Mukesh Bhakar
Verified Expert in Engineering
Cloud Security Developer
Mukesh is a professional with over 14 years of experience in cybersecurity. He has expertise in designing and implementing security solutions across multi-cloud platforms like AWS, Azure, and GCP. His background includes DevSecOps, GRC, security operations, cloud security assessment, endpoint security, and data security. Mukesh has worked in various roles, including individual contributor and leadership positions. He was selected as an AWS Community Builder.
Portfolio
Experience
Availability
Preferred Environment
Network Security, Application Security, Cloud Security, DevSecOps, Amazon Web Services (AWS), Security Architecture, SOC 2, Artificial Intelligence (AI), GRC, Cloud Infrastructure, Chief Security Officer (CSO)
The most amazing...
...thing I've designed was a robust, scalable, and secure multi-cloud architecture, incorporating industry best practices to safeguard enterprise data and systems.
Work Experience
Cloud Security Specialist
West Roots LLC (Maptive)
- Ensured that the cloud architectures were designed with recommended security practices and standards following the principles of the Cloud Adoption Framework. Worked closely with application, network, and security teams.
- Assessed and mitigated risks associated with cloud services while ensuring compliance with relevant regulations and standards, such as CIS, NIST-CSF, ISO27001, SOC2, and other compliance requirements.
- Implemented static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) tools and methodologies.
- Designed IAM processes and procedures and translated high-level requirements into technical designs.
- Worked with SIEM and SOAR technical team to design new security use cases and provide functional requirements.
DevSecOps Engineer (via Toptal)
Green Line Inc
- Made integration with GCP's CI/CD pipelines using Cloud Build and Cloud Functions for seamless vulnerability scanning and patch deployment.
- Created integration with GCP's security and compliance services, such as Cloud Security Command Center and Security Health Analytics, for comprehensive threat detection and response.
- Established automated DevSecOps pipelines using Cloud Build and Cloud Functions, enforced security controls, including vulnerability scanning and pand incident response, thereby maintaining a robust security posture in healthcare.
Platform Cloud Security Engineer
Commonwealth Financial Network
- Developed a multi-cloud security orchestration platform for managing security policies, identity management, and threat detection across AWS and Azure using CSPM.
- Implemented a comprehensive access governance solution, utilizing AWS SSO and Azure Active Directory for centralized user authentication and authorization.
- Designed and implemented a multi-account architecture in AWS, segregating workloads and applications into distinct AWS accounts using AWS SRA and Control Tower.
- Designed and implemented cloud governance, establishing policies, procedures, and controls for cloud framework using NIST 800-53, CIS, and PCI DSS.
- Implemented Zscaler Zero Trust SASE with Azure Cloud Infrastructure.
Senior Cloud Security Architect
ValueLabs
- Performed security and privacy assessments, including vulnerability and penetration testing, to determine compliance and security posture in the cloud.
- Implemented AWS Security Hub, AWS Organizations, GuardDuty, SSO, WAF, and AWS native security tools.
- Conducted vulnerability assessment using Burp Suite Enterprise, Nmap, Nessus, OWASP ZAP, sqlmap, Scout Suite, and PACU.
- Automated cloud security controls, data, and processes to provide better metrics and operational support.
- Identified security threats and risks related to cloud infrastructure services and planned remediation activities.
- Led the implementation of a comprehensive compliance program to align with the Digital Operational Resilience Act (DORA) regulations introduced by the European Union (EU).
- Implemented a comprehensive GRC framework to enhance organizational governance, manage risks, and ensure regulatory compliance. The project aimed to create a centralized system to streamline processes, and mitigate potential risks.
Cloud Security Architect
Mundo Startel S.A.
- Designed secure cloud architecture using best practices.
- Audited and implemented compliance as per regulatory requirements.
- Designed, implemented, and maintained cloud infrastructure security, identified technical gaps, and provided solutions.
- Gained extensive experience in cloud-based DDoS protection services such as AWS Shield Advanced.
Application Security Engineer
Ericsson
- Developed processes and implemented tools and techniques to perform ongoing security assessments of the environment.
- Analyzed security test results, drew conclusions from results, and developed targeted testing as deemed necessary.
- Collaborated with external vendors to perform penetration tests on network devices, operating systems, databases, and applications as necessary.
Security Engineer
Vodafone Idea
- Conducted vulnerability assessments of IT infrastructure for government agencies and private companies. Identified and prioritized vulnerabilities based on risk assessment and provided recommendations for remediation.
- Audited organizations processing credit card data to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS). Identified and reported non-conformities and provided guidance on remediation measures.
- Conducted a financial institution's comprehensive IDS/IPS vulnerability assessment, identifying misconfigurations and tuning recommendations to optimize threat detection accuracy and minimize false positives.
Senior Engineer
Vodafone Idea
- Performed manual, external, and internal penetration testing.
- Collaborated with external vendors to perform penetration tests on network devices, operating systems, and databases.
- Provided assistance to system users regarding information system security.
- Performed routine vulnerability scans against specified systems, analyzed the results, and worked with business units to remediate systems.
IT Security Engineer
Huawei Technologies Co.
- Implemented data loss prevention (DLP) policies and technologies to prevent unauthorized data exfiltration and ensure compliance with data privacy regulations.
- Designed and deployed secure network segmentation strategies to minimize the attack surface and limit the potential impact of security breaches.
- Conducted physical security assessments to identify vulnerabilities in physical access controls and recommend improvements.
Cybersecurity Analyst
Ericsson
- Assessed and optimized the existing vulnerability management program, identifying gaps and inefficiencies.
- Implemented vulnerability scanning tools on various platforms (endpoints, network devices, applications) and prioritized identified vulnerabilities based on risk assessment.
- Automated vulnerability patching processes and tracked remediation progress across different systems.
Experience
Implementation of AWS Security Architecture
Protection Against Ransomware
AWS Organization Multi-account Architecture Implementation
Digital Operational Resilience Act (DORA) Compliance Program Implementation
• Developed and implemented policies and procedures for ICT risk management, incident reporting, digital operational resilience testing, and 3rd-party risk management, aligned with DORA requirements.
• Conducted a risk assessment to identify potential ICT threats and vulnerabilities.
• Implemented appropriate controls to mitigate identified risks.
• Defined and implemented an incident response plan for managing cyber threats and disruptions.
Business Continuity Planning and Implementation
RISK ASSESSMENT AND BUSINESS IMPACT ANALYSIS
• Conducted a thorough risk assessment to identify potential threats and vulnerabilities.
• Performed a business impact analysis (BIA) to prioritize critical business functions and assess the financial and operational impact of disruptions.
BCP DEVELOPMENT AND DOCUMENTATION
• Collaborated with department heads and stakeholders to create a comprehensive business continuity plan.
• Documented detailed procedures for each critical business function, outlining steps for activation and recovery.
AI Adult Health Care
Education
Master's Degree in Cyber Security
Southern New Hampshire University - New Hampshire
Bachelor's Degree in Electronics and Communication Engineering
University of Rajasthan, Jaipur - Jaipur, India
Certifications
Certified Information Security Manager (CISM)
ISACA
Microsoft Certified: Cybersecurity Architect Expert
Microsoft
Certified Kubernetes Security Specialist (CKS)
The Linux Foundation
Microsoft Certified: Azure Security Engineer Associate
Microsoft
Certificate of Cloud Security Knowledge (CCSK)
CSA
AWS Certified Security – Specialty
Amazon Web Services
CKA: Certified Kubernetes Administrator
The Linux Foundation
AWS Certified Solutions Architect Associate
AWS
ITIL
Axelos
Skills
Tools
Metasploit, AWS IAM, Sentinel, Azure Key Vault, VPN, GCP Security, Amazon Cognito, Amazon Virtual Private Cloud (VPC), AWS CloudFormation, Terraform, Boto 3
Paradigms
Penetration Testing, DevSecOps, DevOps
Platforms
Azure, AWS Lambda, AWS ALB, Amazon Web Services (AWS), Microsoft, AWS Elastic Beanstalk, Amazon EC2, Docker, Kubernetes, Google Cloud Platform (GCP)
Industry Expertise
Network Security, Cybersecurity, Enterprise Security
Storage
Azure Active Directory, Amazon S3 (AWS S3), Datadog
Languages
Python 3
Other
OWASP Top 10, Application Security, Cloud Security, Networking, Computer Science, Security Architecture, AWS Certified Solution Architect, IT Service Management (ITSM), Security, Kubernetes Security, AWS Organizations, Security Hub, GaurdDuty, Single Sign-on (SSO), Amazon Route 53, Cyber Threat Hunting, SecOps, Architecture, Identity & Access Management (IAM), IT Security, OWASP, Web Security, Vulnerability Management, Security Audits, Okta, Microsoft Azure, Technical Hiring, Source Code Review, Interviewing, Task Analysis, Cloud, APIs, Team Management, Compliance, Consulting, Data Protection, GDPR, Ethical Hacking, Hacking, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Resource Manager (ARM), Networks, Data Loss Prevention (DLP), IDS/IPS, Firewalls, Threat Intelligence, Linux Administration, Vulnerability Assessment, Network Architecture, Network Engineering, Team Leadership, Network Design, Network Monitoring, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, SaaS Security, Web Application Firewall (WAF), Monitoring, GRC, Documentation, Cloud Infrastructure, Infrastructure, Infrastructure Security, Endpoint Security, Managed Detection and Response (MDR), Chief Security Officer (CSO), Container Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Web App Security, CISO, ISO 27001, Threat Modeling, Risk Management, Infrastructure as Code (IaC), Artificial Intelligence (AI), Secure Containers, Secure Access Service Edge (SASE), AWS Control Tower, AWS WAF, Risk Assessment, Information Security, Security Operations Centers (SOC), Patch Management, Managed Security Service Providers (MSSP), Enterprise Cybersecurity, Minimum Viable Product (MVP), System Administration
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring