User:Vishal Asthana

Information Security began emerging as a formal field of study by the time I had already completed MSEE (USC) and joined corporate US. After a few years (mid-2002), got to work on data and network security and policy-making aspects. Loved it! After moving back to India in early-2006, have been offered roles that have helped sharpen my existing Information Security skills and learn and develop new ones esp. application/software security, auditing/compliance and business continuity.

I currently co-lead the Delhi chapters of two major security communities, OWASP (effective June 2014) and Null (effective March 2014).

Have worked with firms of all sizes. Symantec, Cisco and Wipro were the large enterprises. Ford Graphics and iPolicy Networks were the mid-sized ones. Current employer (Security Compass) is an established Canadian start-up and am leading their India operations. Have experienced both environments - product development as well as consulting/services and a variety of industries - IT, ITes (IT-enabled services) and A/E/C (Architectural/Engineering/Construction).

At a technical level, this has helped develop the following skills: • Accounting for both technical and non-technical factors to arrive at the correct risk posture. • Implementation of secure SDLC programs and Agile security. • Presenting research/work at international and national conferences. • Leading virtual/remote teams across geographies (India, US, Europe and now Canada). • Publishing a whitepaper, magazine articles and blogs on specific aspects.

From a soft skills perspective, the roles have helped me develop the following: • Knack for identifying research-related collaboration avenues. • The skill of effective business case development. • The art of interviewing. • The craft of mentoring.

Excited about the future of InfoSec and the possibility to remain a part at an always increasing level of leadership!