Open to CISO & Advisory Roles

Security Executive · CISO · Advisor

Joshna
Yarlagadda

Head of Security, IT & DevOps

Enterprise Security & Technology Executive with 15+ years leading Information Security, IT, and DevOps across Finance, Payments, Healthcare, Retail, and Analytics. Zero major audit findings across SOC 2 and PCI. Trusted advisor to executive leadership and boards — translating cyber risk into business impact.

CCISO CISM CEH AWS Security ISO 27001

Explore CISO & Advisory Roles View Experience

15+

Years in Security

50%+

Vuln Reduction

40%

MTTD/MTTR Gain

Zero

Major Audit Findings

Sectors

Industries Served

Security leadership across regulated and high-growth environments — building programs that meet the specific risk profile of each sector.

💳

Payments & Fintech

PCI DSS, SOC 2 Type II, payment platform security, M&A due diligence

🏦

Financial Services

Enterprise fintech, regulatory compliance, FFIEC-aligned controls

🏥

Healthcare

HIPAA compliance, patient data protection, clinical system security

🛒

Retail

Consumer data privacy, POS security, CCPA/CPRA compliance

📊

Analytics & SaaS

Cloud-native security, multi-tenant architecture, SOC 2 readiness

🔬

Semiconductor & Manufacturing

OT/ICS security, IP protection, supply chain risk management

🌐

Technology & Platforms

DevSecOps, product security, SDLC integration, cloud security

⚖️

Regulated Environments

GDPR, EU–US Data Privacy Framework, NIST CSF, multi-framework compliance

Core Competencies

Security Leadership Across the Stack

From boardroom risk conversations to hands-on cloud controls — leading security, IT, and DevOps as a unified function that protects revenue and enables growth.

🛡️

Security Program Leadership

Building enterprise security programs aligned to NIST CSF, ISO 27001, and CIS Controls. Risk governance, GRC frameworks, board-level KPI reporting, and security roadmap ownership — delivered with measurable maturity gains.

NIST CSFGRCRisk ManagementBoard Reporting

📋

Compliance & Audit Leadership

Zero major findings across SOC 2 Type II and PCI DSS programs. Deep practitioner across ISO 27001, NIST CSF, CCPA/CPRA, GDPR, and HIPAA — owning the full lifecycle from control design through external auditor management.

SOC 2 Type IIPCI DSSISO 27001GDPR / HIPAA

⚙️

Cloud Security & DevSecOps

Securing AWS and Azure environments with Zero Trust architecture, CIS-hardened systems, and SAST/DAST/SCA embedded into CI/CD. 45% reduction in cloud misconfigurations. IAM transformation via Okta and Azure AD.

AWS / AzureZero TrustSAST / DASTOkta / Azure AD

Career

Executive Track Record

15+ years of progressive security leadership across Finance, Payments, Healthcare, Retail, Semiconductor, Manufacturing, and Analytics — always owning more than just security.

2023 — Present

Chief Cybersecurity Architect / Head of IT, Security & DevOps

Optimized Payments

Full executive ownership of Security, IT Operations, and DevOps for a high-growth payment analytics platform. Achieved SOC 2 Type II with zero major findings. Improved security program maturity by 30% in 12 months. Reduced critical vulnerabilities by 50%+, cloud misconfigurations by 45%, and MTTD/MTTR by 40% via SIEM/EDR deployment. Led Zero Trust architecture using Zscaler and Okta/Azure AD, reducing orphaned accounts by 60%. Integrated SAST/DAST/SCA into CI/CD, cutting pre-production vulnerabilities by 35%. Currently supporting confidential M&A due diligence — security risk assessment, control evaluation, and integration planning.

2022 — 2023

Information Security Manager II

Fiserv

Led enterprise security strategy, roadmap, and compliance programs at one of the world's largest fintech firms. Built and scaled security teams, acted as principal security architect for enterprise initiatives, and led threat hunting and SIEM operations. Supported PCI DSS, SOC 2, and maturity assessments at scale.

2021 — 2022

Manager – IT Security

Fiserv · Alpharetta, GA

Led security engineering and operations initiatives across enterprise systems. Strengthened threat detection and response capabilities. Supported enterprise compliance, risk management, and M&A integration — including post-merger security integration of Ondot Systems, aligning IAM, compliance controls, and consolidating security tooling across merged environments.

2015 — 2021

Senior Manager – Information Security

Raise Networks / Ondot Systems · San Francisco Bay Area

Led enterprise security programs for fintech and payment platforms. Designed and implemented security architecture and controls from the ground up. Built SIEM and monitoring capabilities, improving detection coverage by 50%. Implemented IAM, DLP, and endpoint security. Led PCI DSS, SOC, and ISO compliance initiatives through multiple audit cycles.

2010 — 2014

Senior IT Security Specialist / Information Security Consultant

JenPro InfoTech · India

Implemented enterprise security controls, monitoring, and risk assessments. Conducted security audits and compliance support. Assisted in the implementation of enterprise security frameworks — building the foundational practitioner depth that underpins all subsequent leadership.

The CISO Case

Why I'm Ready for the Chair

Most security leaders own one dimension. I've been running three simultaneously — and delivering measurable outcomes in each.

Measurable Outcomes

Numbers That Matter to Boards

50%+ reduction in critical vulnerabilities. 40% improvement in MTTD/MTTR. 45% fewer cloud misconfigurations. Zero major audit findings across SOC 2 and PCI. These are the metrics boards care about — and I deliver them.

Breadth of Ownership

IT + Security + DevOps — Unified

Most CISO candidates own security in isolation. I own the full technology operating layer — infrastructure, pipelines, and security controls — which means I speak the language of every stakeholder and eliminate the silos that create risk.

Regulatory Depth

Built for Regulated Environments

Regulated industries demand more than checkboxes. With hands-on depth across SOC 2, PCI DSS, ISO 27001, NIST CSF, GDPR, CCPA, and HIPAA — and 8 active certifications — I bring the rigor complex environments require without slowing the business down.

M&A Experience

Security Through Transactions

M&A is where security programs get exposed. I've led security diligence, post-merger integration, and IAM consolidation at both Fiserv (Ondot acquisition) and in a current confidential transaction — providing boards with real risk visibility at the most critical moment.

Tools & Platforms

Tech Stack

Hands-on depth across the full security and infrastructure toolchain — from SIEM to DevSecOps pipelines.

Cloud & Infrastructure

AWSAzureAzure Key VaultTerraformAzure DevOpsZscaler

Identity & Access

OktaAzure ADZero TrustMFA / SSOPAMIAM

Security Operations

ELK StackLogRhythmSIEMEDRThreat HuntingSOAR

DevSecOps

SASTDASTSCACI/CD SecuritySDLCContainer Security

Endpoint & IT

MDM / UEMITSMDLPEndpoint SecurityVulnerability Mgmt

GRC & Compliance

NIST CSFCIS ControlsSOC 2PCI DSSISO 27001GDPR / HIPAA

Credentials

Certifications & Education

Eight active credentials spanning security leadership, audit, ethical hacking, cloud, and governance.

👑

CCISO

Certified Chief Information Security Officer · EC-Council

🛡️

CISM

Certified Information Security Manager · ISACA

🎯

CEH

Certified Ethical Hacker · EC-Council

☁️

AWS Security – Specialty

AWS Certified Security · Amazon Web Services

📜

ISO 27001 Lead Auditor

ISO/IEC 27001:2013 · Lead Auditor Certified

🔒

CompTIA Security+

Security+ · CompTIA

🌐

CCNA

Cisco Certified Network Associate · Cisco

📊

COBIT 5

COBIT 5 Foundation · ISACA

Education

Master of Science

Computer Science · San Francisco Bay University

Bachelor of Science

Computer Science · JNTUH

What I'm Pursuing

Open to CISO & Advisory Roles

Actively exploring Chief Information Security Officer roles, fractional CISO engagements, board-level security advisory positions, and strategic consulting. Fintech, payments, SaaS, and high-growth companies are a natural fit.

✉

joshnayarlagadda@gmail.com

🔗

linkedin.com/in/bhaskary066525135

📱

📍

Send a Message

Your Name