Summary
Overview
Work History
Education
Skills
Accomplishments
Timeline
Nishant Sharma

Nishant Sharma

Kuala Lumpur

Summary

Dynamic Application Security Manager renowned for driving cybersecurity initiatives and fostering high-performance teams. At DKSH CSSC Pvt. Ltd., I've shaped the strategic vision for application security, orchestrating the implementation of robust measures to fortify digital assets.

As a catalyst for change, I instilled a culture of accountability and continuous improvement, ensuring compliance with regulatory standards and industry best practices.

My leadership extends beyond strategy to hands-on implementation, overseeing architecture reviews and spearheading secure digital transformations. By nurturing strong partnerships with cybersecurity professionals and stakeholders, I've cultivated an environment where security is ingrained in every aspect of operations, resulting in heightened protection against emerging threats.

Overview

14
14
years of professional experience

Work History

Manager, Group Application Security

DKSH CSSC
02.2023 - Current
  • Increased team productivity by implementing streamlined processes and effective communication strategies.
  • Reduced operational costs through comprehensive process improvement initiatives and resource management.
  • Enhanced Threat Intelligence Integration: Implemented and maintained integration of threat intelligence feeds into security monitoring tools to enhance proactive threat detection and incident response capabilities.
  • Conducted Red Team Exercises: Organized and executed red team exercises to simulate real-world attacks and identify weaknesses in defensive capabilities, improving overall security posture.
  • Drive Compliance Initiatives: Collaborated with compliance teams to ensure adherence to relevant regulatory requirements (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST).
  • Security Consultation: Served as a consultant/architect to development teams on secure coding practices, architecture reviews, and threat modeling sessions.
  • Developed and Enhanced Security Policies: Authored DKSH's security policies, procedures, and standards based on industry best practices and emerging threats for application security.
  • Lead Security Awareness Programs: Developed and delivered security awareness training programs globally to educate employees on security risks and best practices.
  • Contributed to Secure SDLC: Integrated security controls into software development lifecycle (SDLC) and CI/CD pipelines, ensuring security is embedded from design to deployment and promoted DevSecOps practices.
  • Performed Vendor Risk Assessments: Assisted GRC team to do security assessments of third-party vendors to ensure they meet security requirements and standards.
  • Lead Security Architecture Reviews: Served as committee member of architecture review board team to review and refine security architecture designs for new products and services.
  • Optimized resource allocation by conducting regular performance evaluations and providing personalized coaching for staff development.
  • Vulnerability management: Managed to resolve 70% of Critical and high vulnerabilities across organization.

Senior Specialist, Security Engineering

Sun Life Financial
06.2018 - 12.2022
  • Innovated ideas to save cost: Streamlined internal processes for improved operational efficiency and cost savings.
  • Initiated collaboration model: Spearheaded cross-functional collaboration initiatives to foster innovation and drive business growth.
  • Streamlined diagnostic procedures and improved system performance: Established IT investigative practices and processes, integrating security incident response into diagnostic procedures.
  • Conducted ongoing system threat monitoring and targeted audits: Implemented continuous system threat monitoring and targeted audits using advanced security tools and feeds.
  • Successfully patched approximately 60,000 system vulnerabilities in one year: Developed and implemented innovative patching automation processes to efficiently address system vulnerabilities.
  • Contributed to Business Growth: Supported business expansion initiatives by ensuring robust security practices, building trust with customers, and positioning product as cornerstone in insurance ecosystem.
  • Translated strategic goals into actionable solutions: Translated strategic security goals into actionable security solutions and operating models, collaborating with cross-functional teams.
  • Conducted Threat Modelling to identify security flaws: Conducted threat modeling and architectural reviews to identify and mitigate security flaws and vulnerabilities and promoted shift-left approach.
  • Expanded support to different application teams as Security Champion: Expanded support to application teams by serving as a security champion, offering expert consultation on secure coding practices and security controls.
  • Evaluated Emerging Security Technologies: Pioneered adoption of cutting-edge security technologies, such as vulnerability scanning and patching tools like Nexpose, InsightVM, and Qualys, to enhance overall security posture.
  • Contribute to Security Metrics and Reporting: Develop and maintain security metrics and reporting dashboards to communicate security posture and improvement initiatives.

Senior Linux Admin

Wipro Technologies
04.2015 - 05.2018
  • Engineered, configured, and optimized systems for maximum functionality and security: Implemented security-enhancing configurations and optimizations to ensure system functionality and availability while prioritizing security controls and resilience.
  • Reduced single points of failure to achieve 99.9% system uptime: Implemented redundancy and failover solutions to minimize single points of failure, resulting in a significant increase in system uptime and reliability.
  • Strengthened system and network security and business continuity planning: Enhanced system and network security measures, including business continuity planning and disaster recovery strategies, to safeguard against potential threats and ensure uninterrupted operations.
  • Instituted best practices in system log analysis and user account permissions management: Implemented robust system log analysis practices and enhanced user account permissions management to proactively identify and rectify security issues and compliance gaps.
  • Followed established SLAs to maintain high IT quality-of-service levels: Adhered to established Service Level Agreements (SLAs) and IT quality-of-service standards, ensuring secure and reliable IT services to stakeholders.
  • Automated server patching: Implemented automation tools to streamline routine tasks, freeing up time for higher-level strategic initiatives.

Lead Associate

Innodata India Pvt Ltd
12.2009 - 04.2015
  • Improved team productivity by streamlining workflow processes and implementing efficient project management practices.
  • Led cross-functional teams for successful project completion, ensuring timely delivery and high-quality results.
  • Developed comprehensive training materials to onboard new team members quickly and efficiently.
  • Proficiently managed user permissions and roles, ensuring seamless access control within organization.
  • Identified and addressed potential problems by utilizing known problem and incident definitions, bolstering overall system reliability.

Education

Master of Computer Applications -

Uttar Pradesh Technical University, Noida, India
08.2009

Skills

  • Financial Management
  • Strategic Planning
  • Workforce Management
  • Staff Development
  • Cross-functional Team Collaboration
  • Cloud Security
  • Application Security
  • Security Testing
  • Security Patch Management
  • Linux System Administration
  • DevSecOps
  • Penetration Testing
  • Threat Modelling
  • Threat and Vulnerability Management
  • Agile Methodologies
  • Security Risk Management
  • Security Frameworks (CIS, NIST)

Accomplishments

  • Led DKSH's customer base expansion across new markets such as Singapore, Thailand, Vietnam, and Australia.
  • Led the implementation of an AppSec Framework and review process at DKSH, fortifying Prospr application security, resulting in cost-savings around 100K CAD.
  • E-star and GEM (Going Extra Miles) award for patching 60K vulnerabilities in one year at Sun Life.
  • Owner's mindset award by Sun Life for securing the Prospr application and taking ownership of end-to-end automation of vulnerability patching and saving 100 man-hours
  • Best Engineer Award by Wipro Technologies for stabilizing DMS database, saving over 10000 USD.
  • Valuing Inspiring performance award for managing servers and change management process

Timeline

Manager, Group Application Security - DKSH CSSC
02.2023 - Current
Senior Specialist, Security Engineering - Sun Life Financial
06.2018 - 12.2022
Senior Linux Admin - Wipro Technologies
04.2015 - 05.2018
Lead Associate - Innodata India Pvt Ltd
12.2009 - 04.2015
Uttar Pradesh Technical University - Master of Computer Applications,

Similar Profiles

  • Wong Chiew Fong Valerie

    Wong Chiew Fong ValerieWong Chiew Fong Valerie

    Product specialist at DKSH Malaysia Sdn BhdProduct specialist at DKSH Malaysia Sdn Bhd

    View Profile
  • AYANG MARIANI

    AYANG MARIANIAYANG MARIANI

    Customer Care Executive at DKSH SINGAPORECustomer Care Executive at DKSH SINGAPORE

    View Profile
  • Mok Hon Yoong

    Mok Hon YoongMok Hon Yoong

    Sales Representative at DKSH MALAYSIA SDN BHDSales Representative at DKSH MALAYSIA SDN BHD

    View Profile
Nishant Sharma