About
I am a cybersecurity and product security leader with over 13 years of experience, most recently serving as Subdomain Lead Security – SSE at IKEA India. My career spans roles in application security, secure SDLC, cloud security, and enterprise risk reduction across multiple global organizations.
My work involves securing web, mobile, and cloud-native platforms using tools and practices such as SAST, SCA, threat modeling, and security automation aligned with NIST and OWASP frameworks. I have led security operations, vulnerability management, and compliance initiatives using technologies like IBM AppScan, Acunetix, and cloud security platforms, delivering measurable reductions in vulnerabilities and faster remediation cycles.
What I'm looking for
I am looking for a role of Cyber Security Manager-AppSec / Security Architect
Experience
Subdomain Lead Security – SSE
IKEA India
Nov 2021 – May 2026
• Secured global digital products and cloud platforms reducing critical security gaps by 65%
• Reduced production vulnerabilities by 70% through threat modeling and SSDLC practices
• Accelerated secure product delivery by 50% through security integration across CI/CD workflows
• Improved remediation SLA adherence by 60% through centralized vulnerability governance
• Reduced manual audit effort by 75% through security automation aligned with NIST controls
• Strengthened security across 20+ portals and 2,000+ user stories using SAST, SCA, and secure reviews
• Reduced third-party and SaaS security risks by 55% through structured TPRM assessments
• Reduced recurring security incidents by 40% through incident investigations and remediation governance
• Led cybersecurity operations across 200+ global security ecosystem while mentoring a 13-member security team
Threat ModelingSASTSecurity Automation
Tech Lead – Application Security
Capgemini Engineering
Sep 2017 – Nov 2021
• Led 50+ end-to-end security assessments across web, mobile, and thick-client applications
• Identified 200+ vulnerabilities reducing attack surfaces by 60% within 12 months
• Improved test coverage by 40% through secure SDLC aligned testing strategies
• Partnered with development teams driving 75% faster remediation turnaround
• Delivered 60+ vulnerability reports for technical and executive stakeholders
• Reduced penetration testing cycle time by 35% through workflow automation and threat research
Application SecurityVulnerability ManagementSecure SDLC
Application Security Consultant
Optum Global Solutions
Aug 2015 – Aug 2017
• Secured 2,000+ user stories across 20+ enterprise portals with zero critical risk gaps
• Reduced vulnerability exposure by 40% through OWASP-aligned testing practices
• Accelerated remediation turnaround by 30% using IBM AppScan automation
• Achieved 100% vulnerability closure rate through coordinated remediation governance
• Delivered recurring governance and compliance reports for enterprise stakeholders
OWASPIBM AppScanVulnerability Management
Information Security Consultant
AKS IT Services
Sep 2014 – Jul 2015
• Led 100+ application security audits annually for government sector clients
• Achieved 95% compliance with OWASP Top 10 and NIC security guidelines
• Identified 100+ critical vulnerabilities across multiple security engagements
• Improved vulnerability closure rate by 70–80% annually through secure coding enablement
Application SecurityOWASPSecure Coding
Information Security Analyst
Codec Network
Dec 2012 – Sep 2014
• Performed end-to-end VAPT for ASP.NET, Java, and PHP applications
• Conducted manual and automated security testing using Acunetix, Havij, and SQLmap
• Delivered client-ready risk reports with remediation guidance and secure coding recommendations
VAPTAcunetixSQLmap
Education
Punjab Technical University (PTU)
B.Tech
Skills
Risk AssessmentComplianceSecurity AutomationIncident ResponseTPRMMITRE ATT&CKISO 27001NISTZero TrustAI SecurityVulnerability ManagementDASTSCASASTCloud SecuritySecurity ArchitectureOWASPThreat ModelingSecure SDLCApplication Security
Languages
English (Full professional proficiency)
