KIERAN UPADRASTA CISSP, CISM, CRISC

 

Kieran Upadrasta, CISSP is the CISO, and the founder, Director of Cyber Artificial Intelligence Systems. He is a cyber security architect, Information security consultant, InfoSec Researcher. He is a CISSP, CISM, CRISC qualified. Cyber Defence taskforce member. Upadrasta was also a former engineer in the Air Force Information Warfare Unit, Policy Advisor, Expert Witness, University Gold Medallist.

 

Mr. Upadrasta has over 26 years’ experience of business analysis, consulting, technical security strategy, architecture, governance, security analysis, threat assessments and risk management. 26 years’ Cyber Security experience with big 4 consulting firms. 20 years worked in Financial and Banking industry. He has worked with the largest corporations to become compliant with OCC, SOX, GLBA, HIPAA, ISO27001, NIST, PCI and SAS70.

 

Mr. Upadrasta has consulted for several Fortune 500 companies., including Banking, Financial, Insurance, defence and aerospace clients. His competencies range from setting up risk management programs and developing enterprise network security architectures to constructing enterprise-wide security programs that connects computer security and business needs in a synergistic manner.

 

Expert in Business Continuity planning (BCP) and Management, Resilience, Disaster recovery planning (DRP), Incident response, Crises management, Critical and Major Incident Management (MiM), Stakeholder engagement, mapping requirements and management.   Specialised in the following areas: -

A computer with a person's face on the screen

Description automatically generated with medium confidence

            

• Governance, IT Auditing - Policy, Legal, Regulatory Compliance, Investigations, forensics, COBIT, Archer eGRC, PCIDSS, GDPR, Data protection, SOX

• Policy, Standards, Framework, Audits -  ISO27001, SAS 70, NIST, COBIT, Smart city Reviews, BCP, DRP, HIPAA, PCIDSS, SOC2

• Risk management -SARA, SPRINT, IRAM

• Threat management - Arbor SP Peakflow, Forefront TMS, DDOS mitigations, Akamai Kona defender, Siteshield, Threat modelling, Threat hunting, Intel

• Vulnerabilities management -Qualys, Tenable Nessus, Foundstone

• Strategic Planning, Security architecture - HLD & LLD creation, Enterprise architecture - SABSA, TOGAF

  Identity and Access Management IAM- AD, Azure AD, Okta

 

  Privileged Access Management (PAM): CyberArk, BeyondTrust, Thycotic, Centrify, Lieberman, Broadcom Symantec CA PAM, SailPoint IGA

• Data loss and fraud prevention - Symantec DLP, Advanced Persistent Threat APT, User Behavior Analytics UBA

• Cybersecurity Platforms: CrowdStrike, Palo Alto Networks, SentinelOne, M365 Defender, Falcon Sensors, McAfee, Symantec, Carbon Black, Fortinet, FireEye, Cylance, MITRE ATT&CK Framework, Endpoint & Cloud Protection, Detection, And Response (EDR), Falcon X, Breach Prevention, Vulnerability Management, Threat Hunting, Zero Trust, Container Security, NGAV, Device Control, Firewall Management, Artificial Intelligence, Automation

• Cloud platforms -AWS, Azure, Google Cloud Platform (GCP) & Cloud technologies

• Automation - Ansible, Kubernetes, Docker,Terraform, Jenkins, Python

•Management – Projects, Engineering and Security operations

• SIEM : Arcsight ESM, Qradar, Splunk, LogRhythm, RSA Security Analytics, Envision

• Firewalls, IDS, IPS - Checkpoint, McAfee, Cisco, Juniper, ISS, Snort, Sourcefire, Web Application Firewall WAF

• Encryptions, Vpns, IPsec, PKI, Endpoints - Safe boot, Pointsec, CrowdStrike

• Proxies, Content filtering - Bluecoat, Zscaler, Finjan, Ironport

• Agile, Prince2, DevOps, DevSecOps 

• Past work experience with quite few international security agencies.           

• Past work experience with Financial Conduct Authority FCA, Prudential Regulation Authority PRA

Qualified: CISM, CRISC, CISSP, CCSE, CCSP, CCNA Security, JNCIS-FWV, MBA and BEng