Skip to content
+1-707-622-2555
POWERED BY PERSONA AI

Narendra Kumar Vishwakarma

Narendra Kumar Vishwakarma image

Narendra Kumar Vishwakarma

Narender Kumar Vishwakarma is a highly skilled and experienced Cloud & Application Security Architect with over 15 years of expertise in designing, implementing, and managing secure cloud and application infrastructures. Currently serving as a Senior Cloud/Application Security Architect at Fidelity International, Narender has demonstrated proficiency in various domains, including vulnerability management, secure software development lifecycle (SSDLC), web application firewalls (WAF), threat modeling, risk analysis, and identity & access management (IAM). Throughout his career, Narender has held significant roles such as Cloud & Application Security Architect Lead at Axtria, Enterprise Architect at PricewaterhouseCoopers LLP, Cyber Security Architect at Cognizant Technologies Solutions, Security Designer at British Telecom, and Security Consultant at Ricoh and Tmen System. His responsibilities have ranged from consulting on application security architecture and performing security testing to leading compliance projects and developing remediation strategies for current threats.

Play My Introduction

Professional Skillsets

  • Cloud Security Expertise:

    • Proficient in AWS, Azure, and Google Cloud Platform (GCP) security.
    • Experienced in Identity Federation, Cloud IAM Integration, and Identity Governance & Compliance (e.g., SOX, GDPR, PCI DSS).
    • Skilled in architecting cloud security solutions for IAM, encryption, and key management using AWS KMS or Azure Key Vault.

  • Application Security:

    • Expertise in Vulnerability Management (SAST, DAST, MAST) and Secure Software Development Lifecycle (SSDLC).
    • Proficient in Web Application Firewalls (WAF) and Threat Modeling/Risk Analysis based on OWASP and NIST principles.
    • Experienced in Secure API Management, Microservices Security, and designing security policies for containerized applications using tools like Docker Bench.

  • Identity & Access Management (IAM):

    • Skilled in Privileged Access Management (PAM) using tools like CyberArk and BeyondTrust.
    • Expertise in Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), and Identity Federation & Single Sign-On (SSO).
    • Knowledgeable in Directory Services such as Active Directory and Azure AD.

  • Security Architecture & Design:

    • Extensive experience in developing and reviewing application security architectures based on NIST SP 800-53 and OWASP standards.
    • Capable of conducting security assessments, code reviews, and risk evaluations to identify and mitigate vulnerabilities.
    • Strong background in aligning business initiatives with Enterprise Architecture and ensuring compliance with security standards.

  • Compliance & Risk Management:

    • Well-versed in Governance, Risk & Compliance (GRC) frameworks including TOGAF, CobiT, ISO2700, GDPR, SOX, and PCI DSS.
    • Proven track record in leading compliance projects, reducing assessment scope, and implementing remediation strategies for current threats.

  • Network & Web Application Security:

    • Experienced in configuring and troubleshooting firewalls (Checkpoint, FortiGate, Cisco ASA, etc.), Web Application Firewalls (F5, Barracuda, Radware), and proxies.
    • Proficient in network scanning and analysis tools such as Wireshark, Nmap, Metasploit, and OpenVAS.

  • Incident Response & Disaster Recovery:

    • Skilled in developing incident response and disaster recovery plans for cloud environments.
    • Capable of integrating PAM with cloud security tools for multi-cloud protection and enhancing incident response processes.

  • DevSecOps & CI/CD Pipeline Security:

    • Proficient in applying CI/CD security practices within the development pipeline.
    • Experienced in container security practices like image scanning and integrating security into DevSecOps processes.

  • Technical Skills & Tools:

    • Hands-on experience with a variety of security tools including ZAP, Burp Suite, Nessus, Kali Linux, and SIEM solutions.
    • Skilled in database querying languages (MySQL, NoSQL/DynamoDB), Windows Shell scripting, and various operating systems (Windows, Unix/Linux, VMware).

  • Soft Skills & Leadership:

    • Demonstrated ability to lead teams and collaborate with cross-functional groups to implement security strategies and policies.
    • Strong communication skills for ongoing publicity and communication of Enterprise Architecture within information communities and business units.
    • Adept at conducting training and awareness programs on application security and emerging security trends.

Career Accomplishments

  • Cloud & Application Security Leadership

    • Successfully designed and implemented secure cloud architectures (AWS, Azure, GCP) for large-scale enterprise environments at Fidelity International , ensuring compliance with global standards like GDPR, PCI DSS, and SOX.
    • Led the integration of Privileged Access Management (PAM) solutions using tools like CyberArk and BeyondTrust , reducing privileged access risks by implementing robust session management and monitoring controls.
     

  • Vulnerability Management & Remediation

    • Conducted comprehensive vulnerability assessments and remediation efforts based on OWASP , WASC , CWE , and CVE frameworks, significantly reducing application vulnerabilities during his tenure at Axtria .
    • Developed and executed mitigation strategies for critical security gaps identified through SAST, DAST, and container security scans, ensuring alignment with NIST SP 800-53 and OWASP ASVS standards.

  • Enterprise Architecture Development

    • Played a pivotal role in defining and maintaining the Enterprise Architecture at PricewaterhouseCoopers LLP , aligning business initiatives with IT architecture models to enhance operational efficiency and security.
    • Established and maintained cross-functional collaboration between business units and IT teams to ensure seamless adoption of architectural frameworks like TOGAF and CobiT .

  • Compliance & Risk Management Excellence

    • Led PCI DSS compliance projects at Cognizant Technologies Solutions , reducing the scope of assessments and implementing robust security controls for Payment Card Industry compliance.
    • Designed and enforced Identity Governance & Compliance frameworks for cloud environments, ensuring adherence to regulatory standards such as GDPR , SOX , and FedRAMP .

  • Security Architecture Design & Implementation

    • Architected advanced security solutions for PKI , MFA , and Web Application Firewalls (WAF) at Cognizant , enhancing protection against sophisticated cyber threats.
    • Designed and implemented secure API management and microservices security policies, ensuring robust authentication and communication mechanisms for cloud-native applications.

  • Incident Response & Disaster Recovery

    • Developed and executed Incident Response Plans and Disaster Recovery Strategies for cloud environments, minimizing downtime and ensuring business continuity during security incidents.
    • Integrated PAM with cloud security tools to enhance incident response processes and protect multi-cloud environments from unauthorized access.

  • Technical Expertise & Tool Mastery

    • Leveraged advanced security tools like Wireshark , Nmap , Burp Suite , ZAP , and Kali Linux to perform network and web application vulnerability assessments, ensuring proactive threat detection and mitigation.
    • Configured and managed firewalls, proxies, and load balancers (e.g., F5 , Riverbed , Citrix NetScaler ) to optimize performance while maintaining high security standards.

  • Training & Awareness Programs

    • Conducted training sessions on Application Security , DevSecOps , and CI/CD Pipeline Security , fostering a culture of security awareness and best practices among development and operations teams.
    • Delivered workshops on emerging security trends, including cloud security , container security , and threat modeling , empowering teams to address modern cyber risks effectively.

  • Data Center Migration & Cloud Hosting Solutions

    • Successfully led data center migrations to cloud platforms like VMware , Microsoft Azure , and Amazon AWS , ensuring minimal disruption and enhanced security for critical business operations.
    • Designed and implemented shared and private cloud hosting solutions, optimizing resource utilization and cost efficiency while maintaining compliance with security standards.

  • Global Security Consulting & Threat Mitigation

    • Provided expert security consulting services to global clients at British Telecom , Ricoh , and Tmen System , developing tailored strategies to mitigate risks from advanced persistent threats (APTs) and malware attacks.
    • Created System Security Plans (SSP) for organizations, establishing frameworks for threat mitigation, risk assessment, and continuous security monitoring.

  • Automation & DevSecOps Integration

    • Implemented CI/CD pipeline security practices and automated security testing tools to integrate security into the software development lifecycle (SDLC), reducing vulnerabilities in production environments.
    • Championed the use of container security tools like Docker Bench for continuous monitoring and image scanning, ensuring secure deployment of containerized applications.

  • Recognition & Certifications

    • Earned prestigious certifications such as Certified Information Security Manager (CISM) , AWS Certified Security – Specialty , and Check Point Certified Security Expert (CCSE) , showcasing his commitment to professional excellence.
    • Recognized for his leadership in security architecture and risk management, contributing to the successful delivery of high-impact projects across multiple organizations.

  • Strategic Contributions to Business Growth

    • Collaborated with senior management to develop strategic security roadmaps that aligned with business goals, driving innovation while safeguarding critical assets.
    • Played a key role in mergers, acquisitions, and transitions, conducting security assessments and designing architectures to ensure seamless integration and compliance.

Certifications & Courses

  • Certified Information Security Manager (CISM)
  • AWS Certified Security – Specialty
  • AWS Certified Solutions Architect – Associate
  • Check Point Certified Security Expert (CCSE) R75.40
  • Check Point Certified Security Administrator (CCSA) R75.40
  • Zscaler Certified Cloud Administrator
  • Code Bashing Application Security
  • GIAC Cloud Security Certifications
  • SEC522: Application Security: Securing Web Apps, APIs, and Microservices

Ready to get started?

We value your inquiries and are here to help. Please fill out the form below or contact us directly for any questions or assistance you may need. We look forward to hearing from you soon!

Bright Tier Solutions Spoc
Name: Raissa Garcia