Business Program Manager/ Cyber Security | Microsoft | Noida
- Led application security program with a 12-member team across the US, India, and Ireland for over 1,100 tools. Improved compliance rates from 18% to 75%, ensuring secure and reliable products for global customers.
- Achieved an 83% reduction in review completion time (from 12 weeks to 2 weeks) through integrating Security Copilot and automation, saving $667K in annual cost.
- Launched a product called S360 for compliance KPI tracking within the business unit, enabling data-driven decisions for leadership and achieving $1.2mn in development cost savings.
- Designed and launched the Compliance Manager, a one-stop solution for product security requirements, unifying secure SDLC, cloud security, and Responsible AI standards across multiple Microsoft business units, boosting efficiency by 90%.
- Spearheaded Agile and Scrum ceremonies to streamline product security initiatives, coordinating cross-functional sprints and reducing development timelines by 40%, improving collaboration across security, engineering, and compliance teams.
Senior Security Engineer/ Program Management, Technology & Digital | McKinsey & Company | Gurugram
- Developed and standardized a vendor security risk program to assess the security of 3rd-party cloud products (SaaS, PaaS, IaaS), ensuring GDPR, SOC2, and ISO27001 compliance while cutting contract review time by 50%.
- Revamped a firm-wide automated Product Security Review process for over 1,000 products and tools, leveraging DevSecOps principles to ensure a secure product life cycle across McKinsey, resulting in $30K in annual cost savings.
- Led a global team of 8 security analysts based out of India, the US, and Prague in conducting penetration testing of McKinsey tools and solutions, resulting in a 95% compliance fulfillment rate and significantly enhancing the organization's security posture.
- Spearheaded bi-weekly Security Ask-Me-Anything (AMA) sessions, engaging 500+ global employees with leadership, fostering a culture of security awareness and knowledge sharing.
- Partnered with the CISO and C-suite executives of McKinsey’s vendors and partners to deliver tailored, top-tier security solutions aligned with business goals and improved product security standards
Security Analyst/ Primavera, India Development Center | Oracle India Pvt. Ltd | Hyderabad
- Led security assurance of an enterprise product suite - Primavera Unifier globally, following agile methodologies.
- Provided expert consulting support to high-profile customers, including Saudi Aramco and Heathrow Airport, addressing their information security challenges and ensuring robust security practices.
- Established iOS & Android security review process in the Business Unit, training and empowering a global team of 30 QA analysts in India and the US to execute secure development practices.
- Automated the security review process of product modules using Selenium test suites, reducing completion time by 75% and significantly improving operational efficiency.
Systems Engineer/ Security Engineering | Tata Consultancy Services
- Led application security assessments of over 100 products (web, iOS, and Android), achieving a 90% compliance rate.
- Automated the secure code review process, eliminating team dependency and saving 160 person-hours monthly.
- Facilitated 30+ training sessions and workshops, upskilling various product teams on application security.