Ankit Aggarwal

This role is at Kudelski Group level and reporting is to group CISO.

Strategic Planning & Collaboration:

• Collaborated with management for strategic planning.
• Evaluated and recommended adoption of new security technologies.
• Built strong relationships with business leaders.

Technology Leadership:

• Assisted in building new technology capabilities aligned with management strategy.
• Managed Crowdstrike, Tenable.io, and Brinqa at group level as product owner.
• Implemented and maintained EDR & VM program
• Lead external attack surface management program
• Managed Phishing campaigns, phishing/spam submissions & process around it
• Managed Incident Management and investigated & responded IT security incidents (IR)
• Security monitoring and investigation for Microsoft ATP & O365 incidents

Risk Management & Security Operations:

• Led global security operations tasks and teams.
• Managed end-to-end CyberArk (PAM) infrastructure.
• Ensured security control effectiveness and timely incident response.

Metrics & Compliance:

• Tracked security product licenses, renewals, and budget.
• Presented global security KPIs to executive security committee.
• Stakeholder Engagement & Communication:
• Built productive relationships with business leaders and stakeholders.
• Effectively communicated security discussions to both technical and non-technical audiences.

People Management & Offshore Team Responsibilities:

• Managed roles and responsibilities within the offshore team.

• Part of SOC2 Core Team, assisting IBM GBS to get Unqualified SOC2 Report
• Global program and included 39 facilities located across 10 Countries
• Perform audit and check implemented controls as per AICPA SOC2 Type 2
• Manage audit scoping (IT devices, secluded areas, client delivery & Last mile connected facilities) of the project
• Perform internal testing for IT/non-IT control to ensure effectiveness
• Responsible for maintaining security & privacy controls as per contractual requirements for multiple projects, thereby ensuring the compliance
• Responsible for the reviewing & monitoring of SAP GRC controls, as per SOX standards.

• Responsible for enterprise level IT security & compliance and reporting to CISO of the company
• SPOC for all IT security activities across enterprise
• Implemented vulnerability management program
• Responsible for IT security control audit to ensure effectiveness of controls across enterprise, thereby ensuring compliance in line with requirement of ISO 27001, SOC 2, PCI DSS and client controls
• Responsible for implementation of client specific and ISMS controls as per signed service agreement
• Coordinated and maintained Information Security risk register
• Prepare and manage audit calendar and acted as point of contact for coordination of various audits
• Manage project to upgrade PCI DSS certification to v3.0, for banking client’s restricted zones and network
• Act as SPOC for external vendors during security, risk & compliance audits
• Review & manage technical change management
• Respond to RFPs received from multiple US banking and mortgage industry-based clients
• Prepare presentations, reports, and functional decks to present status to ELT’s.

• Manage Information functional & technical evaluation of some fortune 100 clients for ICANN project
• Document results and findings with supporting information as outlined by work management guidelines
• Perform internal audit for KGS based on ISO 27001 standard
• Share reports with executives and follow up for closure of identified non-compliant observations.

• Perform vulnerability assessment for servers and network devices for clients
• Identify and exploit vulnerabilities with objective to assess level of exposure to external threats
• Drafted questionnaire, guidelines and manuals for application security assessment.

• Perform vulnerability assessment for multiple HP clients
• Identify and exploit vulnerabilities and provide recommendation to fix identified vulnerabilities
• Offshore team member of transition team for DHCP & DNS project for automobile parts manufacturing client
• Planning, configuring/implementing DHCP & DNS services as L3 specialist
• Managing 1700+ DHCP & DNS servers including activities like, server commissioning and decommissioning, records creation/deletion and troubleshooting connectivity issue
• Manage server compliance for multiple HP clients through Symantec ESM tool.