Mukul M.

Product Security Architect 18 years of career dotted with impactful roles in DevSecOps & Application Security, Infrastructure Automation with IaC, DevOps, Kubernetes for Container Security, and Linux Administration EXECUTIVE SUMMARY DevSecOps SME - work closely with development teams to create an automated CI/CD pipeline, implement build, deployment, and monitor standards for the client; build and configure delivery environments supporting CI/CD tools using an Agile delivery methodology Provide expert knowledge of container management tools (e.g. Docker, OpenShift), container orchestration (e.g. Kubernetes), infrastructure-as-code (e.g. Terraform, Ansible, Puppet), and familiar with modern build experience tools (e.g. Maven) and cloud integration systems (e.g. Jenkins) Proficient in strategy and practical implementation of AWS cloud-specific services and managing security services on AWS Experience with end-user security, server security, infrastructure security, and data protection processes; implemented security practices using WhiteSource to detect vulnerability from codebase and Risk assessment using Checkmarx Pivotal in OS and container hardening as per CIS benchmarking practices Charismatic People Leader with the competency in building a high-performing DevOps team by recruiting, managing & retaining talent, providing technical guidance, and helping identify optimal solutions to problems; proven skills in working with internal stakeholders to define, build, and plan a roadmap for the team, as well as reporting on project/team progress to senior management & stakeholders; support and consult with product and development teams in the areas of application security CORE COMPETENCIES DevOps | DevSecOps | Jenkins, CICD, Kubernetes, Docker, Terraform, AWS | Application & Container Security | Threat Modelling | OWASP Framework | Mitre ATT&CK Framework | Vulnerability Assessment | Mitigation Strategy | SIEM EDUCATION Advanced Certification in Cyber Security from IIT Guwahati, 2022 MBA in IT (Narsee Monjee Institute of Management Studies (NMIMS), 2021 Harvard Certification in Leadership Excellence, 2019 Bachelor of Engineering in Electrical (Rajasthan University), 2004 CERTIFICATIONS Kubernetes Security Specialist (CKS) SaFe Agile (5.0) Kubernetes Certified Application Developer (CKAD) AWS Solutions Architect Red Hat Certified Specialist in Ansible Automation Red Hat Certified System Administrator in Red Hat OpenStack (CL 210) Red Hat Gluster Storage 3.1 Red hat Certified Engineer (RHCE 5) ITIL Foundation Certificate in IT Service Management. (ITIL V3) Cisco Certified Network Associate (CCNA) Technical Skills Infrastructure as Code (IaC): Terraform, Ansible, Puppet Containerization: Docker, Kubernetes Monitoring Tools: CloudWatch, Prometheus, Grafana Static Application Security Testing (SAST): SonarQube, Checkmarx Dynamic Application Security Testing (DAST): WhiteSource, OWASP Zap Application Security: Burp Suite, Threat Modelling System Hardening: CIS Security Benchmark Security Auditing and Compliance: Lynis, Inspec Software Bill of Materials (SBOM): Syft, AWS Inspector, OWASP Dependency-Check EXPERIENCE Lentra, Pune | Security Architect Nov 2022 – Present Manage and lead the DevSecOps team, define SDLC, security roadmap, DevOps and security practices for multiple product streams. Work with multiple products team to define and execute the feature requirements based on Sprint cycle as per DevOps and Security to define and the execute practices Experience in Agile leading practices, processes, and tools in support of DevSecOps processes Provide subject matter expertise to the increasingly cloud security initiatives, vision & roadmap. Contribute to design, implementation, and maintenance of open-source security solutions in cloud infrastructure. Contribute to the development and enhancement of security policies, standards, procedures, guidelines, and controls. Perform periodic checks/audits to ensure state of security controls are in line with increasingly security policies, compliance requirements. Application Security Analyst perform security tests on cloud networks, web-based applications. Seagate Technologies, Pune | DevSecOps & Security Architect May 2020 – Oct 2022 Supervise a team of 10 members, define their roadmap, and create plans to execute them Lead Cyber Risk teams as part of DevSecOps migration using on-premises and cloud-native services Integrate DevSecOps practices using Codacy (SAST) & WhiteSource (DAST) with GitHub which detects, prioritizes, and remediates opensource security vulnerabilities Onboard Checkmarks (CxSAST) to Identify security risks throughout the software development lifecycle Lead application security assessments and review/develop strategic and tactical security remediation recommendations / cyber risk roadmap to address identified security gaps Define security practice to Identify and analyse security tools that can embed within the deployment pipeline to perform Dynamic & Static code testing, Opensource component testing, and Deployed Infrastructure testing to identify security vulnerabilities Detect unexpected application behaviour and alerts on threats at runtime, CVE exploits, vulnerability detection, and System hardening for Kubernetes cluster as per CIS security benchmark standards Perform system hardening, security auditing, and compliance for Linux-based systems using Lynis Generate a Software Bill of Materials (SBOM) from container images and filesystems using syft Ensure DevSecOps systems are robust, can handle rapid growth, and limit exposure to single points of failure and security vulnerabilities Detect and scan the contents of a container image or filesystem to find known vulnerabilities with grype Analyse the vulnerability and penetration testing of web application / Infrastructure and mitigate the vulnerabilities Participate in and support application security reviews and threat modeling, including code review and dynamic testing Participate in automated security testing to verify that secure coding best practices are being used Write security reports including findings, conclusions, and recommendations for further system security improvements Discover and patch security vulnerabilities and be comfortable with standard web application security tools DevOps & Security Trainer Jan 2020 – April 2020 American Express, Gurgaon | Product Security Analyst Nov 2017 – Jan 2020 Managed DevOps, Cloud automation, and Infrastructure teams to deliver the customer projects Onboarded projects in continuous deployment pipeline using Jenkins, Kubernetes, and continuous delivery pipeline with XL release Designed & automated production servers using Ansible for the On-premises Infrastructure and public cloud Planned & designed discussions of DevOps, Cloud & Kubernetes to provide a feasible solution or architecture view to implement customers' environments Onboarded, maintained, and supported enterprise applications deployed in Kubernetes architecture and containerization Worked on a project to automate Kubernetes cluster architecture with Ansible on AWS cloud Infrastructure as well as on-premises Infrastructure Designed and implemented projects on Kubernetes, Prometheus, and Grafana with the deployment yaml files Migrated internal applications to AWS cloud using the migration strategies Capgemini, Pune | Lead DevOps & Security Practitioner Dec 2016 – Oct 2017 Led a DevOps and Operations Team of 6 members and supported them for multiple projects on Ansible, Jenkins, and Git source version Created Proof of Concept/Prototypes to evaluate new technologies and vendors, proactively contribute to infrastructure platform vision, architecture, and roadmap Design and maintain AWS native services like EC2, EBS, CloudFront, S3, ECS, CloudWatch, IAM Automated the development and test environment by implementing integration, configuration, and deployment process using DevOps tools Migrated Internal virtual machines infrastructure to AWS using Server Migration Service (SMS) Performed POC of Kubernetes cluster and Docker containers for the SIT environment Automated customer cloud Infrastructure with Ansible and Python scripts Analyzed the functional requirements specification as a Requirements Engineer Analyzed prospect requirements and established parameters to ensure the client receives the right solution Red Hat, Pune | Principal DevOps Practitioner Feb 2014 – Dec 2016 Deployed and configured private Openstack cloud for customers Designed and implemented the architecture of multiple AWS components with Ansible using dynamic Inventories; and AWS virtual private cloud (VPC), security groups, and IAM policy Designed and automated the workflow of Docker containers lifecycle with Ansible Managed Gluster migration activities, troubleshooting, and Implementation for the Enterprise customers Deployed and automated the software-defined distributed storage (Glusterfs) Delivered enterprise product support to customers and managed escalations. Provided training sessions on DevOps tools to Consultants and Architects EARLY CAREER GLIMPSE Tricore Solutions, Gurgaon | Sr. Cloud & Automation Consultant Mar 2013 - Feb 2014 Ericsson India, Noida | Sr. IaC Automation Expert Jul 2011 - Mar 2013 Computer Science Corporation (CSC), Noida | Sr. Linux Administrator Jun 2009 - Jul 2011 TATA Consultancy Services (TCS), Bangalore | Linux Administrator Aug 2007 - Jun 2009 Idea CompuSoft, Pune | Network Support Engineer Jan 2005 - Aug 2007