Parminder Singh Sahi
Sr. Cybersecurity Executive (ex-Stem, Ex-NextLabs, Ex-Wells Fargo) Driving Confidentiality, Integrity, And Availability Of Enterprise Information Systems.
Newark,CA
Summary
Seasoned Security Leader with 20+ years' experience crafting robust security strategies, managing complex IT projects and cloud operations, driving innovation, safeguarding data, networks, and infrastructure, leading high-performing security teams, aligning security with business goals, adhering to budgets and timelines, and investing in emerging security and technology trends to instill resiliency against evolving threats.
Overview
22
22
years of professional experience
2
2
Certifications
Work History
Cybersecurity Product Manager
Plus Power
7 2023 - 06.2024
- Directed collaboration with leaders, IT, vendors, and cross-functional teams, driving cybersecurity operations and ensuring cohesive communication across global organizations. Achieved a 30% improvement in security incident response times.
- Acted as a project facilitator for cross-functional peers, subordinates, and senior management, effectively addressing cybersecurity operations issues, resolutions, and enhancements. Utilized tools such as JIRA and Confluence for project tracking and collaboration.
- Led implementation planning, monitored execution, and managed risks and issues of cybersecurity initiatives using PM tools like Microsoft Project and Asana. Reduced project risk exposure by 25% through proactive risk management strategies.
- Utilized cybersecurity expertise to drive conversations with stakeholders, ensuring comprehensive coverage of all aspects. Communicated cybersecurity-related messaging at a global organizational level, resulting in a 40% increase in stakeholder engagement.
- Collaborated with cross-functional teams to deliver on cybersecurity initiatives, driving vulnerability remediation actions assigned to relevant IT teams. Facilitated infrastructure monitoring and incident response, reducing vulnerability remediation time by 20%.
- Led incident management response to cybersecurity incidents, ensuring timely and effective communication and resolution. Implemented SIEM solutions, enhancing threat detection capabilities by 35%.
- Conducted analytics and reporting of cybersecurity trends and metrics, providing valuable strategic planning. Improved reporting accuracy by 30% through the use of advanced data analytics tools.
- Led scrums and sprints, collaborating to deliver fixes and improvements in cybersecurity operations. Achieved a 25% increase in team productivity by implementing Agile practices.
- Managed relationships with vendors to facilitate vulnerability identification, leveraging a strong infrastructure background to ensure comprehensive security measures. Reduced vendor-related security incidents by 15%.
- Proficient in both oral and written communications, including executive-level presentations, to effectively articulate cybersecurity risks and strategies. Enhanced executive reporting processes, resulting in a 50% reduction in information delivery time.
Head of Systems and Security Operations
Stem Inc.
04.2020 - 07.2023
- Served as the primary point of contact for project management and related issues, handling multiple projects simultaneously, and working independently.
- Managed project implementation of a Zero-Trust security framework using OKTA, CrowdStrike, Zscaler, DataDog, and Palo Alto, enhancing 24/7 operations visibility and tripling cloud security posture management (CSPM) score
- Established a secure SDLC framework, incorporating static and dynamic application security testing (SAST/DAST), reducing high-risk vulnerabilities by 45%
- Conducted application security reviews and penetration testing for over 100 applications, leading to a 30% decrease in critical vulnerabilities year-over-year
- Addressed CCPA and CPRA requirements; achieved SOC 1, SOC 2, SOX, and ISO 27001 certifications without any findings in record time
- Instituted robust risk management practices and minimized security vulnerabilities by referencing NIST, COBIT, CIS Build Kits, Data Breach Investigations Report (DBIR), and MITRE Enterprise ATT&CK frameworks
- Developed and implemented a comprehensive security awareness program that increased employee participation by 35% and reduced phishing simulation failures by 50%
- Developed and operationalized a Security Operations Center (SOC) and implemented Security Orchestration, Automation, and Response (SOAR) capabilities, reducing incident response times by 60%
Director of Systems and Security Operations
Stem Inc.
07.2016 - 04.2020
- Implemented InfoSec, App-Security, Infra-Security, and Compliance and addressed questionnaires during due diligence from potential investors and acquisitions
- Conducted annual risk assessments and vulnerability scans, reducing the overall risk score by 40% and improving the organization’s security posture
- Delivered global solutions and supported developing and deploying all InfoSec metrics, including Global Solutions operations, Service Level Agreements (SLA), and Operational Level Agreements (OLA).
- Worked with management and engineers to ensure the portfolio of infrastructure projects was delivered on time and within budget.
- Provided transparency into project health and presented the portfolio of projects in a dashboard for management.
- Managed internal projects supporting continuous improvement of services across the organization.
Director Security and DevOps
NextLabs Inc.
12.2014 - 07.2016
- Hired to modernize DevOps and construct a SaaS service delivery platform on the hybrid multi-cloud platform
- Supported Attribute-based dynamic access control and Rights Management products with Saml and OAuth integration
- Implemented CI/CD pipelines with quality gates and completed source code migration from SVN to Git
- Implemented security policies, technical standards, and procedures within six months, eliminating 80% of the security backlog
- Partnered with the Product team to co-architected NextLabs' platform solutions for private and hybrid cloud, achieving over 20% cost savings, ensuring compliance with GDPR, HIPAA, PCI-DSS, SOC2, HITRUST, and FedRAMP, driving growth in three quarters
Web System Engineering Leader
Wells Fargo – ISG
05.2007 - 12.2014
- Hired to scale the platform by automating infrastructure service
- Directed Build & Release team to establish critical infrastructure and system configurations, creating a controlled CI/CD ecosystem focused on automation, self-servicing, and continuous improvement
- Managed the largest US banking merger, integrating over 10.3 million Wachovia customers while ensuring PCI and SOX compliance
- Expanded team from 10 to 40 members, retaining top talent and managing an annual budget of $5 million to drive global initiatives.
Business Quality Analyst
Ameriquest Mortgage
03.2004 - 04.2007
- Hired to build the first fully automated Point of Sale system for the mortgage application process.
Education
EXECUTIVE CERTIFICATION - MANAGEMENT & LEADERSHIP
MIT Sloan School of Management
Boston, MA 10.2021 - 5 2023
MASTER OF SCIENCE - Electrical Engineering
Southern Illinois University
Carbondale, IL 08.2000 - 5 2002
Skills
Detection and Response
Network Security
Threat Intelligence
Security Architecture & Design
Security Incident & Event Management (SIEM)
Cloud Architecture Design and Optimization
Data Management and Protection
Cybersecurity, Governance, Risk, Compliance
Cryptography, AuthN, AuthZ
CWPP, CSPM, CIEM, CASB, CNAPP, SASE
AWS, Azure, GCP
Agile (SAFe), KPI, OKR
ITIL, COBIT, NIST, CMMC, FedRAMP, GDPR, NERC-CIP
Certification
- CISSP – Certified Information Systems Security Professional
Organizations
Member of ISC, CIS, ISACA and IEEE.
Timeline
EXECUTIVE CERTIFICATION - MANAGEMENT & LEADERSHIP
MIT Sloan School of Management
10.2021 - 5 2023
Head of Systems and Security Operations
Stem Inc.
04.2020 - 07.2023
Director of Systems and Security Operations
Stem Inc.
07.2016 - 04.2020
Director Security and DevOps
NextLabs Inc.
12.2014 - 07.2016
Web System Engineering Leader
Wells Fargo – ISG
05.2007 - 12.2014
Business Quality Analyst
Ameriquest Mortgage
03.2004 - 04.2007
MASTER OF SCIENCE - Electrical Engineering
Southern Illinois University
08.2000 - 5 2002
Cybersecurity Product Manager
Plus Power
7 2023 - 06.2024