General Management Programme for Defence Officers (DGMP)
IIIM Lucknow (Noida Campus)
Contact

Sandeep Padam

20

years experience

    20 years’ experience in the field of Cyber Security in Indian Navy handling Operations, Strategic Planning, Project Management, Training, Secure System Design, Threat Modelling, Security Audit, Vulnerability Assessment, Penetration Testing and Web Security. Inherent talent for a

    Areas of Interest

    • IT/Cyber Security

    • Security/Risk Management

    • Training/Academia

    Staff Appointment, Headquarters, Mumbai (Sep ‘17 to till date)

    • • Executed projects worth INR 18 Crores in IT/ Infosec domain from initiation to closure within defined timeframes

    • • Ensured 80% compliance to SANS Top 20 critical control within the organization consisting of more than 8000 PCs and 1000 manageable switches.

    • • Planned and coordinated regular Red Teaming Exercises to assess security status.

    • • Code reviews of more than 50 web applications to obviate OWASP Top 10 Web Vulnerabilities.

    • • Introduced DevSecOps for higher standards in web security.

    • • Formulated Incident Management policy in Indian Navy post SIEM implementation in the Naval network.

    • • Critical inputs for creation of IT Roadmaps for Indian Navy

    • • Presentation of metrics to top management for better appreciation of internal capabilities vis-a-vis infosec threat landscape.

    Senior System Manager, R&D, New Delhi (Jan ‘13 to Sep ‘16)

    • • Conceptualized following security products in Indian Navy and managed all phases including design, coding, testing, deployment and lifecycle support with a team of 15-20 highly skilled security professionals:-

    • • Proprietary Firewall Appliance (transition from software based to hardware form factor).

    • • Data diodes for Secure one way traffic from internet to air-gapped network with a unique design methodology for transfer of data pertaining to merchant ship movement.

    • • Secure Mobile Communication within Indian Navy. The project involved hardened android build on commercial hardware for secure messaging and voice calls

    • • Authored design QRs for customized Secure Pen Drives for usage in Indian navy (FIPS Level 2 compliant).

    • • Pivotal role in setting up of a Centralized Testing Centre for all projects with dedicated team for carrying out Testing and Validation.

    • • Introduced following technologies in Indian Navy:-

    • • Wireless Intrusion Prevention System (WIPS) solution.

    • • 3D Printing for prototyping purposes.

    Chief Instructor, Training Unit, Jamnagar (Jul ‘08 to May ’11)

    • • Imparted instructions on basic as well as advanced topics of Information Security/ Embedded Systems for officers and sailors.

    • • Planned, architected and executed a Specialist Course on Information Security with advanced topics involving Application security, Database security and Networking Security.

    Ship Appointments, (Mar ‘04 - Aug ’05, May ’11 - Jan ’13, Aug ‘16 - Sep ‘17)

    • • Responsible for security of Ship’s internal LAN from external threats in both Indian and foreign ports.

    • • Successfully led the team of technical officers and sailors and achieved all operational commitments as per defined roles.

    Education

    • Business Management, IIM Lucknow (Presenty pursuing)

    • M Tech (Computer Science), IIT Madras

    • B Tech (Electrical & Electronics), Jawahar Lal Nehru University

    • B Sc, National Defence Academy

    Core Competencies

    • Stakeholder Management

    • Security Testing

    • Risk Assessment

    • Threat Modelling

    • Secure System Design

    • Data Analytics

    • Power BI, Tableau

    • Wireless Security

    • C++, C, Java, Perl, Python, R

    • HTML, CSS, Javascript, Mysql

    Certifications/Awards/Recognitions

    • Certified Information Systems Security Professional (CISSP)

    • AWS Solution Architect Associate

    • Certified Ethical Hacker (CEH)

    • Certified Lead Auditor ISO 27001:2013

    Designed at Aarts Creative Studio