Jordans, England, United Kingdom
Global Cyber Security Director for Security Incident Response reporting directly to the CISO. Giri is an experienced program manager responsible for: (1) Enterprise Cyber Visibility, (2) Global Security Incident Response, (3) Intrusions Analysis and Attack Analysis, (4) Cyber Threat Intelligence, (5) Red & Purple Team Attack testing, (6) IR related Engineering and Development work, (7) Security DevOps for IR tools, (8) E-discovery to support Legal cases, (9) Forensics & Investigations to support HR/Ethics/Legal cases.
Experienced cyber security leader at Electronic Arts (EA), a Fortune 500 company, with a track record of building and leading world class cyber security teams and programs to help deliver critically acclaimed interactive entertainment products such as FIFA series, Battlefield series, Apex Legends, Sims, The Need for Speed series, Star Wars titles and many more. Giri is responsible for providing overall leadership, strategy, program management/delivery and stakeholder management (internal and 3rd parties) for all security engagements and security incidents. Demonstrated knowledge of security monitoring, incident response, threat intelligence and hunting, cloud security, security architecture, identity and access management, threat modelling, vulnerability management, SDLC, network security, endpoint security, SIEM, OS concepts and much more. His current cyber security remit is across security monitoring/IR, digital forensics investigations, Insider Threat Investigations, and eDiscovery services across EA. For several years managed the Red Team (until 2019), Physical Security team (until 2016), Security Engineering team (until 2019) and Security Awareness teams (until 2016) before these were reorganised into larger and separate teams. Giri is an expert in security risk management. He has successfully completed many engagements against a wide range of industry sectors – this work includes establishing information security frameworks, security strategies, policies, procedures, and standards and conducting risk assessments. He has helped many customers to align their business against security baselines such as NIST, ISO27001, CIS, PCI DSS, SOX, and UK government good practice guidance. In his role as a security leader at EA, Giri was one of the founders of the Game Security Group (GSG). Giri served as chairman of the group from 2018-2021 and was on the governing council from 2016 until 2021. The GSG includes 22 of the world’s largest video game companies.
Global Corporate Cyber Security Director reporting directly to the CISO. Giri is responsible for Global Security Incident Response, Intrusions Analysis, Cyber Threat Intelligence, E-discovery to support Legal cases, Forensics & Investigations to support HR/Ethics/Legal cases and Security Awareness & Education and Physical Security of EA facilities and personnel.
Transformation: Successfully created a new world class fusion centre, combining SOC and cyber intelligence together to defend the Corporation’s interests in the UK and support partners and customers. Giri formed a highly skilled work force able to undertake attack analysis, intelligence fusion and insider threat investigations. Security risk management leader: Risk management support for large programmes. Assessed and designed secure architectures, in-depth technical risk assessments, information security frameworks and implemented incremental risk treatment plans to address gaps. This work was aligned to ISO27001, NIST, HMG Security Policy Framework (SPF), PCI DSS, and CESG good practice guidance. Giri successfully led and delivered many engagements for clients in these areas. Building and leading new Teams: Creation of a new UK SOC fusion centre (Security Intelligence Centre) and UK team whose mission is threat and intelligence-based computer network defence. This facility needed to work closely with the 2 US SICs and Australia. Customer security transformation: Leveraging the new team and facility, Giri successfully delivered security transformation and consultancy programs for a variety of customers – notable callouts include the program to establish intelligence-driven security monitoring and response for GSK (multiple sites), The Ministry of Defence (MOD Corsham) and CPNI (now NCSC). Stakeholder Management: Supported Centre for the Protection of National Infrastructure and Cabinet office with attack analysis and intelligence fusion services to protect wider UK critical national infrastructure. Embedded in an early government/industry information sharing group (Project Auburn which became CISP) on attacks across different sectors. maintained strong relationships with stakeholders in commercial organisations, Cabinet Office, CPNI, GCHQ, Law Enforcement, and wider Government.
Risk management Security strategies Security framework implementation Security audits Data Leak reviews Gap assessments Staff management IAM reviews SDLC Pen testing Vuln Management