blast radius from a cloud security perspective and managed the cloud security posture assessment. Oversaw the vulnerability management program and prioritization of vulnerabilities.
    • Led the company-wide deployments of multiple security products to secure all resources, infrastructure, applications, and storage. Created 30+ use cases with security automation capabilities.
    • Worked completely on AWS cloud and maintained the current infrastructure from a security perspective.
    • Gained experience in AWS native tools, including AWS VPC, AWS IAM, EC2, subnets, networking, CloudTrail, GuardDuty, Macie, Inspector, and Security Hub.
    Technologies: Cloud Security, IT Security, Threat Hunting, Threat Intelligence, Strategy, Malware Analysis, Vendor Management, MDR, Audits, ATT&CK, Security Framework, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Data Protection, Security Automation, Azure Security, AWS Security, NetFlow, DNS, Proxy Servers, YARA, Snort, Penetration Testing, Bro Logs, IDS/IPS, TTP, IoC, Python, Windows PowerShell, Network Hunting, ISO 27001, PCI DSS, SOC 1, SOC 2, NIST, CISSP, Azure, Sentinel, Proofpoint, TAP, TRAP, Carbon Black, CrowdStrike, Endpoint Detection and Response (EDR), DevOps, Identity & Access Management (IAM), Risk Management, Security Testing, Dynamic Application Security Testing (DAST), Security

  • Staff Engineer

    2015 - 2019
    STMicroelectronics
    • Managed the SOC and security engineering team, which included leading and mentoring over 13 security experts and meeting business goals. Acted as the incident commandant of the Indian region.
    • Acted as the key member of the digital transformation group that oversaw transitioning to the cloud in a hybrid approach and securitization in Azure.
    • Ran the specific programs such as threat detection, content development, EDR transformation, cloud security, SOPs for incident response, and security audit, including PCI-DSS, SOC 1/2, ISO27k, and GDPR.
    • Assisted DevOps team in SSDLC, including threat modeling, penetration testing, zero-trust security model, and using the shift-left approach for CI/CD pipelines with Jenkins. Created a baseline for Windows, Mac, and Linux from a security standpoint.
    Technologies: Cloud Security, Audits, Data Protection, CISSP, DevSecOps, VAPT, Microsoft, AWS, Security Framework, Cyber Forensics, Threat Intelligence, Threat Hunting, Azure, Strategy, Cloud Transformation, Security

  • Senior Security Specialist

    2012 - 2015
    BT Group
    • Acted as the shift operations manager for specific customers, including LBG, PepsiCo, Philips, Novartis, and Nestlé.
    • Deployed the SOC for multiple customers, including Dixon and Mars. Provided consultancy services to several customers from SOC and security architecture perspectives.
    • Oversaw the POC for any new tool and technology. Collaborated with the presales team to onboard new customers.
    • Onboarded multiple use cases in SIEM tools to enhance threat detection capabilities. Conducted multiple open-source and classified research projects on emerging and trending threats and vulnerabilities.
    • Used a number of tools and technologies, including SIEM, WAF, DLP, IPS, IDS, firewall, proxy, FireEye APT, AV, REMnux, DDoS, Proofpoint, Wireshark, Burp Suite, PAM, ATT&CK framework, OWASP Top 10, Python, Nipper, and HLD/LLD.
    Technologies: Data Protection, Application Security, Security Architecture, Incident Response, PKI, Cryptography, Audits, Email Security, Infrastructure Security, Network Operations Center, SecOps, SIEM, User and Entity Behavior Analytics (UEBA), Security

  • Security Engineer

    2010 - 2012
    Orange Business Services
    • Investigated the abnormal events, classified the potential security breaches, raised the security incident alerts, performed the technical and management escalation, and implemented the second-level mitigation action to confirm security incidents.
    • Led the risk and vulnerability assessments and systems security audits of the servers and provided support in clearing the discrepancies according to PCI-DSS and ISO 27001.
    • Performed host-based forensics and managed the threat intelligence program, hunting program, and DLP data protection program to secure sensitive data.
    • Appointed as a shift lead and oversaw creating the SOC matrices data for the management.
    Technologies: Incident Response, Malware Analysis, Threat Hunting, Audits, PCI DSS, Threat Intelligence, ISO 27001, SecOps, Threat Modeling, Threat Detection, Infrastructure Security, Email Security, Application Security, Vulnerability Management, Software Development Lifecycle (SDLC), Security

  • Security Analyst

    2008 - 2010
    HCL Technologies
    • Managed the cyber project outsourced by the National Informatics Center for the Indian Government, including the Ministry of External Affairs, Prime Minister, Ministry of Home Affairs, all states, and Bhawan.
    • Deployed multiple tools for day-to-day operations, including the Check Point and Cisco firewalls, Blue Coat proxy, Trend Micro and MacAfee AV, netForensics (SIEM), MacAfee IDS/IPS, and Snort.
    • Updated the security patches and vulnerabilities, manually hunted for IOCs using security tools, and responded to the security alerts.
    • Performed audits of security tools and created security dashboards for specific platforms.
    Technologies: Endpoint Security, Infrastructure Security, Incident Response, Application Security, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, Software Development Lifecycle (SDLC), SecOps, Vulnerability Management

Experience

  • Enterprise Security Architecture

    My role in this project was to rearchitect the design for B2B and SOA platforms and add security layers considering defense-in-depth—firewalls, IPS/IDS, WAF, VAPT, and DMZ. I also created the security dashboards by internal auditing of systems and servers, including vulnerabilities, configuration hardening, and penetration test findings, and I remediated all findings.

  • Cloud Journey—Blast Radius Project

    During the migration of our workloads to the Cloud, the goal was to minimize the impact of a possible failure and have no dependencies on other products. It mainly included failures due to security incidents, human error, and environmental factors.

  • Vulnerability Assessment and Penetration Testing (VAPT)

    Conducted VAPT testing using the OWASP methodology; this included vulnerability management for the pharmaceutical and semiconductor companies.
    Technologies: Nmap, Nessus and Tenable, Qualys, Metasploit framework, Snort, IPsec, burp-suite, Kali Linux, and Wireshark.

  • SOC Reboot

    The aim was to operationalize and institutionalize the process for SOC activities such as log ingestion, SOPs, playbooks, automation, and content development, map the use cases with security frameworks, and standardize responses across the organization.

  • Audits—ISO27k , ISO27701, SOC 1 & 2, PCIDSS, etc.

    Single point of contact for external auditors, specific to SOC and Security Engineering teams, including technical controls related to endpoint security, VAPT, SIEM, SOAR, Data protection, Data privacy, Infrastructure controls, etc.

Skills

  • Tools

    Amazon Virtual Private Cloud (VPC), VPN, AWS IAM, Splunk, Sentinel, OpenVPN, Amazon ECS (Amazon Elastic Container Service), IBM QRadar, YARA, Snort, Terraform, Amazon CloudWatch, Wireshark, Tcpdump

  • Platforms

    Amazon Web Services (AWS), QualysGuard, Azure, Microsoft, Linux, Amazon EC2 (Amazon Elastic Compute Cloud), Unix

  • Industry Expertise

    Cybersecurity, IT Security, Network Security, Security

  • Other

    Security Operations Centers (SOC), Infrastructure Security, Incident Response, Security Engineering, Architecture, Subnets, Cisco, Network Engineering, Cloud Security Posture Management, Virtual Private Servers, Networks, Documentation, IPv4, IP Networks, IP Routing, CCNP Security, Technical Leadership, Technical Hiring, Interviewing, Team Management, Cloud, Task Analysis, Vulnerability Assessment, PCI, FortiGate, Fortinet Firewall Configuration, Splunk Enterprise Security, Data Protection, Endpoint Security, Cloud Security, Threat Hunting, Threat Intelligence, Vulnerability Management, Malware Analysis, AWS, Cloud Transformation, APIs, Palo Alto Networks, FedRAMP, Juniper, IPv6, Source Code Review, Application Security, Certified Ethical Hacker (CEH), CCNA Security, Firewalls, Proxy Servers, Software Development Lifecycle (SDLC), SecOps, Audits, PCI DSS, ISO 27001, Threat Modeling, Threat Detection, Email Security, Security Architecture, PKI, Cryptography, Network Operations Center, SIEM, User and Entity Behavior Analytics (UEBA), CISSP, VAPT, Security Framework, Cyber Forensics, Strategy, Vendor Management, MDR, ATT&CK, Secure Access Service Edge (SASE), Cloud Access Security Broker (CASB), Security Automation, Azure Security, AWS Security, Information Security, Risk Management, Disaster Recovery Plans (DRP), Physical Security, Identity & Access Management (IAM), OWASP Top 10, Cyber Attacks, Proxy Solution, Web Filtering, Web Security, Linux Security, Virtualization, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Routing, Networking, Security Orchestration, CCSA, CCSE, CCMSE, CPA, BCCPP, Red Hat Certified System Administrator (RHCA), Red Hat Certified System Engineer (RHCSE), Certified Cloud Security Professional (CCSP), SoC, NetFlow, DNS, Bro Logs, IDS/IPS, TTP, IoC, Network Hunting, SOC 1, NIST, Proofpoint, TAP, TRAP, Sentinel One, Carbon Black, CrowdStrike, Endpoint Detection and Response (EDR), SOC 2, Data Privacy, Compliance, Zero-day Vulnerabilities, ISO 27701, Okta, Amazon Route 53, Cloudflare, Security Audits, API Gateways, AWS Transit Gateway, Cloud Infrastructure, DNS Servers, IT Networking, Dynamic Host Configuration Protocol (DHC…, Open Shortest Path First (OSPF), BGP, Web Application Firewall (WAF), Load Balancers, TCP/IP, SSL, Transport Layer Security (TLS), Security Testing, Dynamic Application Security Testing (DAST)

  • Frameworks

    COBIT, Windows PowerShell

  • Paradigms

    HIPAA Compliance, DevSecOps, Automation, Penetration Testing, DevOps, Deep Packet Inspection (DPI)

  • Languages

    Python

  • Storage

    Amazon S3 (AWS S3)

Education

  • Bachelor's Degree in Electronics and Communication
    2004 - 2008
    ITM College - Gurugram, India

Certifications

  • Carbon Black Associate Analyst and Threat Hunter
    FEBRUARY 2021 - PRESENT
    VMware
  • Splunk Fundamentals
    SEPTEMBER 2020 - PRESENT
    Splunk
  • AWS Certified Security—Specialty
    FEBRUARY 2019 - PRESENT
    Amazon
  • Certified Information Systems Security Professional
    JUNE 2018 - PRESENT
    ISC2
  • Microsoft Certified: Azure Security Engineer Associate
    MARCH 2018 - PRESENT
    Microsoft
  • Certified Ethical Hacker
    FEBRUARY 2014 - PRESENT
    EC-Council
  • Check Point Certified Security Administrator
    NOVEMBER 2013 - PRESENT
    Check Point
  • Check Point Certified Security Expert
    NOVEMBER 2013 - PRESENT
    Check Point
  • Check Point Certified Managed Security Expert
    NOVEMBER 2013 - PRESENT
    Check Point
  • Blue Coat Certified Proxy Administrator
    MARCH 2013 - PRESENT
    Blue Coat Systems
  • Blue Coat Certified Proxy Expert
    MARCH 2013 - PRESENT
    Blue Coat Systems
  • Red Hat Certified System Administrator
    APRIL 2011 - PRESENT
    Red Hat
  • Red Hat Certified System Expert
    APRIL 2011 - PRESENT
    Red Hat
  • Cisco Certified Security Professional
    NOVEMBER 2010 - PRESENT
    Cisco
  • Trend Micro Certified Professional
    APRIL 2009 - PRESENT
    Trend Micro
  • CCNA Security
    MARCH 2009 - PRESENT
    Cisco
  • CCNA
    FEBRUARY 2009 - PRESENT
    Cisco

To view more profiles

Join Toptal
Share it with others
Hire the top 3% of freelance developers TM