I'M
Mohit PRAKASH.
Principal Security Analyst
Expertise
Risk Assessment NIST800-53,UCF
90%
AWS Cloud Security
85%
STRIDE Threat Modelling
95%
GDPR,SOX,FISMA, HIPPA
85%
ISO,PCI-DSS,SOC 2
90%
MetricStream, ServiceNow, JIRA, Agiloft
95%
Security Strategy
90%
M
Seasoned senior security analyst with six years of experience working in cybersecurity in different domains. My experience with threat modeling and conducting risk assessments has provided me with a solid foundation in understanding and mitigating complex security risks. During this time, I've developed a comprehensive understanding of how crucial cybersecurity is to business operations, and my passion for securing systems and threat assessment has only deepened.
I’m excited about contributing to organizations that are actively innovating in cybersecurity or operating at a global scale. The cybersecurity landscape is constantly evolving, and I’m eager to continue learning, particularly in emerging areas such as AI-driven security, cloud security, and automation.
EXPERIENCE
March 2020-present
Twilio Inc.
Principal Security Analyst
Conducted iterative threat modeling using the STRIDE framework for various Authy platforms, including the Authy WhatsApp API and Zygops. As part of Security Champions program, I led Security Architecture Reviews and served as a key stakeholder and subject matter expert for the risk team, driving quarterly security reviews across all Twilio comms products. Owned the yearly risk assessment initiatives for all Twilio products, aligning them with the NIST framework to ensure comprehensive risk evaluation. Additionally, developed Jira dashboards, risk quantification frameworks, and risk reduction processes. Helped establish the Preventative Risk Program Working Group to address emerging risks such as AI/ML risks and unsupported cloud environments. My role also involves overseeing third-party security and managing the onboarding of external vendors into the Twilio ecosystem.
June 2019- August 2019
Twilio Inc.
Security Analyst
Conducted annual risk assessments and played a key role in facilitating quarterly risk reviews to ensure ongoing evaluation of potential threats. Additionally, created and managed the risk register, tracking identified risks, mitigation strategies, and their status to maintain an organized and up-to-date overview of the organization's risk landscape.
January 2019- June 2019
GSK Plc.
IT Security services Engineer
Conducted Blue Team activities, with a particular focus on mitigating insider threats. This included managing alerts and identifying unique or rare processes within Rapid7 SIEM, as well as utilizing User Behavior Analytics in Insight IDR to monitor ingress, third-party VPN activity, and watchlist behavior. I also conducted simulated external vulnerability scans using OpenVAS and performed reconnaissance with Maltego to assess and reduce potential threat vectors. My responsibilities extended to managing endpoint agents like Rapid7, Bitlocker, and Carbon Black, ensuring robust endpoint security. Additionally, I monitored removable media activity using Code42 and managed phishing threats through Mimecast to enhance overall cybersecurity defenses.
March 2015- July 2017
Accenture
Associate Security Engineer
Managed the test suite and conducted thorough analysis of applications to identify vulnerabilities and perform stress testing. Additionally, I led initiatives and sprint cycles using Selenium for automated testing, ensuring efficient and reliable test execution across various environments.
Personal
CONTACT
I am available on email and would love to hear from you! Please fill in this form briefly describing how can I be of assistance and i will reach back out.