Bharat Sarmalkar

Primary Role

• Deputy Tribe Lead for Authorization Services within the CSO: Identity and Access Management vertical.
• Oversees the Authorization Tribe's operations, which include budgeting, project roadmaps, application compliance, management reporting, hiring, vendor engagement/management.
• Driving large-scale and time-sensitive Projects to drive complicated technical integration roadmaps, and improve customer experience by developing new features and capabilities.
• Manage the bank's mission-critical identity and access management applications' vulnerability management lifecycle spanning infrastructure, applications (OSS), and the cloud.
• Reduce future vulnerability exposure by encouraging secure software development with a strong emphasis on SecDevOps, Secure Configuration, API security, and Attack Surface Reduction.

Major Achievements

• Achieved 1.65 million euros/year cost savings (2023-24) through vendor contract consolidation. Optimized vendor governance, operations, and software engineering for the tribe, leading to clear KPIs, deliverables, acceptance criteria, and penalties for on-time deliverables.
• Enhanced user satisfaction and achieved 4.3 Mn Euro cost savings over 3 years (2019-21) by consolidating privilege log review tools, leading to a 30% increase in operational efficiency and 60% cost saving, benefiting the business significantly.
• Led full-scale transformation of security operations center, utilizing existing resources. Enhanced efficiency and with zero costs.

Primary Role

• Grounds up Transformation of Cyber-Security Offshore delivery center with homegrown talent. Led a team of 190+ in India to deliver 24/7 remote cyber-security services, resulting in enhanced global customer satisfaction and increased service utilization
• Enhanced Information Security Metrics Program, resulting in a 20% increase in monitoring efficiency and strengthened security controls.
• Effectively managed budget for cybersecurity projects, delivering an 8% YOY cost reduction by creating new delivery models, optimized resource utilization, improving operational efficiency.
• Onboarded interns from top academies to develop India's Cyber-Security practice. Elevated cross- domain technical capabilities, enabling a seamless relocation of worldwide customer workloads to India within a strict timeline, resulting in 100% customer satisfaction.

Additional Roles

• Global security experts: represent India in the Atos global security experts forum to track new security technology and products.
• Cyber-security solution architect: work on domestic RFPs.

1) IBM India Private Limited (Jan-10 - Jul-10)

• Assisted a large telecom client with SIEM implementation and SOC setup.
• In phase 1, we set up the SIEM solution and integrated infrastructure devices that make up the architecture.
• Phase two included personnel hire and training, use case creation, dashboard monitoring, and consequence management.

2) IBM Daksh Business Process Services Private Limited (Oct-07 - Jan-10)

• Oversaw and planned for ISO 27001 accreditation, ensuring robust information security governance and compliance. Aligned program with regional regulatory requirements and business strategy.
• Executed multiple proofs of concept on internet content filtering, vulnerability management, and endpoint security independently. Enhanced the information security program, implemented and administered enterprise infrastructure security solutions for regional offices, and ensured compliance with regulations, cyber hygiene standards, and organizational policies.
• Led the transformation of vulnerability management process, resulting in a 60% reduction in vulnerability exposure within one year. Coordinated with various stakeholders to deploy VM tool, define scope and policies, and track vulnerability closures. Improved overall security posture and minimized potential risks for the India franchise.