MAHADEV PRASAD NANDA
Cybersecurity Leader
Summary
Cybersecurity Leader with 17+ years of experience in incident response, application security, and threat detection across large-scale cloud-native infrastructures. Deep expertise in WAF, bot mitigation, DDoS defense, and fraud detection. Skilled in reverse engineering, forensic analysis, and vulnerability research, with strong coding ability in Python and SQL to automate security workflows and develop detection heuristics. Effective communicator of complex attack narratives to both technical and executive audiences. Passionate about building secure, resilient, and scalable application security systems using modern AI/ML approaches.
Overview
17
17
years of professional experience
4
4
years of post-secondary education
8
8
Certifications
Work History
Information Security Manager
PayPal PTE. Ltd.
02.2018 - Current
- Led end-to-end incident response, from detection and triage to containment, RCA, and executive reporting.
- Worked with engineering teams to secure applications and APIs using WAF, DDoS protection, and bot mitigation strategies.
- Conducted penetration testing and vulnerability assessments of internal and external-facing applications.
- Researched n-day exploits, attacker TTPs, and bot traffic to proactively design new detection rules.
- Built custom security dashboards using Grafana and Splunk to track bot activity, fraud trends, and incident metrics.
- Automated security analysis workflows and created detection heuristics using Python and Jupyter notebooks.
- Supported blog content development, simplifying threat analysis for public consumption.
- Collaborated with cloud operations and data science teams to test and implement ML-based threat detection.
- Designed and optimized SIEM use cases, threat detection logic, and MITRE ATT&CK-based detection frameworks.
- Led proactive threat hunting operations and behavioral analysis to uncover advanced threats.
- Consumed and operationalized threat intelligence feeds, OSINT, and dark web monitoring for predictive defense.
- Mapped threat actors, TTPs, and indicators of compromise (IOCs) to improve detection and response strategies.
Lead Security Consultant
NCS Pte. Ltd.
07.2016 - 02.2018
- Delivered cybersecurity consulting and incident response for clients across banking, transport, retail, trading, and enterprise sectors.
- Led containment, eradication, and recovery efforts for major security incidents; performed host and network forensics (DFIR) to assess root cause and impact.
- Conducted threat assessments, malware analysis (including ransomware and phishing), and static reverse engineering in lab environments.
- Supported L1/L2 teams with triage and escalation using SIEM tools (Arcsight); investigated IDS events and vendor intelligence reports.
- Detected and responded to fraudulent activity, phishing attempts, and credential validation attacks; coordinated with AV/email vendors for remediation.
- Authored detailed reports, enhanced detection use cases, and collaborated on SOC process improvements and playbook development.
- Performed vulnerability assessments, risk audits, and pre/post product evaluations for endpoint and network security controls.
- Delivered cyber threat intelligence services and tailored security advisories; applied kill chain modeling to threat hunting efforts.
- Reviewed technical environments and proposed optimized detection strategies; contributed to SOP design and ASOC triage enhancement.
SME - Global Cyber Security Operations
Wipro Limited (CITI Bank)
01.2011 - 07.2016
- Served as the Single Point of Contact (SPOC) for vendor coordination and client engagement in global security projects.
- Managed perimeter security infrastructure including CheckPoint, Palo Alto, Juniper, Cisco firewalls, Bluecoat proxies, and VPN solutions.
- Led configuration, change management, and troubleshooting for firewall rules, NAT, ACLs, and VPN access.
- Conducted advanced log analysis and threat correlation using tools such as Arcsight Logger, Arbor PeakFlow, SourceFire, Proofpoint, and McAfee across Unix and Windows environments.
- Oversaw global SOC operations, monitoring IDS/IPS, firewall, proxy, and VPN logs; detected anomalies and investigated potential threats.
- Directed incident response and risk management efforts, including DDoS, phishing, malware, and policy violations.
- Performed system vulnerability assessments, implemented countermeasures, and ensured timely resolution of security breaches.
- Reviewed audit logs, tracked incidents, and recommended SIRT actions across heterogeneous platforms (Wintel, UNIX, SQL, Oracle).
- Ensured compliance through MAS audits and ongoing collaboration with internal and external stakeholders.
Security Analyst
ITC Infotech India Limited
12.2009 - 01.2011
- Directed monitoring and analysis of security events across SIEM (QRadar, Arcsight), IDS/IPS, firewalls, and VPNs to identify threats and vulnerabilities.
- Led investigations and coordinated response efforts for critical incidents including malware, phishing, DDoS, data breaches, and unauthorized access.
- Drove escalation processes and cross-functional collaboration with IT, DevOps, and risk teams to ensure effective remediation and prevention.
- Architected and optimized SIEM use cases, correlation rules, and dashboards to enhance real-time threat detection and situational awareness.
- Ensured seamless integration of SIEM with broader security infrastructure for comprehensive visibility and response coverage.
- Oversaw firewall policy management, ACL enforcement, and network segmentation to uphold least privilege and reduce attack surfaces.
- Delivered executive-level incident reporting, trend analysis, and operational metrics to inform strategic decisions.
- Maintained audit-ready documentation and ensured SOC compliance with internal policies, regulatory frameworks, and industry standards.
SOC Security Analyst
Paladion Networks
04.2008 - 12.2009
- Led real-time monitoring and analysis of security events using SIEM platforms (Arcsight, Splunk, QRadar) to detect and respond to emerging threats.
- Investigated malware infections, DDoS attacks, and unauthorized access incidents, ensuring timely containment and mitigation.
- Conducted log analysis across Windows/Unix servers, firewalls, IDS/IPS, and VPNs to uncover suspicious behavior and vulnerabilities.
- Developed and maintained SIEM dashboards and generated executive-level security advisories and incident reports.
- Administered and optimized firewall and IDS/IPS configurations; conducted vulnerability assessments and penetration testing on critical systems.
- Collaborated with cross-functional teams to enforce ACLs, implement network segmentation, and strengthen perimeter defenses.
- Managed phishing investigations and coordinated takedown efforts with external partners.
- Delivered threat hunting and advanced malware analysis to detect stealthy attack patterns and reduce dwell time.
- Mentored junior SOC analysts and enhanced detection workflows through SIEM rule tuning and correlation logic.
Education
B.TECH - Electrical Engineering
Biju Patnaik University Of Technology
01.2003 - 01.2007
Skills
- Incident Detection, Response & Forensics (DFIR)
- Application & Web Security (OWASP, HTTP/S)
- Bot, Fraud, and DDoS Attack Mitigation
- Vulnerability Assessment & Penetration Testing
- Reverse Engineering & Threat Research
- Threat Intelligence & Exploit Analysis
- Python, SQL
- Security Dashboards (Grafana, Splunk)
- AI/ML in Threat Detection
- Security Automation & Engineering
- Public Research & CTF
Training
- HITB GSEC - Network Data Exfiltration Techniques
- Bluecoat ProxySG Administrator - TR-BCCPA
- Palo Alto Networks: Firewall Installation and Management
Accomplishments
- Served as Industry Expert & Judge at WorldSkills Singapore, designing CTF challenges for university students.
- Regular participant in cybersecurity education and awareness initiatives across schools and public forums.
- CTF competition winner on multiple occasions; active in the offensive and defensive security community.
- Led initiatives that reduced DDoS attack leakage by 90% and revamped mitigation strategies protecting over 70% of PayPal’s infrastructure.
- Enhanced web application attack detection and mitigation across PayPal’s business units.
- Speaker at PayPal’s internal cybersecurity conference, sharing expertise on threat mitigation and response strategies.
- Featured in an expert interview on ethical hacking and security program leadership: HackGate Blog
- Participated in Singapore Government's CTF competitions
Certification
CISA - Certified Information Systems Auditor
Timeline
CISA - Certified Information Systems Auditor
01-2025
Information Security Manager
PayPal PTE. Ltd.
02.2018 - Current
Lead Security Consultant
NCS Pte. Ltd.
07.2016 - 02.2018
SME - Global Cyber Security Operations
Wipro Limited (CITI Bank)
01.2011 - 07.2016
Security Analyst
ITC Infotech India Limited
12.2009 - 01.2011
SOC Security Analyst
Paladion Networks
04.2008 - 12.2009
B.TECH - Electrical Engineering
Biju Patnaik University Of Technology
01.2003 - 01.2007
Similar Profiles
MAHADEV PRASAD NANDAMAHADEV PRASAD NANDA
Information Security Manager at PayPal PTE. Ltd.Information Security Manager at PayPal PTE. Ltd.
MAHADEV PRASAD NANDAMAHADEV PRASAD NANDA
Cybersecurity Manager at PayPal PTE. Ltd.Cybersecurity Manager at PayPal PTE. Ltd.
Kasaiah MeruvaKasaiah Meruva
Sr. Manager-Software Development at PayPal Pte LtdSr. Manager-Software Development at PayPal Pte Ltd