Mukesh Bhakar, Developer in Jaipur, Rajasthan, India
Mukesh is available for hire
Hire Mukesh

Mukesh Bhakar

Verified Expert  in Engineering

Bio

Mukesh is a professional with over 14 years of experience in cybersecurity. He has expertise in designing and implementing security solutions across multi-cloud platforms like AWS, Azure, and GCP. His background includes DevSecOps, GRC, security operations, cloud security assessment, endpoint security, and data security. Mukesh has worked in various roles, including individual contributor and leadership positions. He was selected as an AWS Community Builder.

Portfolio

Design Barn, Inc.
IT Security, SOC 2, Vanta, Security, Audits, Microsoft Intune...
West Roots LLC (Maptive)
Cloud Security, Security Audits, Penetration Testing, ISO 27001...
Garn Enterprise (Hong Kong) Limited
Architecture, Data Governance, AWS Certified Solution Architect, DevSecOps...

Experience

  • IT Security - 13 years
  • Security - 13 years
  • Cybersecurity - 13 years
  • Security Architecture - 11 years
  • Cloud Security - 7 years
  • Microsoft Azure - 6 years
  • Azure - 6 years
  • DevSecOps - 4 years

Availability

Part-time

Preferred Environment

Network Security, Application Security, Cloud Security, DevSecOps, Amazon Web Services (AWS), Security Architecture, SOC 2, Artificial Intelligence (AI), GRC, Cloud Infrastructure, Chief Security Officer (CSO), Microsoft Entra ID, ADF, CISO, Cybersecurity Operations, SOC Compliance, Microsoft Intune, Azure DevOps, VLANs

The most amazing...

...thing I've designed was a robust, scalable, and secure multi-cloud architecture, incorporating industry best practices to safeguard enterprise data and systems.

Work Experience

Compliance Specialist

2024 - PRESENT
Design Barn, Inc.
  • Prepared SOC 2 Type 2 documentation using Vanta customized templates and documented tech stack for audit readiness. Collaborated with teams to address gaps, ensuring compliance and boosting credibility during pilot phases with potential clients.
  • Streamlined SOC 2 compliance with Scrut, automating evidence collection and optimizing security processes. Documented internal controls, enhanced data security, and guided teams in achieving audit readiness, improving trust with B2B clients.
  • Implemented Vanta to automate SOC 2 compliance monitoring. Developed scalable policies for data security, documented processes, ensured audit readiness, and supported future scaling with additional communication platforms.
  • Developed and tested security baselines for managed devices, enhancing endpoint protection. Collaborated with cross-functional teams to support end-users and troubleshoot issues related to Intune enrollment and policy enforcement.
Technologies: IT Security, SOC 2, Vanta, Security, Audits, Microsoft Intune, Mobile Device Management (MDM), Azure DevOps, Azure Cloud Security

Cloud Security Specialist

2022 - PRESENT
West Roots LLC (Maptive)
  • Ensured that the cloud architectures were designed with recommended security practices and standards following the principles of the Cloud Adoption Framework. Worked closely with application, network, and security teams.
  • Assessed and mitigated risks associated with cloud services while ensuring compliance with relevant regulations and standards, such as CIS, NIST-CSF, ISO27001, SOC2, and other compliance requirements.
  • Implemented static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) tools and methodologies.
  • Designed IAM processes and procedures and translated high-level requirements into technical designs.
  • Worked with the SIEM and SOAR technical teams to design new security use cases and provide functional requirements.
  • Spearheaded the deployment of Wiz CSPM across multi-cloud infrastructures, enhancing security visibility and compliance through continuous monitoring and automated baseline configurations.
  • Designed and implemented security baselines for diverse cloud environments, leveraging Wiz CSPM to ensure adherence to industry standards and regulatory requirements.
Technologies: Cloud Security, Security Audits, Penetration Testing, ISO 27001, Information Security Management Systems (ISMS), OWASP, Security, IT Security, Security Analysis, GDPR, Risk Management, Disaster Recovery Plans (DRP), Business Continuity Planning (BCP), Web Security, Kubernetes, Docker, Chief Security Officer (CSO), Microsoft Entra ID, ADF, CISO, AWS Well-Architected Framework, HITRUST Certification, Active Directory (AD), Microsoft Identity Manager, AWS Cloud Security, Cybersecurity Operations, SOC Compliance, Microsoft Intune, Mobile Device Management (MDM), Azure DevOps, Azure Cloud Security

Manager | Solutions Architect

2024 - 2024
Garn Enterprise (Hong Kong) Limited
  • Developed and implemented comprehensive cybersecurity policies, covering access controls, data protection, and incident response. Conducted staff training to ensure compliance and enhance overall security awareness across the organization.
  • Designed and implemented a scalable AWS architecture utilizing EC2, S3, RDS, and VPC. Enhanced security through IAM roles, security groups, and encryption methods, ensuring a robust and reliable infrastructure.
  • Conducted a thorough security assessment of the AWS environment, identifying and mitigating vulnerabilities. Implemented best practices and onboarded an AWS Managed Service Provider for ongoing management and security enhancement.
Technologies: Architecture, Data Governance, AWS Certified Solution Architect, DevSecOps, Chief Security Officer (CSO), CISO, Docker, Kubernetes, Terraform, Enterprise Risk Management (ERM), Jira, Confluence, CISSP, CISM, Microsoft Entra ID, ADF, AWS Well-Architected Framework, HITRUST Certification, Active Directory (AD), Microsoft Identity Manager, AWS Cloud Security, Cybersecurity Operations, SOC Compliance, Microsoft Intune, Mobile Device Management (MDM), Azure DevOps, Azure Cloud Security

DevSecOps Engineer (via Toptal)

2024 - 2024
Brandon Miles
  • Designed a comprehensive security architecture for an enterprise application on Azure, ensuring robust protection and compliance and conducting a risk assessment to identify potential threats.
  • Developed a robust CI/CD pipeline using GitHub Actions, integrating DevSecOps practices for secure and efficient development and deployment.
  • Ensured compliance with Azure security best practices. Assessed and optimized identity management, network security, data protection, monitoring, and regulatory compliance, reducing vulnerabilities.
Technologies: DevSecOps, DevOps, Security, System Administration, Docker, Kubernetes, CI/CD Pipelines, Infrastructure as Code (IaC), Systems Monitoring, Log Management, Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), IT Security, Microsoft Entra ID, ADF, CISO, AWS Well-Architected Framework, HITRUST Certification, Active Directory (AD), Microsoft Identity Manager, AWS Cloud Security, Cybersecurity Operations, SOC Compliance, Microsoft Intune, Mobile Device Management (MDM), Azure DevOps, Azure Cloud Security

DevSecOps Engineer (via Toptal)

2024 - 2024
Green Line Inc
  • Established and secured the technical infrastructure for Kinzy, an AI assistant for adult day care centers, during a 3-week discovery phase to integrate AI functionalities into Kinzy's MVP while ensuring security and reliability.
  • Designed a secure and scalable GCP architecture incorporating IAM policies, network security, and data protection measures, enhancing system robustness.
  • Performed a detailed security review of AI/ML models, identifying and addressing vulnerabilities and enhancing model security. Implemented differential privacy and data anonymization techniques, ensuring compliance.
Technologies: DevSecOps, DevOps, Security, Cloud, CI/CD Pipelines, Docker, Kubernetes, Infrastructure as Code (IaC), Minimum Viable Product (MVP), Artificial Intelligence (AI), Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), Monitoring, System Administration, Microsoft Entra ID, ADF, CISO, AWS Well-Architected Framework, Active Directory (AD), AWS Cloud Security, Cybersecurity Operations, SOC Compliance, Azure DevOps, Azure Cloud Security

DevSecOps Engineer (via Toptal)

2024 - 2024
Green Line Inc
  • Made integration with GCP's CI/CD pipelines using Cloud Build and Cloud Functions for seamless vulnerability scanning and patch deployment.
  • Created integration with GCP's security and compliance services, such as Cloud Security Command Center and Security Health Analytics, for comprehensive threat detection and response.
  • Established automated DevSecOps pipelines using Cloud Build and Cloud Functions, enforced security controls, including vulnerability scanning and pand incident response, thereby maintaining a robust security posture in healthcare.
Technologies: DevSecOps, DevOps, Security, Cloud, CI/CD Pipelines, Docker, Kubernetes, Infrastructure as Code (IaC), Minimum Viable Product (MVP), Artificial Intelligence (AI), Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), Monitoring, System Administration, Microsoft Entra ID, AWS Well-Architected Framework, Active Directory (AD), Microsoft Identity Manager, AWS Cloud Security, Azure DevOps, Azure Cloud Security

Platform Cloud Security Engineer

2022 - 2024
Commonwealth Financial Network
  • Developed a multi-cloud security orchestration platform for managing security policies, identity management, and threat detection across AWS and Azure using CSPM.
  • Implemented a comprehensive access governance solution, utilizing AWS SSO and Azure Active Directory for centralized user authentication and authorization.
  • Designed and implemented a multi-account architecture in AWS, segregating workloads and applications into distinct AWS accounts using AWS SRA and Control Tower.
  • Designed and implemented cloud governance, establishing policies, procedures, and controls for cloud framework using NIST 800-53, CIS, and PCI DSS.
  • Implemented Zscaler Zero Trust SASE with Azure Cloud Infrastructure.
  • Designed, deployed, and managed Intune policies to secure mobile devices, desktops, and applications. Implemented mobile device management (MDM) and mobile application management (MAM) configurations to protect corporate data.
  • Monitored compliance and remediated non-compliant devices to ensure alignment with security standards.
  • Set up Azure Virtual Network (VNet) with subnets for web, application, and database tiers.
  • Implemented role-based access control (RBAC) and privileged identity management (PIM) for least privileged access.
  • Deployed Azure Firewall to secure the network perimeter and enabled DDoS Protection to safeguard against distributed denial-of-service attacks.
Technologies: Azure, VPN, Azure Key Vault, Azure Active Directory, Cloud Security, Azure Resource Manager (ARM), Networks, Application Security, Terraform, Identity & Access Management (IAM), Risk Assessment, Security Architecture, Infrastructure as Code (IaC), Linux Administration, Artificial Intelligence (AI), SOC 2, Amazon Web Services (AWS), Information Security, Managed Security Service Providers (MSSP), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC), Datadog, Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Infrastructure Security, Secure Access Service Edge (SASE), Endpoint Security, Managed Detection and Response (MDR), Kubernetes, Docker, Chief Security Officer (CSO), Enterprise Cybersecurity, Enterprise Security, Active Directory (AD), Microsoft Identity Manager, AWS Cloud Security, Azure DevOps, Azure Cloud Security

Senior Cloud Security Architect

2021 - 2022
ValueLabs
  • Performed security and privacy assessments, including vulnerability and penetration testing, to determine compliance and security posture in the cloud.
  • Implemented AWS Security Hub, AWS Organizations, GuardDuty, SSO, WAF, and AWS native security tools.
  • Conducted vulnerability assessment using Burp Suite Enterprise, Nmap, Nessus, OWASP ZAP, sqlmap, Scout Suite, and PACU.
  • Automated cloud security controls, data, and processes to provide better metrics and operational support.
  • Identified security threats and risks related to cloud infrastructure services and planned remediation activities.
  • Led the implementation of a comprehensive compliance program to align with the Digital Operational Resilience Act (DORA) regulations introduced by the European Union (EU).
  • Implemented a comprehensive GRC framework to enhance organizational governance, manage risks, and ensure regulatory compliance. The project aimed to create a centralized system to streamline processes, and mitigate potential risks.
Technologies: Cloud Security, Penetration Testing, Azure, Security Architecture, AWS CloudFormation, Security, AWS Organizations, Security Hub, Amazon Web Services (AWS), Single Sign-on (SSO), OWASP Top 10, Sentinel, Cyber Threat Hunting, Computer Science, Network Security, Amazon Route 53, SecOps, IT Service Management (ITSM), Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, CISO, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Google Cloud Platform (GCP), Microsoft Azure, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, Team Management, ISO 27001, Compliance, Consulting, Azure Active Directory, Identity & Access Management (IAM), Architecture, Data Protection, GDPR, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Infrastructure as Code (IaC), Linux Administration, Application Security, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC), Datadog, Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Vulnerability Assessment, Infrastructure Security, Secure Access Service Edge (SASE), Endpoint Security, Managed Detection and Response (MDR), Kubernetes, Docker, Chief Security Officer (CSO), Active Directory (AD), Microsoft Identity Manager, AWS Cloud Security, SOC Compliance, Azure DevOps, Azure Cloud Security

Cloud Security Architect

2018 - 2021
Mundo Startel S.A.
  • Designed secure cloud architecture using best practices.
  • Audited and implemented compliance as per regulatory requirements.
  • Designed, implemented, and maintained cloud infrastructure security, identified technical gaps, and provided solutions.
  • Gained extensive experience in cloud-based DDoS protection services such as AWS Shield Advanced.
Technologies: Cloud Security, Azure, Security Architecture, Security, AWS Organizations, Security Hub, Amazon Web Services (AWS), Single Sign-on (SSO), OWASP Top 10, Sentinel, Cyber Threat Hunting, Computer Science, Network Security, Amazon Route 53, SecOps, IT Service Management (ITSM), Application Security, Architecture, Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, Okta, Google Cloud Platform (GCP), Microsoft Azure, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, Team Management, ISO 27001, Compliance, Consulting, Azure Active Directory, Identity & Access Management (IAM), Data Protection, GDPR, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Infrastructure as Code (IaC), Linux Administration, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC), Datadog, Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Infrastructure Security, Secure Access Service Edge (SASE), Endpoint Security, Managed Detection and Response (MDR), Kubernetes, Docker, Chief Security Officer (CSO), Microsoft Identity Manager, AWS Cloud Security, SOC Compliance, Azure Cloud Security

Application Security Engineer

2014 - 2018
Ericsson
  • Developed processes and implemented tools and techniques to perform ongoing security assessments of the environment.
  • Analyzed security test results, drew conclusions from results, and developed targeted testing as deemed necessary.
  • Collaborated with external vendors to perform penetration tests on network devices, operating systems, databases, and applications as necessary.
Technologies: Network Security, Security, OWASP Top 10, Cyber Threat Hunting, Computer Science, SecOps, IT Service Management (ITSM), Architecture, Amazon Web Services (AWS), Azure, Identity & Access Management (IAM), Security Architecture, Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, ISO 27001, Compliance, Azure Active Directory, Data Protection, GDPR, Ethical Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Linux Administration, Application Security, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC), Datadog, Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Infrastructure Security, Secure Access Service Edge (SASE), Endpoint Security, Managed Detection and Response (MDR), Kubernetes, Docker, Active Directory (AD), Microsoft Identity Manager, Azure Cloud Security

Security Engineer

2013 - 2014
Vodafone Idea
  • Conducted vulnerability assessments of IT infrastructure for government agencies and private companies. Identified and prioritized vulnerabilities based on risk assessment and provided recommendations for remediation.
  • Audited organizations processing credit card data to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS). Identified and reported non-conformities and provided guidance on remediation measures.
  • Conducted a financial institution's comprehensive IDS/IPS vulnerability assessment, identifying misconfigurations and tuning recommendations to optimize threat detection accuracy and minimize false positives.
Technologies: Vulnerability Management, Identity & Access Management (IAM), Information Security Management Systems (ISMS), IDS/IPS, Firewalls, Threat Intelligence, Linux Administration, Application Security, Artificial Intelligence (AI), Network Architecture, Network Engineering, Network Monitoring, DevSecOps, Endpoint Detection and Response (EDR), Audits, GCP Security, Amazon Cognito, Amazon Virtual Private Cloud (VPC), Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Infrastructure Security, Secure Access Service Edge (SASE), Kubernetes, Docker, Active Directory (AD), Microsoft Identity Manager, Azure Cloud Security

Senior Engineer

2013 - 2014
Vodafone Idea
  • Performed manual, external, and internal penetration testing.
  • Collaborated with external vendors to perform penetration tests on network devices, operating systems, and databases.
  • Provided assistance to system users regarding information system security.
  • Performed routine vulnerability scans against specified systems, analyzed the results, and worked with business units to remediate systems.
Technologies: Network Security, Security, OWASP Top 10, Cyber Threat Hunting, Computer Science, SecOps, Microsoft, IT Security, Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, ISO 27001, Azure Active Directory, Identity & Access Management (IAM), Architecture, Data Protection, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, DevSecOps, Audits, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Kubernetes, Docker, Active Directory (AD), Azure Cloud Security

IT Security Engineer

2012 - 2013
Huawei Technologies Co.
  • Implemented data loss prevention (DLP) policies and technologies to prevent unauthorized data exfiltration and ensure compliance with data privacy regulations.
  • Designed and deployed secure network segmentation strategies to minimize the attack surface and limit the potential impact of security breaches.
  • Conducted physical security assessments to identify vulnerabilities in physical access controls and recommend improvements.
Technologies: Application Security, IT Security, Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, Audits, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Kubernetes, Docker, Active Directory (AD)

Cybersecurity Analyst

2010 - 2012
Ericsson
  • Assessed and optimized the existing vulnerability management program, identifying gaps and inefficiencies.
  • Implemented vulnerability scanning tools on various platforms (endpoints, network devices, applications) and prioritized identified vulnerabilities based on risk assessment.
  • Automated vulnerability patching processes and tracked remediation progress across different systems.
Technologies: IT Security, Security Operations Centers (SOC), Patch Management, Vulnerability Management, Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, Audits, Cloud Infrastructure, Infrastructure, AWS Certified Solution Architect, Kubernetes, Docker

Implementation of AWS Security Architecture

Implemented AWS security architecture for one of the USA's leading pharma companies to protect them from ongoing ransomware attacks. Performed penetration testing of AWS account to find out vulnerability and misconfiguration.

Protection Against Ransomware

Implemented an airgap backup solution for one of the top clients to secure them from ransomware using cloud-native and open-source tools. Firstly I utilized existing backup solutions with proper security, monitoring, and encryption in place. After that, I implemented secondary backup solutions to ensure that we have available backups to restore in case of attacks.  

AWS Organization Multi-account Architecture Implementation

Implemented AWS Organizations to use control towers according to AWS best practices. It was implemented to separate customer environments according to development, staging, and production with separate logging, security, and shared account structures.

Digital Operational Resilience Act (DORA) Compliance Program Implementation

I implemented the EU's Digital Operational Resilience Act (DORA) framework within the HR and organization to enhance operational resilience and comply with regulations.

• Developed and implemented policies and procedures for ICT risk management, incident reporting, digital operational resilience testing, and 3rd-party risk management, aligned with DORA requirements.
• Conducted a risk assessment to identify potential ICT threats and vulnerabilities.
• Implemented appropriate controls to mitigate identified risks.
• Defined and implemented an incident response plan for managing cyber threats and disruptions.

Business Continuity Planning and Implementation

Led a comprehensive initiative to develop and implement a robust business continuity plan (BCP) for Toptal. The project aimed to ensure the organization's resilience in the face of potential disruptions, including natural disasters, technological failures, and other unforeseen events. The BCP encompassed all critical business functions, IT systems, and key processes.

RISK ASSESSMENT AND BUSINESS IMPACT ANALYSIS
• Conducted a thorough risk assessment to identify potential threats and vulnerabilities.
• Performed a business impact analysis (BIA) to prioritize critical business functions and assess the financial and operational impact of disruptions.

BCP DEVELOPMENT AND DOCUMENTATION
• Collaborated with department heads and stakeholders to create a comprehensive business continuity plan.
• Documented detailed procedures for each critical business function, outlining steps for activation and recovery.

AI Adult Health Care

During the 3-week discovery phase, I worked closely to design, establish, and secure the project's technical infrastructure. My expertise was instrumental in integrating AI functionalities into Kinzy's MVP, focusing on creating a highly robust and secure environment that supported the application's innovative capabilities and catered to the user's needs.

SOC 2 Type 2 Compliance Certification

This project involved implementing an organization's SOC 2 Type II compliance, ensuring adherence to the Trust Services Criteria (TSC) for security, availability, and confidentiality. Leveraging Vanta and Scrut, we automated compliance workflows, monitored security controls, and achieved a successful external audit with minimal operational disruption.

Key achievements:
• Automated 80% of evidence collection, reducing manual effort.
• Successfully passed the external SOC 2 Type II audit within six months.
• Established a scalable and repeatable compliance framework for future audits.

Deployment of a Secure 3-Tier Application in Azure Landing Zone

This project involved designing and deploying a 3-tier application in an Azure Landing Zone, focusing on scalability, security, and compliance with industry best practices. Leveraging Azure services like App Service, Azure SQL Database, and Azure Firewall, we created a robust architecture that adhered to security and performance requirements.

KEY ACHIEVEMENTS
• Deployed a scalable 3-tier application across web, application, and database layers, ensuring high availability and resilience.
• Implemented comprehensive security measures, including WAF, NSGs, and encryption, to safeguard data and resources.
• Established a Hub-Spoke Network Topology with secure connectivity using private endpoints, achieving a scalable and modular architecture.
2022 - 2023

Master's Degree in Cyber Security

Southern New Hampshire University - New Hampshire

2005 - 2009

Bachelor's Degree in Electronics and Communication Engineering

University of Rajasthan, Jaipur - Jaipur, India

JANUARY 2024 - PRESENT

Certified Information Security Manager (CISM)

ISACA

NOVEMBER 2023 - PRESENT

Microsoft Certified: Cybersecurity Architect Expert

Microsoft

NOVEMBER 2021 - NOVEMBER 2023

Certified Kubernetes Security Specialist (CKS)

The Linux Foundation

SEPTEMBER 2021 - SEPTEMBER 2022

Microsoft Certified: Azure Security Engineer Associate

Microsoft

AUGUST 2021 - PRESENT

Certificate of Cloud Security Knowledge (CCSK)

CSA

FEBRUARY 2021 - FEBRUARY 2024

AWS Certified Security – Specialty

Amazon Web Services

JANUARY 2021 - JANUARY 2024

CKA: Certified Kubernetes Administrator

The Linux Foundation

JUNE 2020 - JUNE 2023

AWS Certified Solutions Architect Associate

AWS

DECEMBER 2018 - PRESENT

ITIL

Axelos

Tools

Metasploit, AWS IAM, Sentinel, Azure Key Vault, VPN, GCP Security, Amazon Cognito, Amazon Virtual Private Cloud (VPC), Microsoft Identity Manager, Microsoft Intune, AWS CloudFormation, Terraform, Boto 3, Jira, Confluence

Frameworks

ADF, AWS Well-Architected Framework

Paradigms

Penetration Testing, DevSecOps, DevOps, Azure DevOps

Platforms

Azure, AWS Lambda, AWS ALB, Amazon Web Services (AWS), Microsoft, AWS Elastic Beanstalk, Amazon EC2, Docker, Kubernetes, Google Cloud Platform (GCP), Vanta

Industry Expertise

Network Security, Cybersecurity, Enterprise Security

Storage

Azure Active Directory, Amazon S3 (AWS S3), Datadog, Microsoft Entra ID

Languages

Python 3

Other

OWASP Top 10, Application Security, Cloud Security, Networking, Computer Science, Security Architecture, AWS Certified Solution Architect, IT Service Management (ITSM), Security, Kubernetes Security, AWS Organizations, Security Hub, GaurdDuty, Single Sign-on (SSO), Amazon Route 53, Cyber Threat Hunting, SecOps, Architecture, Identity & Access Management (IAM), IT Security, OWASP, CISO, Web Security, Vulnerability Management, Security Audits, Okta, Microsoft Azure, Technical Hiring, Source Code Review, Interviewing, Task Analysis, Cloud, APIs, Team Management, Compliance, Consulting, Data Protection, GDPR, Ethical Hacking, Hacking, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Resource Manager (ARM), Networks, Data Loss Prevention (DLP), IDS/IPS, Firewalls, Threat Intelligence, Linux Administration, Vulnerability Assessment, Network Architecture, Network Engineering, Team Leadership, Network Design, Network Monitoring, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, SaaS Security, Web Application Firewall (WAF), Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, Infrastructure Security, Endpoint Security, Managed Detection and Response (MDR), Chief Security Officer (CSO), Active Directory (AD), AWS Cloud Security, Cybersecurity Operations, SOC Compliance, Mobile Device Management (MDM), Azure Cloud Security, VLANs, Solution Architecture, Container Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Web App Security, ISO 27001, Threat Modeling, Risk Management, Infrastructure as Code (IaC), Artificial Intelligence (AI), Secure Containers, Secure Access Service Edge (SASE), HITRUST Certification, AWS Control Tower, AWS WAF, Risk Assessment, Information Security, Security Operations Centers (SOC), Patch Management, Managed Security Service Providers (MSSP), Enterprise Cybersecurity, Minimum Viable Product (MVP), System Administration, Systems Monitoring, Log Management, Data Governance, Enterprise Risk Management (ERM), CISSP

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring