Mukesh Bhakar, Developer in Jaipur, Rajasthan, India
Mukesh is available for hire
Hire Mukesh

Mukesh Bhakar

Verified Expert  in Engineering

Cloud Security Developer

Location
Jaipur, Rajasthan, India
Toptal Member Since
November 12, 2021

Mukesh is a professional with over 14 years of experience in cybersecurity. He has expertise in designing and implementing security solutions across multi-cloud platforms like AWS, Azure, and GCP. His background also includes DevSecOps, security operations, cloud security assessment, endpoint security, and data security. Mukesh has worked in various roles as an individual contributor and in leadership positions.

SecurityData Loss Prevention (DLP)Computer ScienceSecurity ArchitectureIT Service Management (ITSM)SecOpsVulnerability ManagementOktaCloudThreat IntelligenceWeb SecurityNISTSingle Sign-on (SSO)Identity & Access Management (IAM)Firewalls

Portfolio

Commonwealth Financial Network
Azure, VPN, Azure Key Vault, Azure Active Directory, Cloud Security...
ValueLabs
Cloud Security, Penetration Testing, Azure, Security Architecture...
Mundo Startel S.A.
Cloud Security, Azure, Security Architecture, Security, AWS Organizations...

Experience

Security Architecture - 11 yearsPenetration Testing - 8 yearsCloud Security - 7 yearsAzure - 6 yearsDevSecOps - 4 years

Availability

Full-time

Preferred Environment

Container Security, Network Security, Application Security, Cloud Security, DevSecOps, Amazon Web Services (AWS), Security Architecture, Threat Modeling, SOC 2, Infrastructure as Code (IaC), Linux Administration, Artificial Intelligence (AI), Vulnerability Assessment, GCP Security, Firewalls

The most amazing...

...thing I've designed was a robust, scalable, and secure multi-cloud architecture, incorporating industry best practices to safeguard enterprise data and systems.

Work Experience

Platform Cloud Security Engineer

2022 - 2024
Commonwealth Financial Network
  • Developed a multi-cloud security orchestration platform for managing security policies, identity management, and threat detection across AWS and Azure using CSPM.
  • Implemented a comprehensive access governance solution, utilizing AWS SSO and Azure Active Directory for centralized user authentication and authorization.
  • Designed and implemented a multi-account architecture in AWS, segregating workloads and applications into distinct AWS accounts using AWS SRA and Control Tower.
  • Designed and implemented cloud governance, establishing policies, procedures, and controls for cloud framework using NIST 800-53, CIS, and PCI DSS.
Technologies: Azure, VPN, Azure Key Vault, Azure Active Directory, Cloud Security, Azure Resource Manager (ARM), Networks, Application Security, Terraform, Identity & Access Management (IAM), Risk Assessment, Security Architecture, Infrastructure as Code (IaC), Linux Administration, Artificial Intelligence (AI), SOC 2, Amazon Web Services (AWS), Information Security, Managed Security Service Providers (MSSP), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC)

Senior Cloud Security Architect

2021 - 2022
ValueLabs
  • Performed security and privacy assessments, which included vulnerability assessment and penetration testing in determining compliance and security posture in the cloud.
  • Implemented AWS Security Hub, AWS Organizations, GuardDuty, SSO, WAF, and AWS native security tools.
  • Conducted vulnerability assessment using Burp Suite Enterprise, Nmap, Nessus, OWASP ZAP, sqlmap, Scout Suite, and PACU.
  • Automated cloud security controls, data, and processes to provide better metrics and operational support.
  • Identified security threats and risks related to cloud infrastructure services and planned remediation activities.
  • Implemented Azure Sentinel, Azure Security Center, Azure WAF, and Application Gateway.
Technologies: Cloud Security, Penetration Testing, Azure, Security Architecture, AWS CloudFormation, Security, AWS Organizations, Security Hub, Amazon Web Services (AWS), Single Sign-on (SSO), OWASP Top 10, Sentinel, Cyber Threat Hunting, Computer Science, Network Security, Amazon Route 53, SecOps, IT Service Management (ITSM), Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, CISO, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Google Cloud Platform (GCP), Microsoft Azure, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, Team Management, ISO 27001, Compliance, Consulting, Azure Active Directory, Identity & Access Management (IAM), Architecture, Data Protection, GDPR, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Infrastructure as Code (IaC), Linux Administration, Application Security, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC)

Cloud Security Architect

2018 - 2021
Mundo Startel S.A.
  • Designed secure cloud architecture using best practices.
  • Audited and implemented compliance as per regulatory requirements.
  • Designed, implemented, and maintained cloud infrastructure security, identified technical gaps, and provided solutions.
  • Gained extensive experience in cloud-based DDoS protection services such as AWS Shield Advanced.
Technologies: Cloud Security, Azure, Security Architecture, Security, AWS Organizations, Security Hub, Amazon Web Services (AWS), Single Sign-on (SSO), OWASP Top 10, Sentinel, Cyber Threat Hunting, Computer Science, Network Security, Amazon Route 53, SecOps, IT Service Management (ITSM), Application Security, Architecture, Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, Okta, Google Cloud Platform (GCP), Microsoft Azure, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, Team Management, ISO 27001, Compliance, Consulting, Azure Active Directory, Identity & Access Management (IAM), Data Protection, GDPR, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Infrastructure as Code (IaC), Linux Administration, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Network Engineering, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC)

Application Security Engineer

2014 - 2018
Ericsson
  • Developed processes and implemented tools and techniques to perform ongoing security assessments of the environment.
  • Analyzed security test results, drew conclusions from results, and developed targeted testing as deemed necessary.
  • Collaborated with external vendors to perform penetration tests on network devices, operating systems, databases, and applications as necessary.
Technologies: Network Security, Security, OWASP Top 10, Cyber Threat Hunting, Computer Science, SecOps, IT Service Management (ITSM), Architecture, Amazon Web Services (AWS), Azure, Identity & Access Management (IAM), Security Architecture, Microsoft, IT Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, ISO 27001, Compliance, Azure Active Directory, Data Protection, GDPR, Ethical Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Linux Administration, Application Security, Artificial Intelligence (AI), Threat Intelligence, Network Architecture, Team Leadership, Network Monitoring, DevSecOps, IDS/IPS, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, GCP Security, SaaS Security, Firewalls, Amazon Cognito, Amazon EC2, Amazon Virtual Private Cloud (VPC)

Security Engineer

2013 - 2014
Vodafone Idea
  • Conducted vulnerability assessments of IT infrastructure for government agencies and private companies. Identified and prioritized vulnerabilities based on risk assessment and provided recommendations for remediation.
  • Conducted audits for organizations processing credit card data to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS). Identified and reported non-conformities and provided guidance on remediation measures.
  • Conducted a financial institution's comprehensive IDS/IPS vulnerability assessment, identifying misconfigurations and tuning recommendations to optimize threat detection accuracy and minimize false positives.
Technologies: Vulnerability Management, Identity & Access Management (IAM), Information Security Management Systems (ISMS), IDS/IPS, Firewalls, Threat Intelligence, Linux Administration, Application Security, Artificial Intelligence (AI), Network Architecture, Network Engineering, Network Monitoring, DevSecOps, Endpoint Detection and Response (EDR), Audits, GCP Security, Amazon Cognito, Amazon Virtual Private Cloud (VPC)

Senior Engineer

2013 - 2014
Vodafone Idea
  • Performed manual, external, and internal penetration testing.
  • Collaborated with external vendors to perform penetration tests on network devices, operating systems, and databases.
  • Provided assistance to system users regarding information system security.
  • Performed routine vulnerability scans against specified systems, analyzed the results, and worked with business units to remediate systems.
Technologies: Network Security, Security, OWASP Top 10, Cyber Threat Hunting, Computer Science, SecOps, Microsoft, IT Security, Static Application Security Testing (SAST), CI/CD Pipelines, Metasploit, Web App Security, OWASP, Web Security, Vulnerability Management, Security Audits, Cybersecurity, Amazon S3 (AWS S3), AWS IAM, AWS Elastic Beanstalk, Okta, Source Code Review, Interviewing, Task Analysis, DevOps, Cloud, APIs, ISO 27001, Azure Active Directory, Identity & Access Management (IAM), Architecture, Data Protection, Ethical Hacking, Hacking, Threat Modeling, Risk Management, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), Azure Key Vault, Azure Resource Manager (ARM), VPN, Networks, Data Loss Prevention (DLP), Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, DevSecOps, Audits

IT Security Engineer

2012 - 2013
Huawei Technologies Co.
  • Implemented data loss prevention (DLP) policies and technologies to prevent unauthorized data exfiltration and ensure compliance with data privacy regulations.
  • Designed and deployed secure network segmentation strategies to minimize the attack surface and limit the potential impact of security breaches.
  • Conducted physical security assessments to identify vulnerabilities in physical access controls and recommend improvements.
Technologies: Application Security, IT Security, Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, Audits

Cyber Security Analyst

2010 - 2012
Ericsson
  • Assessed and optimized the existing vulnerability management program, identifying gaps and inefficiencies.
  • Implemented vulnerability scanning tools on various platforms (endpoints, network devices, applications) and prioritized identified vulnerabilities based on risk assessment.
  • Automated vulnerability patching processes and tracked remediation progress across different systems.
Technologies: IT Security, Security Operations Centers (SOC), Patch Management, Vulnerability Management, Artificial Intelligence (AI), Threat Intelligence, Network Engineering, Network Monitoring, Audits

Implementation of AWS Security Architecture

Implemented AWS security architecture for one of the USA's leading pharma companies to protect them from ongoing ransomware attacks. Performed penetration testing of AWS account to find out vulnerability and misconfiguration.

Protection Against Ransomware

Implemented an airgap backup solution for one of the top clients to secure them from ransomware using cloud-native and open-source tools. Firstly I utilized existing backup solutions with proper security, monitoring, and encryption in place. After that, I implemented secondary backup solutions to ensure that we have available backups to restore in case of attacks.  

AWS Organization Multi-account Architecture Implementation

Implemented AWS Organizations to use control towers according to AWS best practices. It was implemented to separate customer environments according to development, staging, and production with separate logging, security, and shared account structures.

Tools

Metasploit, AWS IAM, Sentinel, Azure Key Vault, VPN, GCP Security, Amazon Cognito, Amazon Virtual Private Cloud (VPC), AWS CloudFormation, Terraform, Boto 3

Paradigms

Penetration Testing, DevSecOps, DevOps

Platforms

Azure, AWS Lambda, AWS ALB, Amazon Web Services (AWS), Microsoft, AWS Elastic Beanstalk, Amazon EC2, Kubernetes, Google Cloud Platform (GCP)

Industry Expertise

Network Security, Cybersecurity

Storage

Azure Active Directory, Amazon S3 (AWS S3)

Other

OWASP Top 10, Application Security, Cloud Security, Networking, Computer Science, Security Architecture, IT Service Management (ITSM), Security, Kubernetes Security, AWS Organizations, Security Hub, GaurdDuty, Single Sign-on (SSO), Amazon Route 53, Cyber Threat Hunting, SecOps, Architecture, Identity & Access Management (IAM), IT Security, OWASP, Web Security, Vulnerability Management, Security Audits, Okta, Microsoft Azure, Technical Hiring, Source Code Review, Interviewing, Task Analysis, Cloud, APIs, Team Management, Compliance, Consulting, Data Protection, GDPR, Ethical Hacking, Hacking, NIST, Security Management, Microsoft 365, Identity, Security Analysis, Business Continuity Planning (BCP), Disaster Recovery Plans (DRP), Information Security Management Systems (ISMS), SOC 2, CISM, Azure Resource Manager (ARM), Networks, Data Loss Prevention (DLP), IDS/IPS, Firewalls, Threat Intelligence, Linux Administration, Vulnerability Assessment, Network Architecture, Network Engineering, Team Leadership, Network Design, Network Monitoring, Endpoint Detection and Response (EDR), SIEM, Audits, Leadership, SaaS Security, Web Application Firewall (WAF), Container Security, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), CI/CD Pipelines, Web App Security, CISO, ISO 27001, Threat Modeling, Risk Management, Infrastructure as Code (IaC), Artificial Intelligence (AI), Secure Containers, AWS Certified Solution Architect, AWS Control Tower, AWS WAF, Risk Assessment, Information Security, Security Operations Centers (SOC), Patch Management, Managed Security Service Providers (MSSP)

Languages

Python 3

2022 - 2023

Master's Degree in Cyber Security

Southern New Hampshire University - New Hampshire

2005 - 2009

Bachelor's Degree in Electronics and Communication Engineering

University of Rajasthan, Jaipur - Jaipur, India

JANUARY 2024 - PRESENT

Certified Information Security Manager (CISM)

ISACA

NOVEMBER 2023 - PRESENT

Microsoft Certified: Cybersecurity Architect Expert

Microsoft

NOVEMBER 2021 - NOVEMBER 2023

Certified Kubernetes Security Specialist (CKS)

The Linux Foundation

SEPTEMBER 2021 - SEPTEMBER 2022

Microsoft Certified: Azure Security Engineer Associate

Microsoft

AUGUST 2021 - PRESENT

Certificate of Cloud Security Knowledge (CCSK)

CSA

FEBRUARY 2021 - FEBRUARY 2024

AWS Certified Security – Specialty

Amazon Web Services

JANUARY 2021 - JANUARY 2024

CKA: Certified Kubernetes Administrator

The Linux Foundation

JUNE 2020 - JUNE 2023

AWS Certified Solutions Architect Associate

AWS

DECEMBER 2018 - PRESENT

ITIL

Axelos

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring