Email id: ad4arm@r.postjobfree.com

Phone: +1-469-***-****

1

LinkedIn: in/punitacharya

Contact: +1-469-***-****

Email: ad4arm@r.postjobfree.com

PUNIT ACHARYA

A versatile cybersecurity professional with 16+ years of rich and diverse experience in assisting organizations to strategies, plan & design security solutions and adopt security measures to meet compliance, regulations, and security requirements.

PROFESSIONAL SUMMARY (in reverse chronological order)

InfoSec Architecture : Commonwealth Financial Network, US

Security Program Manager : Microsoft, US

Security Architect : Microsoft, India

Presales Consulting Manager : Wipro Technologies, India

Sr. Analyst (Identity & PKI) : BankofAmerica, India

Member Technical (IT Systems) : D.E.Shaw & Co, India

Technical Lead (Microsoft Active Directory) : Concentrix (aka Convergys), India EDUCATIONAL SUMMARY (in reverse chronological order)

Bachelor of Engineering (Information Technology) : University Institute of Technology, Bhopal

HHS/SSC (10th / 12th Grade) : ST. Mary’s School, Bhopal PROFESSIONAL CERTIFICATIONS

CERTIFIED: CERTIFIED AZURE AI FUNDAMENTALS

CERTIFIED: ZSCALER ZERO TRUST ARCHITECT (ZTCA)

CERTIFIED: CISSP (ISC2) – CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL

CERTIFIED: AZURE SOLUTION ARCHITECT EXPERT (MICROSOFT)

CERTIFIED: SECURITY OPERATIONS ANALYST ASSOCIATE (MICROSOFT)

CERTIFIED: AZURE ADMINISTRATOR ASSOCIATE (MICROSOFT)

CERTIFIED: COBIT FOUNDATION (ISACA) - CONTROL OBJECTIVES FOR INFORMATION AND RELATED TECHNOLOGIES

CERTIFIED: CERTIFIED ETHICAL HACKER (C EH V9) (EC-COUNCIL) TECHNICAL SKILLS

STRONG UNDERSTANDING AND EXPERIENCE WITH FRAMEWORKS (CIS, HIPAA, HITRUST, PCI/DSS, ISO27001, NIST)

THREAT MODELLING – STRIDE FRAMEWORK / MS THREAT MODELLING TOOL

MICROSOFT SECURITY STACK ACROSS IAAS, PAAS, SAAS

SIEM / SOAR– AZURE SENTINEL

THREAT MANAGEMENT SUITE: DEFENDER FOR CLOUD / DEFENDER FOR IDENTITY / DEFENDER FOR ENDPOINT / DEFENDER O365, DEFENDER FOR CLOUDAPPS.

IDENTITY & ACCESS MANAGEMENT - ACTIVE DIRECTORY / AZURE AD / ENTRA

OPERATIONAL TECHNOLOGY (OT) SECURITY – MICROSOFT DEFENDER FOR IOT, CYBERX

DATA SECURITY – PURVIEW - EDISCOVERY / DLP / OMS

PRIVILEGE IDENTIFY/ACCESS MANAGEMENT SOLUTION (PIM/PAM) (CYBERARK / AZURE)

OT SECURITY - KNOWLEDGE OF PURDUE MODEL, NETWORK ISOLATION REQUIREMENTS OF OT/ICS, DEFENDER FOR OT/IOT Email id: ad4arm@r.postjobfree.com

Phone: +1-469-***-****

2

MODERN AUTHENTICATION PROTOCOLS: OAUTH/SAML

PUBLIC KEY INFRASTRUCTURE: SHA2 MIGRATION, CLM - CERTIFICATE LIFECYCLE MANAGEMENT (VENAFI/APPVIEWX), DESIGN, IMPLEMENTATION AND SUPPORT - PKI INFRA, (GREENFIELD OR MIGRATION)

KEY MANAGEMENT SOLUTIONS, LEVERAGING HARDWARE SECURITY MODULE (HSM), VIRTUAL KEY MANAGEMENT APPLIANCE (THALES) FUNCTIONAL SKILLS

Strategic Program Leadership: Proficient in crafting comprehensive program strategies and roadmaps that align seamlessly with organizational objectives. Possess extensive experience in managing security programs, encompassing end-to-end strategy development, solution management, and solution development in the realms of cloud security, threat management, identity, data, and security operations.

Effective Business Alignment: Skilled at translating high-level business goals into actionable plans, steering cross- functional teams toward successful project completion, and adapting strategies to navigate shifting market dynamics.

Stakeholder Engagement and Collaboration: Demonstrating exceptional abilities in cultivating and nurturing strong relationships with a diverse array of stakeholders, including executives, clients, vendors, and team members. Proficient in promoting collaboration, setting clear expectations, and establishing robust communication channels to ensure project triumph and client contentment.

Presales Expertise: Exhibiting proven expertise in presales activities, encompassing financial analysis, deal structuring, cost modeling, and effort estimation. Proficient in responding to extensive RFI/RFPs with a strong technical foundation.

Regulatory Compliance and Risk Assessment: Extensive experience in conducting thorough security gap assessments and IT risk evaluations against various industry standards and regulations, such as PCI/DSS, HIPAA, CIS, NIST, ISO, and GDPR.

Security Architecture Proficiency: Proficient in crafting security architecture and design solutions across diverse environments, including cloud, multi-cloud, hybrid, and on-premises setups.

Mentorship and Team Leadership: Successfully mentored and guided team members, developing tailored technical growth plans to enhance their skills. Demonstrated leadership in leading teams toward the achievement of project objectives.

Effective Communication and Stakeholder Management: Consistently showcased strong communication, presentation, negotiation, and stakeholder management skills. Proficient in motivating and leading teams with excellent interpersonal abilities.

Email id: ad4arm@r.postjobfree.com

Phone: +1-469-***-****

3

PROFESSIONAL WORK HISTORY (in reverse chronological order) COMMONWEALTH FINANCIAL NETWORK, DALLAS, TEXAS 06/2023 – PRESENT Job Title: InfoSec Architect

Job responsibilities:

Security Architecture: Conducted in-depth analysis of system architectures to formulate robust security requirements aligned with Information Security policies and standards. Proactively identified and mitigated emerging security threats, delivering recommendations for architectural enhancements to bolster overall security posture.

Collaboration & Leadership: Fostered effective collaboration with a diverse range of stakeholders, including business units, application teams, architectural teams, and third-party vendors. Provided expert guidance on security controls, facilitating comprehensive security risk management strategies, and ensuring a unified approach to security within the organization.

Risk Assessment & Management: Performed thorough and comprehensive risk assessments on information systems and infrastructure. Utilized a risk-based methodology to identify and communicate both current and emerging security threats to cross-functional teams, enabling the organization to respond strategically and make well-informed decisions to mitigate risks.

MICROSOFT, DALLAS, TEXAS 12/2018 – 06/2023

Job Title: Security Program Manager – (Security Service Line) Job responsibilities:

Responsible for managing a security solution portfolio worth $120mn. This involved identifying market needs, developing and launching new security solutions, managing solution life cycles, and ensuring that the portfolio aligned with the organization's strategic goals. I also worked closely with the sales team to ensure that the portfolio was effectively marketed and sold to customers. Additionally, I was responsible for tracking portfolio performance and making adjustments as necessary to ensure that financial targets were met.

Leveraging my skill in strategic planning and stakeholder engagement, I played a pivotal role in driving the overall growth and success of the company. This involved developing comprehensive program strategies and roadmaps to align with organizational goals, translating high-level business objectives into actionable plans, and skillfully managing relationships with diverse stakeholders to foster collaboration and ensure project success and client satisfaction. Job Title: Security Architect – (Security Service Line) Job responsibilities:

Successfully conducted security presales activities, including assessing client needs, designing tailored security solutions, and effectively communicating their value proposition, resulting in increased client confidence and successful security implementations.

Developing and maintaining the organization's security architecture, policies, and standards

Conducting risk assessments to identify potential security threats and vulnerabilities

Designing and implementing security solutions, such as SIEM/SOAR, Threat Protection & Management, Identity, Data Security, IoT/OT Security.

Ensuring that security solutions are integrated with the overall technology architecture and meet the organization's security requirements.

Staying current with emerging security threats and technologies, and recommending new solutions to address them

Providing guidance and training to other technology teams on security best practices and standards

Assisting with incident response in the event of a security breach

Communicating security risks and mitigation plans to senior management and stakeholders. WIPRO TECHNOLOGIES LTD, HYDERABAD, TELANGANA 09/2014 – 11/2018 Job Title: Consulting Manager Presales - (Data & Cloud Security)

As a Consulting Manager for the Data & Cloud Security Practice, I oversaw a range of responsibilities such as developing technical proposal responses, generating and monitoring revenue, pipeline building and management, revenue growth, Email id: ad4arm@r.postjobfree.com

Phone: +1-469-***-****

4

partner alliance building and management, sales activation and landing, and formulating go-to-market strategies. In collaboration with my team, I ensure that we achieve our targets and exceed customer expectations. I am also responsible for identifying and pursuing new business opportunities, analyzing market trends and customer requirements, and ensuring that our solutions remain competitive and align with the overall business strategy. Through effective leadership and management, I make significant contributions to the growth and success of the practice and the organization as a whole.

BANK OF AMERICA, HYDERABAD, TELANGANA 02/2011 – 09/2014 Job Title: Sr. Analyst (GWDS - Global Windows Directory Service & PKI)

Part of group that provides Active Directory & PKI service platform to internal enterprise and subsidiary stakeholders.

Responsible for designing, implementing, and maintaining the Active Directory / PKI infrastructure, including creating and managing domains, forests, Certificate Authorities, Certificate Revocation Lists.

Responsible for ensuring the security of the Active Directory environment, including setting up access controls, permissions, and authentication methods.

Planning for Active Directory upgrades, migrations, and expansions.

Responsible for establishing and maintaining policies and procedures for the PKI and Active Directory environment, including backup and recovery procedures, monitoring and reporting processes, and disaster recovery planning.

Supporting integration efforts for Active Directory environment with other systems, such as Exchange and SharePoint, and for ensuring that the Active Directory environment is compatible with other systems and platforms.

Responsible for monitoring the Active Directory environment for performance and security, and for maintaining the infrastructure to ensure it is up-to-date and secure.

Provide training and documentation / SOPs for Active Directory / PKI environment. TECHNICAL EDUCATION DETAILS

GRADUATION

DEGREE : BACHELOR OF ENGINEERING (INFORMATION TECHNOLOGY)

COLLEGE/UNIVERSITY : UNIVERSITY INSTITUTE OF TECHNOLOGY (UIT), BHOPAL, MP PERSONAL DETAILS

NATIONALITY : INDIAN

LANGUAGE PROFICIENCY : ENGLISH

CONTACT NO. : +1-469-***-****

LINKEDIN PROFILE : in/punitacharya

US WORK AUTHORIZATION : L2-EAD (EMPLOYMENT AUTHORIZATION DOCUMENT)

Contact this candidate