Summary
Overview
Work History
Education
Skills
Additional Information
Certification
Languages
Work Availability
Quote
Timeline
Manager

NISHANT SHARMA

Kuala Lumpur,Malaysia

Summary

Application Security enthusiast | Cybersecurity Leader | Strategic Planner | Vulnerability management specialist

As a collaborative leader dedicated to fostering an engaged and empowering work culture, am passionate about partnering with clients, aiming to lead and contribute to complex business solutions from strategy to execution and to promote a secure environment for applications, API, cloud and manage vulnerabilities across organization. Proficient in developing end-to-end test cases, conducting threat modelling, and analyzing attack paths to enhance system security

Overview

14
14
years of professional experience
4
4
Certification

Work History

Manager, Group Application Security

DKSH
Kuala Lumpur, Malaysia
02.2023 - Current
  • Implemented application security framework and achieved 20% reduction in vulnerabilities.
  • Managed to resolve 50% of Critical and high vulnerabilities across organization.
  • Conducted Red Team exercise to strengthen organization's security posture.
  • Engineered, implemented, and monitored robust security measures for applications and servers.
  • Integrated Qualys with Jira platform to regulate vulnerability management process.
  • Liaised with different team to understand application security and vulnerability management requirements.
  • Strengthened Qualys integration and management process by identifying gaps in existing process.
  • Organized Qualys WAS testing and compliance process.
  • Spearheaded strategical direction for application security function, including planning, operations, SLAs, trainings, budgeting, and motivational activities to promote value of application security.
  • Promoted and supported establishment of "centre of excellence" for cybersecurity management, fostering culture of continuous improvement.
  • Actively engaged in business development activities, strengthening client relationships and contributing to pursuits through marketing materials, proposals, and presentations.
  • Collaborated with cross-functional teams to update system architecture designs and ensure security compliance.
  • Incorporated Cyber resilience capabilities into systems life cycle.
  • Conducted vulnerability scans and penetration tests regularly to identify and mitigate potential threats.
  • Led or commissioned preparation, implementation, and validation of cybersecurity policies, standards, procedures, and guidelines.
  • Developed strong teams by skillfully recruiting, orienting and training loyal, hard-working employees.

Senior Specialist Security Engineering

Sun Life
Gurgaon, India
06.2018 - 12.2022
  • Streamlined diagnostic procedures and improved system performance by establishing IT investigative practices.
  • Conducted ongoing system threat monitoring and targeted audits to ensure system security.
  • Successfully patched approximately 60,000 system vulnerabilities in one year.
  • Translated strategic goals into actionable solutions and operating models by leading and managing teams.
  • Conducted Threat Modelling to identify security flaws in architectural design.
  • Expanded support to different application teams by serving as Security Champion.
  • Innovated patching automation processes and proactively monitored weak cipher suites across domains.
  • Validated and analyzed system security designs and verified system security requirements definitions.
  • Provided expert consultation and technical services on all aspects of information security.
  • Pioneered usage of cutting-edge security technologies, such as vulnerability scanning and patching tools such as Nexpose, InsightVM, and CA Client automation, Qualys.
  • Facilitated and coordinated vulnerability assessment and scanning programs

Senior Linux Administrator

Wipro Technologies
Greater Noida, India
04.2015 - 05.2018
  • Engineered, configured, and optimized assigned systems to ensure maximum functionality and availability
  • Implemented solutions that reduced single points of failure, resulting in system uptime of 99.9% (up from previous high of 97.5%)
  • Strengthened system and network security, as well as business continuity planning
  • Rectified numerous issues by instituting best practices in system log analysis, backups, user account permissions management, and systems and software auditing.
  • Developed standards and methods for server deployment, management, and monitoring, including written documentation, software tools, processes, and procedures
  • Administered LVM and file systems, including creation, deletion, extension, and permissions
  • Planned and executed software and patch management tasks on quarterly basis.
  • Completed reports detailing performance, costs and downtime issues.
  • Followed established SLAs, maintaining high IT quality-of-service levels.

Lead Associate

Innodata India Pvt Ltd
Noida, India
12.2009 - 04.2015

Education

Masters - Computer Applications

Uttar Pradesh Technical University
India
05.2009

Skills

  • Team leadership
  • Cloud Security
  • Application Security
  • Security Testing
  • Security Patch management
  • Linux System administration
  • DevSecOps
  • Penetration testing
  • Nexpose
  • Qualys Cloud Platform
  • OWASP top 10
  • Threat Modelling
  • Threat and vulnerability management
  • Akamai
  • Cloudflare
  • AWS
  • Stakeholder communication
  • Security Risk Management Security Frameworks (CIS, NIST)

Additional Information

  • Implemented AppSec Framework across organization.
  • E-star and GEM (going extra miles) award for patching 60K vulnerabilities in one year.
  • Owner's mindset award for taking ownership of end to end automation of vulnerability patching.
  • Best Engineer award to stabilize DMS database.


Certification

  • CEH
  • CISM (Pursuing)
  • AWS Solutions architect associate
  • Red Hat certified system administrator (RHCSA)

Languages

English
Fluent

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Quote

Even if you are on the right track, you’ll get run over if you just sit there.
Will Rodgers

Timeline

Manager, Group Application Security

DKSH
02.2023 - Current

Senior Specialist Security Engineering

Sun Life
06.2018 - 12.2022

Senior Linux Administrator

Wipro Technologies
04.2015 - 05.2018

Lead Associate

Innodata India Pvt Ltd
12.2009 - 04.2015

Masters - Computer Applications

Uttar Pradesh Technical University
  • CEH
  • CISM (Pursuing)
  • AWS Solutions architect associate
  • Red Hat certified system administrator (RHCSA)

Similar Profiles

  • Samuel Bellingham

    Samuel BellinghamSamuel Bellingham

    Virtual Sales Representative - Team Lead at DKSHVirtual Sales Representative - Team Lead at DKSH

    View Profile
  • Rom Ret

    Rom RetRom Ret

    Manager, Branch Operations at DKSHManager, Branch Operations at DKSH

    View Profile
  • Nam Do

    Nam DoNam Do

    Regional Director, ECommerce at DKSHRegional Director, ECommerce at DKSH

    View Profile
NISHANT SHARMA