PRASAD TALEKAR

Pune, India | talekarprasad@gmail.com | +91 - 86000 34996 | https://www.linkedin.com/in/prasadtalekar/

CISSP | CISM | DATA PRIVACY | INCIDENT RESPONSE

• CISSP, CISM certified security professional, offering 15 years of experience in Product based industry.
• Strong knowledge in Application Security, Incident Response, and handling Customer escalations.
• Thorough knowledge and proficiency in Symantec DLP (Data Loss Prevention) and Encryption (PGP).
• Excellent communication skills to coordinate with the clients & stakeholders across the enterprise.
• Translate Risk Management terminology into business terms and recommend cost effective solutions.
• Provide advisory assessments in relation to cybersecurity breach prevention and Incident Responses.

CORE COMPETENCIES

• Symantec Vontu DLP • Application Security • Incident Response

• Encryption / Cryptography • Compliance (GDPR/COPPA) • NIST 800-53 Data Classification
• Identity & Access Management • Threat Modelling & Security Audit • SAST / DAST / Secure Coding
• Python Scripting, C, C++ • GRC Orchestration • Tools: Burp Suite, SonarQube
• Excellent Problem-Solving Skills • Effective Communications Skills • Engaging Presentations Skills

EDUCATION & CERTIFICATIONS

• Certified Information Systems Security Professional (CISSP) ISC2 2021

• Certified Information Security Manager (CISM) ISACA 2021

• Bachelor of Engineering (Electronics) Mumbai University 2003

• Diploma Electronics & Telecommunication Board of Technical University 2000

CAREER HIGHLIGHTS

• Maintained strong working knowledge of complete Secure SDLC driving all phases of released product.
Also participated in pre-release activities and BETA roll-out programs for customers across the globe.
• Triage of escalated security events that require in depth analysis, including ability to troubleshoot an
event, research the potential root cause, and recommend a course of action to mitigate the same.
• Collaborated with high profile clients to thoroughly analyze and evaluate security risks, recommend cost
effective preventative, detective or corrective measures or workaround, for Enterprise Security Products.
• Competent Escalations Engineer well-versed in assisting Internal and External users with Advanced
knowledge of security, governance and compliance (e.g. DLP, IAM, GRC, NIST, GDPR, COPPA)
• Coordination of incident response activities, including written and verbal communication with other IT
groups and IT management. Key contributor to train support and escalation team on product features.
• Performed information security incident response handling based on risk categorization and in
accordance with established procedures ensuring that issues are addressed in a timely manner.
• Received various applause awards along with Symantec's highest award (Standing Ovation) for
Customer Satisfaction. CISSP and CISM Certified professional currently preparing for Azure certifications.
• Willingness to learn new skills, passionate to develop training material and deliver on-the-job and
classroom trainings on security topics as well as for clearing security certifications
 DETAILED EXPERIENCE

Security Consultant and Trainer | CONFIDENTIAL May 2017-Present

• Define and implement a data classification model for the organization based on NIST SP 800-53.
Investigate and implement technologies that will protect data at rest, data in transit, and data in use.
• Assisted customers to oversee compliance with the security program. Set up processes to support
parental consent, data collection, data processing, etc from COPPA/GDPR-K compliance points of view.
• Provided Security Governance, Risk Management, and Compliance (GRC) services. Analyze business
processes and developed process improvement plan. Document and track risks and mitigation efforts.
• Reviewed and updated policies that are designed to protect various endpoints, applications, and data
from unauthorized or accidental access, duplication, exfiltration, modification, or destruction.
• Consulted with business areas on Personally Identifiable Information (PII) collection, data minimization,
appropriate use of data, anonymization, information sharing, proper handling, and disposal of data.
• Developed best practices and training material for Secure SDLC including Secure Coding Guidelines,
Threat Modelling, Incident Management checklist, SAST, DAST, and Patch management policy.
• Monitored for changes in European Privacy Laws, Regulations, and other requirements and manage
scope creep accordingly. Shared their business implications with the broader audience
• Instructor for (ISC)2 CISSP Certification Course

Senior Software Engineer-L3 | SYMANTEC Jan 2012-Apr 2017

Symantec provides cybersecurity software and services. Hired as Customer Escalation Engineer to identify
widespread and systemic customer facing issues across the globe and work simultaneously on multiple
security incidents and product related problems. Scoped and documented customer scenarios, identified
potential causes and troubleshooting steps.
• Gained knowledge on Enterprise Security and its interactions with other technologies, such as
Applications, Windows Device Driver, OS internals and hardware inter-op devices. Took ownership of
Kernel modules and performed Threat Modelling and conducted Security Audit for InfoSec products
• Worked on Symantec Vontu DLP product to identify and classify data. Triage of security events that
require in depth review and analysis. Performed assessment of incidents, set and fine tune security
policies, identified false positive scenarios and recommend a course of action, for all supported incidents
• Followed-up on customer escalations, incidents, issue related to security event and data loss. Developed
incident response workflow for DLP incidents, defined policy/rules for the DLP solution and refined them
as DLP product matured. Worked across Windows Applications as well as Kernel level incidents
• Coordinated with Development and QA team to analyze reported vulnerabilities, assign CVSS score and
worked to resolve the same. Created check-list to triage reported Incidents, detect data breach, address
gaps and policy violations to keep customer escalations rate lower at early stage of IR process
• Participate in backlog-grooming, setting priority/severity for reported escalations, identify what features
can be added based on feature requests from customers. Proactively manage incidents to minimize
customer impact. Compiled and analyzed data for management reporting and metrics

Technical Lead | WIPRO Jun 2010-Jan 2012

Wipro is a multinational corporation that provides information technology, consulting and business process
services. Engaged as Technical Lead to build and manage a team to modify existing software, correct errors
and improve performance of Customer’s product. Identified tasks involved across various products and
monitored execution.
• Prioritized tasks schedule in coordination with the team to improve their product delivery. Trained
members on new features, relevant functional procedures, preventative measures, debugging
techniques, and instrumentation tricks.
• Created and documented test plans to adequately validate correct functionality under normal and error
conditions; includes testing of new features, bug fixes, executing regression test cases. Prepared detail
reports for Code Coverage, Coverity and Memory Leak analysis.
• Documented cases, recommendations, and resolutions clearly in the CRM system (eTrack/Bugzilla). Key
Technical Contact for troubleshooting and debugging complex escalated issues – working with the
customer, internal Third-level Engineering and Product Development teams for the resolution of high
impact or pervasive issues.
• Independently handled client escalations to ensure defect free products for release. Whenever required,
handled customer issues, all may not only be technically challenging but politically charged and/or
mission critical situations requiring the highest level of customer service.

Senior Software Engineer | STACCATO COMMUNICATIONS Jul 2007-May 2010

Staccato Communications is a UWB wireless tech company designing and developing wireless technology
and products. Reporting to the Director Engineering, was part of the start-up team in India for setting up
and maintaining test environment for software and system testing in the area of embedded product
development, Windows Internals and Windows Kernel.
• Performed advanced problem analysis and isolate problems of moderate to high complexity, with little
instruction from management or leads. Worked with development team to achieve 23% throughput
improvement of Imation’s Wireless HDD.
• Worked effectively with development team to ensure effective validation to complete functional and
performance validation of driver data paths. Key contributor to setup WHQL Signing Lab to get device
driver signed and certified.
• Managed meetings with developers and QA and interface with customer service on specific issues.
Interacted with clients for requirement gathering, providing technical advice & feedback.

Software Engineer | TOSHIBA Apr 2005-Jul 2007

Toshiba is a leading consumer electronics manufacturer. Hired as part of the Windows Team for
SoundBlaster Card to accomplish smooth product transition and porting of existing WDM Audio drivers
from Windows XP to upcoming Windows Vista while conducting test & validation of Acoustic product base
from OS Internals and Device Driver point of view.
• Designed test specifications, implemented and executed standard acoustics test scenarios on multiple
Windows platforms. Performed memory, logs and crash dump analysis obtained from test results.
• Provide assistance to Mainline Development during remote debug dial-in sessions, provide technical
diagnosis, troubleshooting info. Prepared detail reports with recommended settings and workarounds.