Kieran Upadrasta is a cyber security architect, Information security consultant, risk manager with 26+ years' experience in a broad range of industries. CISSP, CISM, CRISC qualified. Big 4 Consulting experience, 20 years worked in in Financial and Banking sector.  Cyber Defence taskforce member, InfoSec Researcher, a former pilot, captain, University Gold Medallist. Policy Advisor. Expert Witness.

Over 26 years’ experience of business analysis, consulting, technical security strategy, architecture, governance, security analysis, threat assessments and risk management. Expert in Business Continuity planning (BCP) and Management, Resilience, Disaster recovery planning (DRP), Incident response, Crises management, Critical and Major Incident Management (MiM), Stakeholder engagement, mapping requirements and management.

Specialised in the following areas: -

        A computer with a person's face on the screen

Description automatically generated with medium confidence


• Governance, IT Auditing - Policy, Legal, Regulatory Compliance, Investigations, forensics, COBIT, Archer eGRC, PCIDSS, GDPR, Data protection, SOX

• Policy, Standards, Framework, Audits – ISO27001, SAS 70, NIST, COBIT, Smart city Reviews, BCP, DRP, HIPAA, PCIDSS, SOC2

• Risk management -SARA, SPRINT, IRAM

• Threat management - Arbor SP Peakflow, Forefront TMS, DDOS mitigations, Akamai Kona defender, Siteshield, Threat modelling, Threat hunting, Intel

• Vulnerabilities management -Qualys, Tenable Nessus, Foundstone

• Strategic Planning, Security architecture - HLD & LLD creation, Enterprise architecture – SABSA, TOGAF

  Identity and Access Management IAM- AD, Azure AD, Okta


  Privileged Access Management (PAM): CyberArk, BeyondTrust, Thycotic, Centrify, Lieberman, Broadcom Symantec CA PAM, SailPoint IGA

• Data loss and fraud prevention - Symantec DLP, Advanced Persistent Threat APT, User Behavior Analytics UBA

• Cybersecurity Platforms: CrowdStrike, Palo Alto Networks, SentinelOne, M365 Defender, Falcon Sensors, McAfee, Symantec, Carbon Black, Fortinet, FireEye, Cylance, MITRE ATT&CK Framework, Endpoint & Cloud Protection, Detection, And Response (EDR), Falcon X, Breach Prevention, Vulnerability Management, Threat Hunting, Zero Trust, Container Security, NGAV, Device Control, Firewall Management, Artificial Intelligence, Automation

• Cloud platforms -AWS, Azure, Google Cloud Platform (GCP) & Cloud technologies

• Automation - Ansible, Kubernetes, Docker, Terraform, Jenkins, Python

•Management – Projects, Engineering and Security operations

• SIEM: Arcsight ESM, Qradar, Splunk, LogRhythm, RSA Security Analytics, Envision

• Firewalls, IDS, IPS - Checkpoint, McAfee, Cisco, Juniper, ISS, Snort, Sourcefire, Web Application Firewall WAF

• Encryptions, Vpns, IPsec, PKI, Endpoints - Safe boot, Pointsec, CrowdStrike

• Proxies, Content filtering - Bluecoat, Zscaler, Finjan, Ironport

• Agile, Prince2, DevOps, DevSecOps

• Past work experience with quite few security agencies.

• Past work experience with Financial Conduct Authority FCA, Prudential Regulation Authority PRA