KIERAN UPADRASTA CISSP, CISM, CRISC

Kieran Upadrasta is a cyber security architect, Information security consultant, Risk manager with 25+ years' experience in a broad range of industries. CISSP, CISM, CRISC qualified. Cyber Defence taskforce member. InfoSec Researcher. University Gold Medallist. Policy Advisor. Expert Witness.

Over 25 years’ experience of business analysis, consulting, technical security strategy, architecture, governance, security analysis, threat assessments and risk management

Expert in Incident response, Crises management, Critical and Major Incident Management (MiM), Stakeholder engagement, mapping requirements and management.

Specialised in the following areas: -

        A computer with a person's face on the screen Description automatically generated with medium confidence

                  

• Governance - Policy, Legal, Regulatory Compliance, Investigations, forensics, COBIT, Archer eGRC, PCIDSS, GDPR, Data protection, SOX

• Policy, Standards, Framework, Audits - ISO27001, SAS 70

• Risk management -SARA, SPRINT, IRAM

• Threat management - Arbor SP Peakflow, Forefront TMS, DDOS mitigations, Akamai Kona defender, Siteshield, Threat modelling, Threat hunting, Intel

• Vulnerabilities management -Qualys, Tenable Nessus, Foundstone

• Strategic Planning, Security architecture - HLD & LLD creation, Enterprise architecture -TOGAF

• Identity and Access Management IAM- AD, Azure AD, Okta, CyberArk, PAM

• Data loss and fraud prevention - Symantec DLP, Advanced Persistent Threat APT, User Behavior Analytics UBA

• Cybersecurity Platforms: CrowdStrike, Palo Alto Networks, SentinelOne, M365 Defender, Falcon Sensors, McAfee, Symantec, Carbon Black, Fortinet, FireEye, Cylance, MITRE ATT&CK Framework, Endpoint & Cloud Protection, Detection, And Response (EDR), Falcon X, Breach Prevention, Vulnerability Management, Threat Hunting, Zero Trust, Container Security, NGAV, Device Control, Firewall Management, Artificial Intelligence, Automation

• Cloud platforms -AWS, Azure, Google Cloud Platform (GCP) & Cloud technologies

• Automation - Ansible, Kubernetes, Docker,Terraform, Jenkins, Python

•Management – Projects, Engineering and Security operations

SIEM : Arcsight ESM, Qradar, Splunk, LogRhythm, RSA Security Analytics, Envision

• Firewalls, IDS, IPS - Checkpoint, McAfee, Cisco, Juniper, ISS, Snort, Sourcefire, Web Application Firewall WAF

• Encryptions, Vpns, IPsec, PKI, Endpoints - Safe boot, Pointsec, CrowdStrike

• Proxies, Content filtering - Bluecoat, Zscaler, Finjan, Ironport

 

• Agile, Prince2, DevOps, DevSecOps

• Past work experience with quite few security agencies.

• Past work experience with Financial Conduct Authority FCA, Prudential Regulation Authority PRA

 

Qualified: CISM, CRISC, CISSP, CCSE, CCSP, CCNA Security, JNCIS-FWV, MBA and BEng