KIERAN UPADRASTA
CISSP, CISM, CRISC
Kieran Upadrasta is
a cyber security architect, Information security consultant, risk manager
with 26+ years' experience in a broad
range of industries. CISSP, CISM,
CRISC qualified. Cyber Defence taskforce member. InfoSec Researcher.
University Gold Medallist. Policy Advisor. Expert Witness. Big 4
Consulting experience, 20 years in Financial and Banking sector. Over 26 years’
experience of business analysis, consulting, technical security strategy,
architecture, governance, security analysis, threat assessments and risk
management Expert in Business Continuity planning (BCP) and Management,
Resilience, Disaster recovery planning (DRP), Incident response, Crises
management, Critical and Major Incident Management (MiM), Stakeholder
engagement, mapping requirements and management. Specialised in the following areas: - |
|
• Governance, IT
Auditing - Policy, Legal, Regulatory Compliance, Investigations, forensics,
COBIT, Archer eGRC, PCIDSS, GDPR, Data protection, SOX • Policy,
Standards, Framework, Audits – ISO27001, SAS 70, NIST, COBIT, Smart city Reviews, BCP, DRP, HIPAA,
PCIDSS, SOC2 • Risk management
-SARA, SPRINT, IRAM • Threat management
- Arbor SP Peakflow, Forefront TMS, DDOS mitigations, Akamai Kona defender,
Siteshield, Threat modelling, Threat hunting, Intel • Vulnerabilities
management -Qualys, Tenable Nessus, Foundstone • Strategic
Planning, Security architecture - HLD & LLD creation, Enterprise
architecture – SABSA, TOGAF •
Identity and Access
Management IAM- AD, Azure AD, Okta •
Privileged Access Management
(PAM): CyberArk, BeyondTrust, Thycotic, Centrify, Lieberman, Broadcom
Symantec CA PAM, SailPoint IGA • Data loss and
fraud prevention - Symantec DLP, Advanced Persistent Threat APT, User Behavior Analytics UBA • Cybersecurity
Platforms: CrowdStrike, Palo Alto Networks, SentinelOne, M365 Defender,
Falcon Sensors, McAfee, Symantec, Carbon Black, Fortinet, FireEye, Cylance,
MITRE ATT&CK Framework, Endpoint & Cloud Protection, Detection, And
Response (EDR), Falcon X, Breach Prevention, Vulnerability Management, Threat
Hunting, Zero Trust, Container Security, NGAV, Device Control, Firewall
Management, Artificial Intelligence, Automation • Cloud platforms
-AWS, Azure, Google Cloud Platform (GCP) & Cloud technologies • Automation -
Ansible, Kubernetes, Docker,Terraform,
Jenkins, Python •Management –
Projects, Engineering and Security operations • SIEM : Arcsight
ESM, Qradar, Splunk, LogRhythm, RSA Security
Analytics, Envision • Firewalls, IDS, IPS - Checkpoint, McAfee, Cisco, Juniper, ISS,
Snort, Sourcefire, Web Application Firewall WAF • Encryptions, Vpns, IPsec, PKI, Endpoints -
Safe boot, Pointsec, CrowdStrike • Proxies, Content filtering - Bluecoat, Zscaler,
Finjan, Ironport • Agile, Prince2,
DevOps, DevSecOps • Past work experience with quite few security agencies. • Past work experience with Financial Conduct Authority FCA,
Prudential Regulation Authority PRA Qualified: CISM,
CRISC, CISSP, CCSE, CCSP, CCNA Security, JNCIS-FWV, MBA and BEng |