KIERAN UPADRASTA
CISSP, CISM, CRISC
info@kieranupadrasta.com
Cyber security architect with 26+ years as an Information Technology (IT) professional with strong expertise in IT security management, and Enterprise Security Architecture specializing in securing and ensuring compliance of highly complex technology ecosystems for global organizations within multiple industries. Demonstrated expertise in establishing and implementing large information security programs. Designed and implemented automated tool-based vulnerability management framework that continuously monitors and detects Cybersecurity threats and vulnerabilities. Performed evaluations and selections of IT security tools and successfully implemented IT security systems to protect the availability, integrity, and confidentiality of critical business information and information systems. Highly skilled, dedicated technology specialist and enthusiastic team player with excellent leadership and communication skills. Effectively managed $20M budget across three distinct functions. Proven ability to blend security and IT management while maintaining a businessfirst approach with executive management.
Areas of Expertise
Over 26 years’ experience of business analysis, consulting, technical security strategy, architecture, governance, security analysis, threat assessments and risk management
Expert in Incident response, Crises management, Critical and Major Incident Management (MiM), Stakeholder engagement, mapping requirements and management
• Governance - Policy, Legal, Regulatory Compliance, Investigations, forensics, COBIT, Archer eGRC, PCIDSS, GDPR, Data protection, SOX
• Policy, Standards, Framework, Audits - ISO27001, SAS 70
• Risk management -SARA, SPRINT, IRAM
• Threat management - Arbor SP Peakflow, Forefront TMS, DDOS mitigations, Akamai Kona Site defender, Siteshield, Threat modelling, Threat hunting, Threat Intelligence
• Vulnerabilities management -Qualys, Tenable Nessus, Foundstone
• Strategic Planning, Security architecture - HLD & LLD creation, Enterprise architecture -TOGAF
• Identity and Access Management IAM- AD, Azure AD, Okta
• Privileged Access Management (PAM): CyberArk, BeyondTrust, Powerbroker, SailPoint IGA, user access review, governance tools
•Data loss and fraud prevention - Symantec DLP, Advanced Persistent Threat APT, User Behavior Analytics UBA
Cybersecurity Platforms: CrowdStrike, Palo Alto Networks, SentinelOne, M365 Defender, Falcon Sensors, McAfee, Symantec, Carbon Black, Fortinet, FireEye, Cylance, MITRE ATT&CK Framework, Endpoint & Cloud Protection, Detection, And Response (EDR), Falcon X, Breach Prevention, Vulnerability Management, Threat Hunting, Zero Trust, Container Security, NGAV, Device Control, Firewall Management, Artificial Intelligence, Automation
Cloud platforms -AWS, Azure, Google Cloud Platform (GCP) & Cloud technologies
Automation - Ansible, Kubernetes, Docker, Terraform, Jenkins, Python
•Management – Projects, Engineering and Security operations
SIEM : Arcsight ESM, Qradar, Splunk, LogRhythm, RSA Security Analytics, Envision
Firewalls, IDS, IPS - Checkpoint, McAfee, Cisco, Juniper, ISS, Snort, Sourcefire, Web Application Firewall WAF Encryptions, Vpns, IPsec, PKI, Endpoints - Safe boot, Pointsec, CrowdStrike
Proxies, Content filtering - Bluecoat, Zscaler, Finjan, Ironport Agile, Prince2, DevOps, DevSecOps
• Past work experience with Financial Conduct Authority FCA, Prudential Regulation Authority PRA
• Past work experience with quite few security agencies
Qualifications
Skills
Firewalls, VPNS Checkpoint provider-1 , firewall-1/ NGX/ NG AI/NGX R70/R71,Cisco PIX, Cisco ASA, Juniper Netscreen, SRX, SSG, ISG series, Bluecoat proxies, Microsoft ISA/ TMG/ UAG Appliances, Cisco VPN concentrator, Cisco wireless
Secure Client IKE – FWZ – UDP encapsulation – IKE over TCP – single / multiple entry points
NAT Internal-to-Internal (dual hide NAT) – Multi-Interface – IP pooling
NAT of Inbound vpns – NAT of Inbound secure client users
IDS, IPS, Anti-DDOS ISS Real secure, Snort, Sourcefire, ISS site protector, Idefense, ISS Real secure, Proventia IPS, Qualysguard, Cisco IDS, McAfee Foundstone IDS. Arbor Networks Peakflow, Mu dynamics, Toplayer, Archer threat management, Arcsight, Skybox policy compliance, hardening systems, Microsoft WSUS
Data Communication
Encryption ISAKMP (IKE) – IPSEC – FWZ -SSH – PKI (PGP) – S/MIME – RSA – DES -AES –PPTP Tunneling w/NAT
Data Storage Encryption PGP, McAfee Safeboot, Pointsec
Device control Reflex Disknet Pro , Smart line devicelock
Authentication User – Client – Session – RADIUS – LDAP – S/Key – IKE
Resources/Proxies Kernel URL logging – HTTP, SMTP, FTP security servers – Connect control
Auditing Rule base security audits – Log audits – Integration – Performance tuning
Reverse Engineering Objects File – Rulebases
Vulnerability Scanners Network /Applications: -
ISS Internet Scanner 6-7.x – NAI cybercop Scanner – Nmap – Nessus, ISS site protector- ISS enterprise scanner - Sara - Nmap
Web Application:Whisker, Watchfire, Cenzic, SPI Dynamics including input validation, SQL injection, cross-site scripting, buffer overflow, etc.
Database: -
Dbprotect, Appdetect, NGSS Source Code:Fortify, Ounce, Coverity, Klocwork, prefix/prefast, Findbugs, Fxcop
Framework/ Methodologies
Waterfall, Agile, Sara, Sprint, ITIL, Prince II, OWASP, NIST, ISO27001, COBIT, PCIDSS, SAS70
Security Tools Wrappers – Ethereal – Tripwire – McAfee EPO – WSUS-RSA envision
• Networking
Protocols TCP/IP, UDP,ICMP, IGMP and routing protocols (RIP, IGRP,OSPF,EIGRP, BGP)
Tools & Technologies IP addressing, IP sub-netting, VLSM, Layer 2, 3, 4 switching &routing, VLAN’S, VTP, STP, ISL, VRRP, HSRP SNMP,SMTP, RAS, RADIUS, TACACS, 2 factor authentication, wireless, SSL VPN, single sign on, remote access servers, terminal servers, Ipass, Citrix, PC anywhere, SSH, VNC, remote control programs and remote admin tools
Accomplishments
Leadership
• Developed and implemented enterprise security strategy and framework that consists of strategically integrated elements of NIST risk management and Cybersecurity frameworks, SANS Critical Controls, ISO/IEC 27001/27002 and COBIT 5 for Information Security.
Strategy and Planning
• Developed and communicated Acceptable Use policy, Mobile Device Management (MDM) and Bring Your Own Device (BYOD) policy, and many other security policies and standards to all users.
• Established policies and procedures for system administrators to perform operating system and application patching.
Team Collaboration
• Collaborated with large departments to establish enterprise security framework to accomplish common IT security objectives and leverage common tools to reduce costs.
• Coordinated the activities of Information Security Officers to define and establish unified program-wide approach to address IT security issues and mitigate IT security risks.
Project Management
• Managed the implementation of Enterprise IT Security Framework “Quick Wins” Road Map based on SANS Critical Controls “First Five” controls.
• Managed IT Certification & Accreditation (C&A) program implementing automated tools to realize efficiencies and significant cost savings for C&A process, including developing IT security plans and processes.
• Managed IT asset management and configuration management project implementing VmWare vCenter Configuration Manager (VCM) tool, defining enterprise IT inventory processes (using ITIL), automating system patching capability and significantly improving IT configuration management.
• Managed Pooled Workstations project implementing a virtual pooled engineering workstation environment (blade workstations in the Engineering Data Center) that enables remote connectivity from standard computers to perform processor and graphic intensive engineering analysis (i.e., ProE, MathCad, MathLab…). Realized cost savings due to the reduction of high-performance engineering workstations from 500 to 200.
• Established internal forensics practice enabling the company to save more than $250k in discovery and litigation expenses.
• Negotiated $30mil enterprise software renewal deal involving cross-business stakeholders.
• Developed and implemented enterprise Incident Response policy enabling the organization to effectively re port and manage security events.
• Saved more than $1 mil by renegotiating IT software contracts and leveraging synergies and eliminating duplicate solutions.
