Open to opportunities

mainak biswas

@mainakbiswas1

Message

Seasoned cybersecurity leader driving enterprise security, compliance, and resilience.

India

Message

What I'm looking for

I seek senior security leadership roles where I can build scalable governance, lead compliance and architecture programs, enable DEVSECOPS, and improve cyber resilience in regulated, growth-focused organizations.

I am a cybersecurity and information-risk leader with extensive experience building security programs, implementing standards (ISO 27001, PCI DSS, DPDP/GDPR, HIPAA/FISMA) and delivering large-scale compliance and architecture projects across media, banking, healthcare and manufacturing.

I have led enterprise security, CISO and security-architecture functions, guided audits (RBI, SEBI, IRDAI), managed certifications for organizations up to ~15,000 headcount, and delivered 60+ projects including application security reviews for major banks and cloud/OT assessments.

I focus on pragmatic, cost‑effective security engineering, DEVSECOPS enablement, vendor and cloud strategy, and building scalable governance and incident/forensics capabilities to improve cyber resilience and reduce operational cost.

Experience

Work history, roles, and key accomplishments

Current

Head – Enterprise Delivery

Current

Kapstone Technological Services LLP

Dec 2023 - Present (1 year 10 months)

Lead enterprise delivery, perform OT assessments and guide organisations to improve cyber resilience, DEVOPS/DEVSECOPS processes, and regulatory compliance while controlling operational costs and driving vendor security reviews.

OT Assessment DevSecOps VAPT OWASP Top 10

General Manager – IT & Practices

Network 18 Media & Investment Ltd

Dec 2020 - Dec 2023 (3 years)

Owned group-wide information security and IT functions, led ISO 27001 and PCI DSS certifications for ~15,000 employees, implemented DPDP 2023 and managed enterprise risk assessments to reduce spend and improve compliance.

ISO 27001 PCI DSS Enterprise Risk Assessment Vulnerability Management Audit (RBI SEBI)Governance

Chief Information Security Officer

Emkay Global Finance

Jun 2020 - Dec 2020 (6 months)

Directed security architecture and governance, ensured readiness for regulatory audits (RBI/SEBI), quantified IS/IT spending via risk-led business cases, and implemented vulnerability management and network segmentation controls.

Security Architecture Risk Management Vulnerability Management Segmentation

General Manager – IT & Practices

Network 18 Media & Investment Ltd

Jun 2016 - Dec 2020 (4 years 6 months)

Led information security across group companies, achieved ISO 27001 certification, drove PCI DSS compliance for Moneycontrol, acted as Management Representative and Data Privacy Officer, and led incident response and awareness programs.

ISO 27001 PCI DSS Incident Response Data Privacy Governance Application Security

Chief Enterprise Security Architect

Crypteia Networks

May 2015 - Jun 2016 (1 year 1 month)

Performed enterprise architectural reviews, conducted in-depth malware and threat analysis, led SAP security during ERP transition, and designed compliance and governance models to maintain organizational controls.

Malware Analysis SAP Security Architecture Reviews & Compliance Governance VAPT Cost Benefit Analysis

Head – Enterprise Security

KEC International

Feb 2014 - Apr 2015 (1 year 2 months)

Implemented ISMS and ISO 27001 processes, designed OT security, centralized defenses (Sourcefire), deployed NAC/802.1x and DLP, and led audits and risk assessments to embed security across the enterprise.

ISMS ISO 27001 Sourcefire Vulnerability Management

Security Architect

Cap Gemini India

Dec 2009 - Jan 2014 (4 years 1 month)

Designed and reviewed security architectures for clients, conducted VAPT, appsec and cloud security audits, promoted cloud hosting models, and delivered secure SDLC and security training for teams.

Security Architecture VAPT Application Security Cloud Security Sourcefire Risk Assessment

Project Manager

Syntel Limited

Dec 2005 - Dec 2009 (3 years 11 months)

Managed information security service lines, led VAPT and compliance assessments (ISO 27001, PCI DSS, FISMA), ran presales and delivery for cloud/security services, and built an operating center for threat monitoring.

Project Management VAPT PCI DSS ISO 27001 Cloud Security IAM

Project Lead

MIEL e-security

Dec 2001 - Dec 2005 (4 years)

Led security assessments, desktop and infrastructure audits, built virtual training environments for VAPT, contributed to cloud service methodology, and implemented endpoint security and monitoring processes.