Mukesh Bhakar, Developer in Jaipur, Rajasthan, India
Mukesh is available for hire
Hire Mukesh

Mukesh Bhakar

Verified Expert  in Engineering

Cloud Security Developer

Location
Jaipur, Rajasthan, India
Toptal Member Since
November 12, 2021

Mukesh is a professional with over 14 years of experience in cybersecurity. He has expertise in designing and implementing security solutions across multi-cloud platforms like AWS, Azure, and GCP. His background includes DevSecOps, GRC, security operations, cloud security assessment, endpoint security, and data security. Mukesh has worked in various roles, including individual contributor and leadership positions. He was selected as an AWS Community Builder.

SecurityData Loss Prevention (DLP)Computer ScienceSecurity ArchitectureIT Service Management (ITSM)Vulnerability ManagementOktaCloudThreat IntelligenceWeb SecurityNISTCloud InfrastructureSingle Sign-on (SSO)Identity & Access Management (IAM)FirewallsSaaS SecurityNetwork MonitoringCloud SecurityInfrastructure SecurityVulnerability AssessmentCloud Security FrameworkMetasploitData Protection

Portfolio

West Roots LLC (Maptive)
Cloud Security, Security Audits, Penetration Testing, ISO 27001...
Commonwealth Financial Network
Azure, VPN, Azure Key Vault, Azure Active Directory, Cloud Security...
ValueLabs
Cloud Security, Penetration Testing, Azure, Security Architecture...

Experience

IT Security - 13 yearsSecurity - 13 yearsCybersecurity - 13 yearsSecurity Architecture - 11 yearsCloud Security - 7 yearsMicrosoft Azure - 6 yearsAzure - 6 yearsDevSecOps - 4 years

Availability

Part-time

Preferred Environment

Network Security, Application Security, Cloud Security, DevSecOps, Amazon Web Services (AWS), Security Architecture, SOC 2, Artificial Intelligence (AI), GRC, Cloud Infrastructure, Chief Security Officer (CSO)

The most amazing...

...thing I've designed was a robust, scalable, and secure multi-cloud architecture, incorporating industry best practices to safeguard enterprise data and systems.

Work Experience

Cloud Security Specialist

2022 - PRESENT
West Roots LLC (Maptive)
  • Ensured that the cloud architectures were designed with recommended security practices and standards following the principles of the Cloud Adoption Framework. Worked closely with application, network, and security teams.
  • Assessed and mitigated risks associated with cloud services while ensuring compliance with relevant regulations and standards, such as CIS, NIST-CSF, ISO27001, SOC2, and other compliance requirements.
  • Implemented static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) tools and methodologies.
  • Designed IAM processes and procedures and translated high-level requirements into technical designs.
  • Worked with SIEM and SOAR technical team to design new security use cases and provide functional requirements.
Technologies: Cloud Security, Security Audits, Penetration Testing, ISO 27001, Information Security Management Systems (ISMS), OWASP, Security, IT Security, Security Analysis, GDPR, Risk Management, Disaster Recovery Plans (DRP), Business Continuity Planning (BCP), Web Security, Kubernetes, Docker, Chief Security Officer (CSO)

Platform Cloud Security Engineer

2022 - 2024
Commonwealth Financial Network
  • Developed a multi-cloud security orchestration platform for managing security policies, identity management, and threat detection across AWS and Azure using CSPM.
  • Implemented a comprehensive access governance solution, utilizing AWS SSO and Azure Active Directory for centralized user authentication and authorization.
  • Designed and implemented a multi-account architecture in AWS, segregating workloads and applications into distinct AWS accounts using AWS SRA and Control Tower.
  • Designed and implemented cloud governance, establishing policies, procedures, and controls for cloud framework using NIST 800-53, CIS, and PCI DSS.
  • Implemented Zscaler Zero Trust SASE with Azure Cloud Infrastructure.
Technologies: Azure, VPN, Azure Key Vault, Azure Active Directory, Cloud Security, Azure Resource Manager (ARM), Networks, Application Security, Terraform, Identity & Access Management (IAM), Risk Assessment, Security Architecture, Infrastructure as Code (IaC), Linux Administration, Artificial Intelligence (AI), SOC 2, Amazon Web Services (AWS), Information Security, Managed Security Service Providers (MSSP), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC), Datadog, Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Infrastructure Security, Secure Access Service Edge (SASE), Endpoint Security, Managed Detection and Response (MDR), Kubernetes, Docker, Chief Security Officer (CSO), Enterprise Cybersecurity, Enterprise Security

Senior Cloud Security Architect

2021 - 2022
ValueLabs
  • Performed security and privacy assessments, including vulnerability and penetration testing, to determine compliance and security posture in the cloud.
  • Implemented AWS Security Hub, AWS Organizations, GuardDuty, SSO, WAF, and AWS native security tools.
  • Conducted vulnerability assessment using Burp Suite Enterprise, Nmap, Nessus, OWASP ZAP, sqlmap, Scout Suite, and PACU.
  • Automated cloud security controls, data, and processes to provide better metrics and operational support.
  • Identified security threats and risks related to cloud infrastructure services and planned remediation activities.
  • Led the implementation of a comprehensive compliance program to align with the Digital Operational Resilience Act (DORA) regulations introduced by the European Union (EU).
  • Implemented a comprehensive GRC framework to enhance organizational governance, manage risks, and ensure regulatory compliance. The project aimed to create a centralized system to streamline processes, and mitigate potential risks.
Technologies: Cloud Security, Penetration Testing, Azure, Security Architecture, AWS CloudFormation, Security, AWS Organizations, Security Hub, Amazon Web Services (AWS), Single Sign-on (SSO), OWASP Top 10, Sentinel, Cyber Threat Hunting, Computer Science, Network Security, Amazon Route 53, SecOps, IT Service Management (ITSM), Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, CISO, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Google Cloud Platform (GCP), Microsoft Azure, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, Team Management, ISO 27001, Compliance, Consulting, Azure Active Directory, Identity & Access Management (IAM), Architecture, Data Protection, GDPR, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Infrastructure as Code (IaC), Linux Administration, Application Security, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC), Datadog, Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Vulnerability Assessment, Infrastructure Security, Secure Access Service Edge (SASE), Endpoint Security, Managed Detection and Response (MDR), Kubernetes, Docker, Chief Security Officer (CSO)

Cloud Security Architect

2018 - 2021
Mundo Startel S.A.
  • Designed secure cloud architecture using best practices.
  • Audited and implemented compliance as per regulatory requirements.
  • Designed, implemented, and maintained cloud infrastructure security, identified technical gaps, and provided solutions.
  • Gained extensive experience in cloud-based DDoS protection services such as AWS Shield Advanced.
Technologies: Cloud Security, Azure, Security Architecture, Security, AWS Organizations, Security Hub, Amazon Web Services (AWS), Single Sign-on (SSO), OWASP Top 10, Sentinel, Cyber Threat Hunting, Computer Science, Network Security, Amazon Route 53, SecOps, IT Service Management (ITSM), Application Security, Architecture, Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, Okta, Google Cloud Platform (GCP), Microsoft Azure, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, Team Management, ISO 27001, Compliance, Consulting, Azure Active Directory, Identity & Access Management (IAM), Data Protection, GDPR, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Infrastructure as Code (IaC), Linux Administration, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC), Datadog, Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Infrastructure Security, Secure Access Service Edge (SASE), Endpoint Security, Managed Detection and Response (MDR), Kubernetes, Docker, Chief Security Officer (CSO)

Application Security Engineer

2014 - 2018
Ericsson
  • Developed processes and implemented tools and techniques to perform ongoing security assessments of the environment.
  • Analyzed security test results, drew conclusions from results, and developed targeted testing as deemed necessary.
  • Collaborated with external vendors to perform penetration tests on network devices, operating systems, databases, and applications as necessary.
Technologies: Network Security, Security, OWASP Top 10, Cyber Threat Hunting, Computer Science, SecOps, IT Service Management (ITSM), Architecture, Amazon Web Services (AWS), Azure, Identity & Access Management (IAM), Security Architecture, Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, ISO 27001, Compliance, Azure Active Directory, Data Protection, GDPR, Ethical Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Linux Administration, Application Security, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC), Datadog, Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Infrastructure Security, Secure Access Service Edge (SASE), Endpoint Security, Managed Detection and Response (MDR), Kubernetes, Docker

Security Engineer

2013 - 2014
Vodafone Idea
  • Conducted vulnerability assessments of IT infrastructure for government agencies and private companies. Identified and prioritized vulnerabilities based on risk assessment and provided recommendations for remediation.
  • Conducted audits for organizations processing credit card data to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS). Identified and reported non-conformities and provided guidance on remediation measures.
  • Conducted a financial institution's comprehensive IDS/IPS vulnerability assessment, identifying misconfigurations and tuning recommendations to optimize threat detection accuracy and minimize false positives.
Technologies: Vulnerability Management, Identity & Access Management (IAM), Information Security Management Systems (ISMS), IDS/IPS, Firewalls, Threat Intelligence, Linux Administration, Application Security, Artificial Intelligence (AI), Network Architecture, Network Engineering, Network Monitoring, DevSecOps, Endpoint Detection and Response (EDR), Audits, GCP Security, Amazon Cognito, Amazon Virtual Private Cloud (VPC), Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Infrastructure Security, Secure Access Service Edge (SASE), Kubernetes, Docker

Senior Engineer

2013 - 2014
Vodafone Idea
  • Performed manual, external, and internal penetration testing.
  • Collaborated with external vendors to perform penetration tests on network devices, operating systems, and databases.
  • Provided assistance to system users regarding information system security.
  • Performed routine vulnerability scans against specified systems, analyzed the results, and worked with business units to remediate systems.
Technologies: Network Security, Security, OWASP Top 10, Cyber Threat Hunting, Computer Science, SecOps, Microsoft, IT Security, Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, ISO 27001, Azure Active Directory, Identity & Access Management (IAM), Architecture, Data Protection, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, DevSecOps, Audits, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Kubernetes, Docker

IT Security Engineer

2012 - 2013
Huawei Technologies Co.
  • Implemented data loss prevention (DLP) policies and technologies to prevent unauthorized data exfiltration and ensure compliance with data privacy regulations.
  • Designed and deployed secure network segmentation strategies to minimize the attack surface and limit the potential impact of security breaches.
  • Conducted physical security assessments to identify vulnerabilities in physical access controls and recommend improvements.
Technologies: Application Security, IT Security, Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, Audits, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Kubernetes, Docker

Cyber Security Analyst

2010 - 2012
Ericsson
  • Assessed and optimized the existing vulnerability management program, identifying gaps and inefficiencies.
  • Implemented vulnerability scanning tools on various platforms (endpoints, network devices, applications) and prioritized identified vulnerabilities based on risk assessment.
  • Automated vulnerability patching processes and tracked remediation progress across different systems.
Technologies: IT Security, Security Operations Centers (SOC), Patch Management, Vulnerability Management, Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, Audits, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Kubernetes, Docker

Implementation of AWS Security Architecture

Implemented AWS security architecture for one of the USA's leading pharma companies to protect them from ongoing ransomware attacks. Performed penetration testing of AWS account to find out vulnerability and misconfiguration.

Protection Against Ransomware

Implemented an airgap backup solution for one of the top clients to secure them from ransomware using cloud-native and open-source tools. Firstly I utilized existing backup solutions with proper security, monitoring, and encryption in place. After that, I implemented secondary backup solutions to ensure that we have available backups to restore in case of attacks.  

AWS Organization Multi-account Architecture Implementation

Implemented AWS Organizations to use control towers according to AWS best practices. It was implemented to separate customer environments according to development, staging, and production with separate logging, security, and shared account structures.

Digital Operational Resilience Act (DORA) Compliance Program Implementation

I implemented the EU's Digital Operational Resilience Act (DORA) framework within the HR and organization to enhance operational resilience and comply with regulations.

• Developed and implemented policies and procedures for ICT risk management, incident reporting, digital operational resilience testing, and 3rd-party risk management, aligned with DORA requirements.
• Conducted a risk assessment to identify potential ICT threats and vulnerabilities.
• Implemented appropriate controls to mitigate identified risks.
• Defined and implemented an incident response plan for managing cyber threats and disruptions.

Business Continuity Planning and Implementation

Led a comprehensive initiative to develop and implement a robust business continuity plan (BCP) for Toptal. The project aimed to ensure the organization's resilience in the face of potential disruptions, including natural disasters, technological failures, and other unforeseen events. The BCP encompassed all critical business functions, IT systems, and key processes.

RISK ASSESSMENT AND BUSINESS IMPACT ANALYSIS
• Conducted a thorough risk assessment to identify potential threats and vulnerabilities.
• Performed a business impact analysis (BIA) to prioritize critical business functions and assess the financial and operational impact of disruptions.

BCP DEVELOPMENT AND DOCUMENTATION
• Collaborated with department heads and stakeholders to create a comprehensive business continuity plan.
• Documented detailed procedures for each critical business function, outlining steps for activation and recovery.

Tools

Metasploit, AWS IAM, Sentinel, Azure Key Vault, VPN, GCP Security, Amazon Cognito, Amazon Virtual Private Cloud (VPC), AWS CloudFormation, Terraform, Boto 3

Paradigms

Penetration Testing, DevSecOps, DevOps

Platforms

Azure, AWS Lambda, AWS ALB, Amazon Web Services (AWS), Microsoft, AWS Elastic Beanstalk, Amazon EC2, Docker, Kubernetes, Google Cloud Platform (GCP)

Industry Expertise

Network Security, Cybersecurity, Enterprise Security

Storage

Azure Active Directory, Amazon S3 (AWS S3), Datadog

Other

OWASP Top 10, Application Security, Cloud Security, Networking, Computer Science, Security Architecture, AWS Certified Solution Architect, IT Service Management (ITSM), Security, Kubernetes Security, AWS Organizations, Security Hub, GaurdDuty, Single Sign-on (SSO), Amazon Route 53, Cyber Threat Hunting, SecOps, Architecture, Identity & Access Management (IAM), IT Security, OWASP, Web Security, Vulnerability Management, Security Audits, Okta, Microsoft Azure, Technical Hiring, Source Code Review, Interviewing, Task Analysis, Cloud, APIs, Team Management, Compliance, Consulting, Data Protection, GDPR, Ethical Hacking, Hacking, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Resource Manager (ARM), Networks, Data Loss Prevention (DLP), IDS/IPS, Firewalls, Threat Intelligence, Linux Administration, Vulnerability Assessment, Network Architecture, Network Engineering, Team Leadership, Network Design, Network Monitoring, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, SaaS Security, Web Application Firewall (WAF), Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, Infrastructure Security, Endpoint Security, Managed Detection and Response (MDR), Chief Security Officer (CSO), Container Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Web App Security, CISO, ISO 27001, Threat Modeling, Risk Management, Infrastructure as Code (IaC), Artificial Intelligence (AI), Secure Containers, Secure Access Service Edge (SASE), AWS Control Tower, AWS WAF, Risk Assessment, Information Security, Security Operations Centers (SOC), Patch Management, Managed Security Service Providers (MSSP), Enterprise Cybersecurity

Languages

Python 3

2022 - 2023

Master's Degree in Cyber Security

Southern New Hampshire University - New Hampshire

2005 - 2009

Bachelor's Degree in Electronics and Communication Engineering

University of Rajasthan, Jaipur - Jaipur, India

JANUARY 2024 - PRESENT

Certified Information Security Manager (CISM)

ISACA

NOVEMBER 2023 - PRESENT

Microsoft Certified: Cybersecurity Architect Expert

Microsoft

NOVEMBER 2021 - NOVEMBER 2023

Certified Kubernetes Security Specialist (CKS)

The Linux Foundation

SEPTEMBER 2021 - SEPTEMBER 2022

Microsoft Certified: Azure Security Engineer Associate

Microsoft

AUGUST 2021 - PRESENT

Certificate of Cloud Security Knowledge (CCSK)

CSA

FEBRUARY 2021 - FEBRUARY 2024

AWS Certified Security – Specialty

Amazon Web Services

JANUARY 2021 - JANUARY 2024

CKA: Certified Kubernetes Administrator

The Linux Foundation

JUNE 2020 - JUNE 2023

AWS Certified Solutions Architect Associate

AWS

DECEMBER 2018 - PRESENT

ITIL

Axelos

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring