Security Officer Information

PARMINDER SINGH SAHI

Newark, CA ***** • ******@*****.*** • linkedin.com/in/parmindersinghsahi • 415-***-****

Chief Information Security Officer (CISO)

CAREER SUMMARY

Cybersecurity and risk executive with over 20 years of experience securing cloud, SaaS, AI, IoT/OT, and financial systems. Expert in Zero Trust security models, AI-driven cybersecurity frameworks, and GRC programs to enhance enterprise resilience.

Proven ability to align security with business objectives, optimize risk management, and drive compliance across hybrid multi-cloud environments to protect intellectual property (IP) within platform, data, and engineering environments. Specialized in AI-powered threat detection, enterprise security transformation, and incident response to fortify security postures and data protection with enhanced privacy.

●Enterprise Security Transformation: Led a security overhaul at Plus Power, enhancing cloud security and edge posture by 40% and achieving SOC 2, SOX, PCI, HIPAA, GDPR, CMMC, NIST CSF, and NERC-CIP compliance. Streamlined AI-driven platform security processes, improving time-to-compliance by 35%, facilitating $1.6 billion in equity financing with investors.

●Zero Trust & Threat Defense: Deployed Zero Trust architecture, SIEM, XDR, DLP, SOC, IDS/IPS, and CNAPP solutions at Stem, reducing breach incidents by 40% and incident response times by 30%. Established identity and access management and endpoint security strategies, enhancing the Athena AI/ML SaaS platform and driving over 150% year-over-year revenue growth to $360 million in 2022, ultimately leading to an IPO.

●Cloud & Product Security: Designed and implemented DevSecOps pipelines at Plus Power, Stem, NextLabs, and Wells Fargo, integrating SAST, DAST, and SCA security tools, leading to an 80% reduction in post-release vulnerabilities. Enhanced secure API design, container security, network, and cloud-native security frameworks.

●Governance, Risk, & Compliance (GRC): Built a comprehensive risk management framework at Stem, enhancing vendor security assessments and regulatory compliance with NIST (37, 53, 171, 207), ISO/IEC 42001, CMMC, CCPA, DFARS, FISMA, and FedRAMP. Automated compliance audits, reducing manual effort by 50%.

●M&A and Divestiture Leadership: Performed the due diligence and spearheaded the migration of legacy data centers to cloud applications at Stem and Wells Fargo, ensuring seamless operations and security of software applications, data, and systems consolidation while integrating over $600M in M&A.

●Leadership & Cross-Functional Collaboration: Led and mentored 50+ security professionals, increasing security awareness and improving security culture by 35% across multiple business units. Collaborated with executive leadership to integrate security measures into product and IT roadmaps and ensured timely communication of business risks.

PROFESSIONAL EXPERIENCE

Pearsk Consulting, Remote (Jun 2024 - Present)

Executive Director and CISO

Accelerated cloud-native transformation and cybersecurity strategy, improving resiliency, data protection, and compliance by 40% by optimizing security engineering for blockchain and aerospace clients.

●Executive Cybersecurity & Business Growth Alignment: Advised C-Suite leadership on cybersecurity strategy, ensuring alignment with business growth, M&A due diligence, and GRC implementations, reducing compliance gaps by 60%. Increased organizational resilience by 70% through strategic risk mitigation and accelerated AI-driven security solutions by translating complex security concepts for non-technical stakeholders.

●Zero-Trust Security & Product Security Enhancement: Tripled CSPM score, as measured by automated cloud security compliance and risk posture improvements, by implementing a Zero-Trust security framework using OKTA, CrowdStrike, Zscaler, DataDog, SentinelOne, and Palo Alto.

●Incident Response & Security Operations Leadership: Reduced mean time to detect (MTTD) threats by 50% and mean time to respond (MTTR) by 60% by leading incident response and recovery initiatives for high-severity cybersecurity events. Implemented IAM and SIEM, enhancing 24/7 security operations visibility by 80% through automated alerting and real-time security analytics. Reduced unauthorized access attempts by 75% by enforcing robust identity management, security event monitoring, and real-time threat intelligence.

Plus Power, San Francisco, CA (Jul 2023 - Jun 2024)

CIO & CISO

Brought in to lead enterprise-wide initiatives for cybersecurity, compliance, privacy, and risk management within a highly regulated battery energy storage sector. Implemented AI-driven security analytics and governance frameworks in the SaaS/IoT platform to enhance cybersecurity maturity and operational resilience. Developed and executed a security strategy aligned with business goals, emerging threats, and compliance while effectively communicating key risk indicators (KRIs) to executives and the Board.

●Security Risk Reduction & Compliance: Conducted a NIST-based security risk analysis, remediating 90% of critical vulnerabilities within three months while enforcing Zero Trust principles with IAM (AZURE Entra ID), MFA, PAM, and RBAC/ABAC policies across IT, OT, and cloud environments.

●Threat Intelligence & Security Operations: Built a 24/7 SOC integrating XDR, WAF, SIEM, IDS/IPS, SSE, and real-time threat intelligence, reducing response times by 30% and minimizing MTTD/MTTR. Conducted continuous penetration testing, red teaming, and bug bounty programs to identify threats proactively, such as adversarial attacks and data poisoning.

●Product, Application & Data Security: Integrated secure SDLC, DevSecOps best practices, and runtime security into development, reducing high-risk vulnerabilities by 80%. Implemented Snyk-based CI/CD SAST/DAST security scanning, secure API development (OWASP Top 10), SHA-2 encryption, firewalls, and DLP solutions to protect sensitive data and ensure regulatory compliance.

●Led a 50+ multidisciplinary global team, mentoring directors and senior managers. Boosted productivity by 20% through targeted upskilling and fostering a positive, innovative culture.

●Incident Response & Business Continuity: Established incident response playbooks, crisis management tabletop exercises, and resilience testing, achieving 99.99% uptime and a 40% reduction in RTO through BCP/DR strategies.

●Security Awareness & Executive Reporting: Designed security training programs, reducing phishing susceptibility from 14.8% to 4.9% while developing cyber risk dashboards and compliance KPIs that increased cybersecurity funding by 25% and enhanced executive visibility into threat trends.

Stem Inc., San Francisco, CA (Apr 2020 - Jul 2023)

Head of Cloud and Security Engineering

Led security for AI-driven clean energy SaaS platforms, protecting 200k+ IoT devices in 50+ countries while building scalable enterprise-level security operations. Collaborated with executive leadership and the GTM team to implement unique security and privacy features that accelerated market penetration and protected critical infrastructure.

●Zero-Trust & Cloud Security: Deployed Okta, CrowdStrike, Zscaler, DataDog, Wiz, Traceable AI, and Palo Alto across cloud and on-prem environments while architecting AWS, Azure, and GCP security frameworks to secure thousands of IoT devices using SSL-based communication.

●SOC, SOAR & Threat Management: Built and operationalized a 24/7 SOC, reducing incident response times by 60% while conducting security reviews and penetration testing on 200+ applications, reducing high-risk vulnerabilities by 45%.

●Compliance & Risk Management: Achieved and maintained SOC 1, SOC 2, SOX, ISO 27001, HIPAA, HITRUST, CJIS, CMMC, and FedRAMP compliance while enhancing global supply chain vendor risk management and security awareness, reducing phishing failures by 50%.

●DevSecOps & Secure SDLC: Integrated SAST, DAST, and SCA tools into CI/CD pipelines, reducing post-release docker containers vulnerabilities running in Kubernetes by 30% while implementing CWPP, CIEM, CASB, and CNAPP controls across hybrid cloud and edge deployments.

●Managed a $25M budget, tripled the global team size to 52+ with minimal attrition, and reduced downtime by 25%. Enhanced scalability and resilience by 4x through IT, cloud, and data infrastructure modernization.

●Business Continuity & Executive Reporting: Led multi-AZ and multi-region disaster recovery testing, achieving 99.99% uptime and a 40% reduction in RTO while delivering monthly security risk updates and engaging enterprise clients on compliance matters.

Stem Inc., San Francisco, CA (Jul 2016 - Apr 2020)

Director of Security and Cloud Operations

Recruited to modernize cybersecurity and DevSecOps frameworks for enterprise SaaS solutions. Implemented secure hybrid cloud architectures of IT, OT, and IoT manufacturing units to bolster security resilience and protect critical infrastructure.

●Secure SaaS Development: Developed multi-cloud security architecture and policy-driven security automation, reducing security vulnerabilities, achieving 40% cost savings, and ensuring CCPA and CPRA privacy regulations.

●Application Security & SDLC: Established a secure development lifecycle (SDLC) with automated security scanning (SAST/DAST), bug bounty penetration testing, reducing vulnerabilities by 50% and strengthening code quality.

●Cloud Infrastructure and Edge IoT Security: Implemented AWS, GCP, and Azure security frameworks, enhancing cloud security posture by 35% and integrating SASE/SSE, CASB, CIEM, and CSPM controls.

NextLabs Inc., San Mateo, CA (Dec 2014 - Jul 2016)

Director IT and DevOps

Brought in to modernize cybersecurity and DevSecOps frameworks for enterprise SaaS solutions. Implemented secure cloud architectures and regulatory compliance frameworks to fortify security resilience and operational excellence.

●Secure SaaS Development: Developed multi-cloud security architecture for ABAC and Rights Management platform referencing PKI, SAML, JWT, HMAC as well as MITRE ATT&CK and D3FEND frameworks, reducing security vulnerabilities and achieving 40% cost savings. Implemented policy-driven security automation.

●Application Security & SDLC: Established a secure development lifecycle (SDLC) with automated security scanning (SAST/DAST), reducing vulnerabilities by 50% and strengthening code quality.

●Cloud & Infrastructure Security: Implemented AWS, GCP, and Azure security frameworks, enhancing cloud security posture by 35% and integrating CIEM and CSPM controls, ensuring GDPR, DFARS, FISMA, HIPAA, PCI-DSS, and SOC2 compliance and EAR, ITAR, and CTAPT audits.

Wells Fargo, San Francisco, CA (May 2007 - Dec 2014)

Web Systems Engineering Leader

Brought in to enhance security and scale platform operations through infrastructure automation. Optimized processes and ensured compliance during a major banking merger, driving efficiency and continuous improvement.

●Cybersecurity Governance & Compliance: Established and enforced policies aligned with NCUA, GLBA, PCI, FFIEC, and NIST, ensuring secure payments and fraud prevention, leading successful SOC 2, ISO 27001, and SOX audits.

●Largest US Banking Merger: Led the online payments team in the 10.3M+ Wachovia customers migration while ensuring PCI and SOX compliance. Expanded the team from 10 to 40 members, managing an annual $5M budget.

PREVIOUS PROFESSIONAL EXPERIENCE

Sr. Software Analyst, Ameriquest Mortgage Company/ISR Info Way (Mar 2004 - Mar 2007)

Network Administrator, Computer Assisted Instructions and Research Laboratory, SIUC (Aug 2001 - Dec 2003)

EDUCATION

Executive Certification, Management & Leadership, MIT Sloan School of Management

Master Of Science, Electrical Engineering, Southern Illinois University

CERTIFICATIONS

CISSP, Certified Information Systems Security Professional*

ICSI, Certified Network Security Specialist

Contact this candidate