Anil Kumar Aggarwal
Senior Cybersecurity Leader | ISO 27001 Lead Auditor | 20+ Years of Defence & Enterprise Experience
Hisar, IN.About
Highly accomplished Cybersecurity Specialist with over 20 years of robust experience in defence and enterprise cyber operations, incident response, and threat intelligence. Proven leader in developing and implementing advanced security frameworks, compliance strategies, and audit automation solutions that enhance cyber resilience, reduce risk by up to 35%, and ensure business continuity for critical IT infrastructure supporting 10,000+ users. Adept at uniting diverse teams to mitigate advanced threats and align with ISO 27001 standards, driving significant improvements in security posture and operational efficiency.
Work
Hisar, Haryana, India
→
Summary
Directed comprehensive cybersecurity operations and strategic initiatives for IT infrastructure supporting over 10,000 users, ensuring stringent ISO 27001 compliance and alignment with enterprise risk appetite.
Highlights
Authored and implemented enterprise-wide IT Security & Cybersecurity Policy Frameworks, aligning defence standards with ISO 27001, enhancing overall security posture.
Established robust cybersecurity policies for access control, data governance, and cloud security, reducing policy deviations by 30% and strengthening regulatory alignment.
Led a team of analysts in delivering 20+ annual VA/PT assessments, integrating remediation into the enterprise risk register and presenting findings at board level for governance-driven decision-making.
Collaborated with senior leadership to design and implement advanced cyber resilience frameworks, reducing potential downtime risk by 35% and improving continuity for mission-critical operations.
Hisar, Haryana, India
→
Summary
Managed cybersecurity governance and compliance across 10+ defence and enterprise units, leveraging threat intelligence, incident response, and vendor management to fortify organizational security.
Highlights
Established cybersecurity governance across 10+ defence and enterprise units, embedding risk registers and compliance dashboards to enhance real-time executive decision-making.
Integrated cyber threat intelligence, including dark web and OSINT analysis, into compliance monitoring to proactively identify and mitigate potential threats to enterprise operations.
Partnered with cross-functional teams and 20+ vendors to integrate cybersecurity into IT projects, vendor due diligence, and third-party risk management programs.
Designed and deployed security awareness and phishing simulation campaigns for over 500 employees, improving secure behavior adoption rates by 40% and reducing insider-driven policy breaches.
Conducted root cause analysis for high-severity incidents, delivering technical reports and executive summaries with actionable mitigations.
Collaborated with SOC, IR, and Red Teams to simulate adversary campaigns, enhancing incident response readiness and detection coverage.
Hisar, Haryana, India
→
Summary
Implemented robust cybersecurity frameworks for mission-critical IT systems, aligning defence operations with enterprise security baselines and regulatory requirements while directing incident response.
Highlights
Implemented cybersecurity frameworks for mission-critical IT systems, aligning defence operations with enterprise security baselines and regulatory requirements.
Developed a comprehensive threat intelligence model with executive dashboards to highlight threat trends and improve compliance posture visibility for senior leadership and regulators.
Directed incident response governance for 25+ cyber incidents annually, ensuring swift containment, structured forensic documentation, and corrective action planning that reduced recurrence by 20%.
Hisar, Haryana, India
→
Summary
Executed comprehensive IT security audits and developed an in-house automation solution, significantly improving operational reliability and accelerating risk detection.
Highlights
Developed an in-house audit automation solution that boosted audit efficiency by 40% and accelerated risk detection, streamlining compliance processes.
Executed 40+ IT security audits annually across applications, networks, and endpoints, reducing audit non-conformities by 30% through proactive remediation plans.
Strengthened IT controls through the development of 20+ security policies covering access, patching, and configuration management, improving operational reliability by 25%.
Created an automated compliance monitoring solution that improved visibility into vulnerabilities, streamlined audit readiness, and accelerated remediation by 40%.
Hisar, Haryana, India
→
Summary
Provided cybersecurity oversight for IT service delivery platforms, conducted risk assessments, and remediated compliance gaps to uphold defence-grade security standards.
Highlights
Provided cybersecurity oversight for IT service delivery platforms, ensuring compliance with defence-grade security standards and regulatory requirements.
Assisted in 40+ risk assessments during technology transitions, safeguarding continuity and minimizing operational disruptions.
Monitored and validated technical controls against compliance baselines, enhancing accountability in defence cyber operations.
Partnered with IT and audit teams to remediate compliance gaps, reducing repeat audit findings by 25%.
Certificates
Skills
Cybersecurity Leadership & Strategy
Cybersecurity Leadership, Strategic Planning, Risk Management, IT Governance, ISO 27001, Business Continuity Planning (BCP), Disaster Recovery (DR), Policy Development, Team Leadership, Adaptability, Change Management, Time Management, Cross-functional Collaboration.
Cyber Operations & Defence
Threat Hunting, Cyber Threat Intelligence, Incident Response & Forensics, Network Security, Infrastructure Security, Firewalls, IDS/IPS, Fortinet, Vulnerability Assessment & Penetration Testing (VA/PT), SIEM (QRadar, Splunk), EDR Platforms, Security Operations Center (SOC), Red Teaming, Adversary Campaign Simulation.
Compliance & Audit
IT Risk Governance, Compliance Monitoring, Audit Automation, Risk Assessment, Regulatory Alignment, Third-Party Risk Management, Security Audits, Compliance Dashboards, Access Control, Data Governance, Cloud Security, Security Baselines.
Analytical & Problem Solving
Problem-Solving, Analytical Thinking, Quick Learning, Decision Making, Root Cause Analysis, Data Analysis.