Anil Gunda
OT/ICS Cyber Security Manager
Doha
Summary
Highly adaptable and well-presented professional with a distinguished track record in IT/OT. Proven experience in demanding environments that require self-motivation and a focused approach. Demonstrated ability to work autonomously and take on additional responsibilities. Committed team player with leadership ability, prioritizing high standards of communication to establish positive interpersonal relationships. Seeking a secure, challenging, and rewarding position to apply practical knowledge and experiences in contributing to organizational success.
Overview
14
14
years of professional experience
4
4
years of post-secondary education
6
6
Certifications
Work History
OT/ICS Cyber Security Manager
Qatar Airways
05.2018 - Current
- Led the implementation and management of the OT/ICS Security Operations Center (SOC), ensuring continuous monitoring and protection of OT systems.
- Oversaw vendor relationships, including negotiating contracts, monitoring performance, and ensuring adherence to established security standards.
- Served as a core member of the review committee for the Qatar 2022 Cyber Security Draft Framework.
- Specialized in securing airport critical ICS infrastructure, ensuring compliance with aviation cybersecurity standards.
- Influenced executive decision-making through concise presentations on cybersecurity risks, trends, and best practices.
- Oversaw security control implementation in ICS and IT environments, aligning with Qatar’s Cyber Security Framework.
- Coordinated with external partners such as law enforcement agencies during major cyber incidents for swift resolution and mitigation efforts.
- Designed and executed a Cyber Hygiene Project, improving the security posture of OT systems and ensuring compliance with best practices.
- Managed a diverse team of cybersecurity professionals to achieve organizational goals effectively
- Directed ICS security incident response, including forensic investigation, remediation, and proactive threat hunting
- Evaluated and deployed security technologies to enhance OT network visibility, monitoring, and threat detection
- Ensured adherence to Cyber Governance frameworks, regulatory compliance, and industry best practices to strengthen OT security resilience
- Developed and enforced OT security policies, incorporating ISA/IEC 62443 and NIST standards
- Acted as a cybersecurity consultant, bridging operations and corporate IT security teams
IT Cyber Security Lead
Qatar Airways
01.2016 - 04.2018
- Enhanced system security by conducting penetration tests and identifying vulnerabilities in critical airline/airport applications
- Conducted vulnerability assessments for 100+ servers of airport infrastructure
- Established policies and procedures in line with ISO 20000 and ISO 27001
- Member of change management board
- Working closely with anti-virus and patch management teams to ensure systems and servers are regularly updated
- Managing Internal Audits
- Conducted regular security assessments to ensure continued compliance with industry standards and regulations.
- Stayed current on emerging threats and trends in cybersecurity, adapting testing methods as needed to address new risks.
Senior Information Security Analyst
HSBC
08.2012 - 12.2015
- Conducted application penetration testing of 250+ business applications
- Conducted vulnerability assessments for 500+ servers of various platforms and network devices
- Responsible for Vulnerability Management and Red Team Assessments for ICS environments
- Acquainted with various approaches to Grey & Black box security testing
- Proficient in understanding application level vulnerabilities like XSS, SQL Injection, response splitting attacks, session hijacking, authentication bypass, weak cryptography, authentication flaws etc
- Evaluate risk for application and network infrastructures as per OWASP and organizational security control standards and guidelines
- As part of research and development, I have helped in developing two new services – Thick Client and Mobile application security testing services
- Played crucial role in streamlining processes and as part of it, I have written process documents and testing methodologies
- Incident management and handling skills; including knowledge of common probing and attack methods, viruses, botnets and other forms of malware
- Correlating events from Network, OS, Applications or IDS/Firewalls and analyzing them for possible threats
- Monitor security violations, flag potential violations and investigate security incidents
- Manage and monitor tools to ensure security of internal and perimeter network while ensuring that adequate packets and network activity information is captured for investigating potential security incidents
- Developed and implemented security awareness programs and acted as business unit trainer, helped in training new batches on various occasions
Security Analyst
Paladion Networks
12.2010 - 07.2012
- Managed complex projects involving multiple stakeholders, delivering high-quality results within budget constraints and timelines
- Assisted in the successful completion of security audits, resulting in a boost of client trust and confidence
- Negotiated contracts with third-party vendors, securing cost-effective solutions without compromising quality or service levels
- Actively participated in professional organizations and industry forums to stay current on trends, threats, and best practices in cybersecurity
- Worked on long term project with a leading bank in India
- Conducted application security testing of 200+ business applications
- Some of the key projects including online Banking Applications, Online portal of Stock trade company, Online Exam Application
- Application Security Test of various Internet and Intranet facing applications of well-known bank in India
- External and Internal network penetration tests of internet/intranet facing servers and devices
- Performed vulnerability assessments of critical servers includes OS, databases and web/app servers and network devices
- Experienced on service delivery, managing project requirements, customer relationship, allocating work, conducting status meetings and customer reviews, technical support and system administration
Education
Bachelor of Science - Electronics And Communications Engineering
JNTU Kakinada
Hyderabad 08.2006 - 05.2010
Skills
OT/ICS Security operations
Risk Assessments
Application Security Assessment
Penetration Testing
Project management
Threat intelligence
undefinedWebsites
Certification
SANS GICSP (Trained & Winner of CTF with SANS Coin)
Timeline
SANS GICSP (Trained & Winner of CTF with SANS Coin)
03-2023
SANS GCIH
01-2022
Certified Information Systems Auditor (CISA)
05-2018
OT/ICS Cyber Security Manager
Qatar Airways
05.2018 - Current
Certified Ethical Hacker (CEH)
05-2017
ITIL Foundation
08-2016
IT Cyber Security Lead
Qatar Airways
01.2016 - 04.2018
ISO 27001 Lead Auditor
03-2013
Senior Information Security Analyst
HSBC
08.2012 - 12.2015
Security Analyst
Paladion Networks
12.2010 - 07.2012
Bachelor of Science - Electronics And Communications Engineering
JNTU Kakinada
08.2006 - 05.2010
Similar Profiles
Manoj Kudakkachira MathaiManoj Kudakkachira Mathai
Baggage Officer at Qatar Aviation Services (Qatar Airways Group)Baggage Officer at Qatar Aviation Services (Qatar Airways Group)
Edward EnriquezEdward Enriquez
Head of Cabin Appearance at Qatar Aviation Services / Qatar AirwaysHead of Cabin Appearance at Qatar Aviation Services / Qatar Airways
Balwin KaurBalwin Kaur
Sales Assistant at Qatar Duty Free (Qatar Airways)Sales Assistant at Qatar Duty Free (Qatar Airways)
Mobin Ali TuriMobin Ali Turi
Cargo Service Agent (Dangerous Goods Agent) at Qatar Aviation Service (Qatar Airways Group)Cargo Service Agent (Dangerous Goods Agent) at Qatar Aviation Service (Qatar Airways Group)
Hamed Khalil KshtaHamed Khalil Kshta
Owner & Managing Director at First Pharma Vet for Veterinary EquipmentOwner & Managing Director at First Pharma Vet for Veterinary Equipment