Madhav Diwan


CTO
INFRASTRUCTURE and CLOUD ARCHITECT
CYBER SECURITY EXPERT





madhav.diwan@gmail.com

 

 

 

 

 

 

 

Employment History

 

 

 

Oct 2019 – Present

BNP Paribas

Cyber Resilience Architect

New York City Metropolitan Area

 

Driving material improvements in the bank's cyber resiliency posture by providing highly technical cybersecurity input into existing risk management processes and deliverables pertinent cyber resiliency scenarios; and developing and evaluating cybersecurity resiliency proposals for technical completeness, correctness, and feasibility.

  • Represent Information Security in cyber resiliency and business continuity/disaster recovery working groups and projects.
  • Evaluate and help ensure the completeness and correctness of cyber related risk management and BC/DR deliverables, especially as they pertain to resiliency scenarios.
  • Coordinate with threat intelligence analysts to ensure the cyber resiliency components of risk management and BC/DR products and deliverables are and remain relevant given adversary TTPs and motivations.
  • Develop and formalize a cyber-resiliency framework to help drive efficient and effective decisions by senior management at the bank.

 

Dec 2018 – May 2019

Hudson Group

Enterprise Security Architect

East Rutherford, New Jersey

  • Designing, implementing and tuning the technology, tactics, techniques, and procedures of the SOC function for Hudson / Dufry – Division 5 in North America.
  • Providing Enterprise best practices fro IT delivery.
  • Understanding business processes to integrate Business needs into Enterprise IT and Security processes.
  • Managing various vendors that deliver solutions for the Security Operations function at Hudson; including SIEM, NGFW, Cyber Intelligence, and a Managed Security Service Provider (MSSP).
  • Providing guidance for Business Continuity efforts for the company including IT Disaster Recovery and Work Place Recovery initiatives.

 

04/2017 – 06/2018

EisnerAmper

Practice Director

Greater New York City Area

 

Director of the Cyber Security Consulting and Managed Security Services Practice at Eisner Amper LLP

  • Creating business plans, and practice's budget
  • Negotiated vendor and supplier contracts
  • Onboarding vendors to provide software and services to clients
  • Acting as Solution Architect for customers
  • Managing outsourced resources
  • Providing cybersecurity webinars, the marketing drive and conducting Technology Roadshows to promote the practice.

 

 

09/01/2014 – 10/1/2016

Atos IT Solutions and Services 

Director Cyber Security Solutions

Big Data and Security

New York City, USA

 

Europe‘s leading IT services outsourcing and hosting company

 

  • Designed the reference architecture for Atos North America’s dedicated backup network for the backup activities of all North American customers in their main Data Centers.  Used EMC Data Domain and Avamar systems as the basis for a backup solution, using knowledge of Cisco networking to design and implement a secure and expandable backup architecture separate from Management or customer facing networks.
  • Designed The Amazon Web Services (AWS) reference architecture for John Deere Inc. that is now used as basis for other AWS customer designs
  • Developed the DDOS solution for Xerox Inc. using an ISP agnostic approach to provide inline as well as Cloud based DDOS and DOS protection for Xerox as well as its customer CVS
  • Overall solution lead for the carve-out of Siemens Health Care from Siemens Inc. to Cerner Inc. Designed, developed, and managed the set up and delivery of a separate hosting environment in order to create standalone systems that enabled transition of Siemens Health Services to Cerner Health Care.
  • Responsible for the Design of Servers, workstation and email access, Virtualization farms , hosting environments, Voice systems , network systems , Remote Access and Authentication systems and overall deployment strategy, transition planning , and development of initial solutions.
  • Managed the Transition of Services  for Monsnato Inc to be hosted and services by Atos Global and north American teams
  • Managed Xerox Inc midrange systems transition
  • Managed Security Architect team for North American and Global bids, Security Service teams, and Security service delivery projects for Atos

 

09/01/2010–10/31/2013

Marco Polo Networks    

Head of Infrastructure, Senior Vice President

New York City, USA

           

Online equity trading network linking developed countries of the world with emerging markets

  • Served as the focus for all aspects systematic trading infrastructure for points of presence in over seven hub sites across the world
  • Set the Strategic Technical vision for the company
  • Oversaw 10 separate hosting and network providers from Brazil, Chile, Mexico, Singapore, India, Malaysia, London, Turkey, and the USA
  • Responsible for the Strategic Technical Operations of the Equities, and Futures trading applications across all of these Global Markets.
  • Responsible for the data centers and operations management in 6 co-location facilities in Latin America, Singapore, London, and New Jersey
  • Technical Subject Matter Expert  in Linux, Microsoft Products, Vmware Vsphere Products, and Cisco LAN and WAN Networking and Engineering
  • Lead Technical Audit support and Manager of Audit and Compliance activities and reporting for global customers in South America, EMEA and AsiaPAC, Responsible for SEC and FINRA  compliance, responsible for SOX compliance in the USA.

 

05/01/2009–08/01/2014

Diwan Enterprise Consulting      

IT Management Consultant

New York and Washington DC, USA

 

            Owner and chief technologist for enterprise computing consultancy specializing in high security and high reliability infrastructure and in management consulting and project leadership for Fortune 500 Companies.

Clients in 2013 include US Navy Subcontractors and Oil refining companies,  Clients in 2009 and 2010 included Primary Insight, Savvis Communications, Bank of America, and Citigroup,

 

  • Responsible for Evaluation and Strategic vision for IT infrastructure technologies and staffing for multiple customers in Washington DC and Texas. This includes evaluation and implementation of cloud and mobile strategies as well as managed hosting management.
  • Managed multisite IT Audit for Citibank's personal finance endeavor: Bundle.com
  • Conducted IT product  trend analyses for hedge fund managers ( Oct 2009 - Oct 2010) 
  • Designed access networks to Department of Defense sites using DOD standards.
  • Supported backend internal cloud project for Bank of America at Savvis Inc. ( Jan through Feb 2010 )

 

 

12/01/2005–10/31/2009

American Stock Exchange 

Director of Exchange Technology Engineering      

New York City, USA

 

            A leading U.S. stock exchange that handles trades in stocks, options, exchange-traded funds, corporate bonds and other investment vehicles

 

As the Head of Engineering and Architecture Mr Diwan was responsible for leading team's comprised of  Unix/Linux and Windows Systems Mangers, Systems and Network Architects , Network , Security, and Systems Administrators , Oracle and Sybase DBAs , Software Development Managers, Project Managers, and  Quality Assurance Managers, to build, test, deploy,  and maintain over 300 applications  and 1000 systems, 5 data centers, and 2 operations control centers.

 

Responsibilities and accomplishments

  • Managed the Infrastructure and  Regulatory Data Integration of Amex and NYSE upon completion of Amex Acquisition by NYSE
  • Migrated and updated three Data Warehouses to three RedHat RHEL5 based Oracle RAC clusters and HP EVA SANS.
  • Migrated hardware  from a legacy data center onto new Red Hat RHEL4 and RHEL5 based Linux commodity platforms in new data centers, improving efficiency, and uptime
  • Built and maintained Seven separate VMWARE ESX based Enterprise based Quality Assurance and Development environments , each capable of simulating  the  entire Exchange Trading System at Amex
  • On-boarded  new AEMI equities trading application and ten other trading support applications for new Equities Trading Plant in two data centers.
  • On-boarded newly redesigned Options trade plant ( ANTE ) and options support applications onto new Linux based high frequency and high reliability platform.
  • Directed the Engineering, Development, Quality Management, Corporate Desktop, and Operations Departments in the day to day operations , procedures, and practices of their departments and in the support of the company's business. Established with the department heads what their procedures and practices were to be  and was directly responsible for each of these departments and their activities when needed.
  • Developed the policies and procedures used through out the enterprise, helped to rewrite the information security policies for the company
  • Wrote and managed the audit practices for the applications , and infrastructure sites for the company.
  • Implemented provisioning and release  management practices for production and development trading systems using RedHat Satellite Server and in house developed tools.
  • Designed and implemented in house developed MultiRemoteTools (see mrtools at www.sourceforge.net) patch management system to handle patching of custom applications on large numbers of systems within extremely short time ranges.
  • Implemented cost reductions to save over $10 million in software and hardware costs in the first year, while simultaneously exceeding customer expectations
  • Established and tested a business continuity plan and ensured that the application, network, and server  infrastructures and their personnel were prepared for disaster recovery
  • Developed and deployed plans to scale the capacity, applications, hardware, and software for the RHAS 4 based  High Availability/Low Latency Amex Ticker Plant and Options & Equities Trading Engines
  • Implemented best practices for the firm’s infrastructure and security systems as determined by internal and third party audit teams and business colleagues
  • Formed the system architecture and rolled out the new Equities and ETF platform called the Amex Auction and Electronic Market Integration platform (AEMI)
  • Redesigned the ANTE options trading platform from HPUX and Solaris to RedHat Linux RHAS 4
  • Designed and On-boarded RHAS 4 LAMP based Issue Ticketing System and RHEL5 LAMP based Customer Portals
  • Directed the design and implementation of the Hyperfeed Ticker Plant,  a Windows 2003 based high volume options quote tick system.
  •  Created a robust and scalable monitoring infrastructure to ensure proactive monitoring of business-critical hardware and software
  •  On-boarded Prelude Event monitoring, Snort IDS,and HP Openview Application Monitoring systems for Production and Development Systems and network monitoring of RHAS4 + RHEL5 and Solaris bases Systems and Cisco and Foundry based networks.
  •   Built and maintained the firm’s trading systems in collaboration with the application development and market data groups
  • Coordinated with the network engineering group to maintain the communications infrastructure and to plan structures to meet application needs in a low latency, high volume, 24x7 environment
  • Directed the design of and developed monitoring systems for CISCO and Foundry based Network Information System.
  •  Designed , directed, and managed the roll out of Amex Data Warehouses for Regulatory Compliance.
  •  Responsible for Performance and Transactional Data Analytics.

 

 

2/01/2001 – 12/01/2005

Frontgate Systems LLC
Director of Design

New York, USA


Leading provider of network security technologies and services supporting financial services industry.

Managed department operations and services supporting design and delivery of network security technologies. Oversaw hardware and software designs of firewall, proxy, authentication, and network systems/services. Led up to five-member team of systems and network engineers. Oversaw software architecture, design, and maintenance of Linux-based software solutions supporting market data, treasury, CRM, and HR security systems. Identified and resolved network security system issues for clients within financial services industry. Implemented world’s first “reverse proxy” application, leading the way to first SSL based VPN solution.

 

Selected Achievements

  • $3 million in revenue growth generated as result of designing and deploying LAMP-based secure web infrastructure for client HR system, securing Best of Breed Award and future multi-billion dollar contract to implement real-time treasury system.
  • Oversaw systems engineering team to roll-out dedicated monitoring systems stations to receive, consolidate, and manage alerts across seven sites for client bank, obtaining $2 million in annual sales production.
  •  $300,000 in consultant costs saved by planning and coordinating team resources to launch new treasury system for large insurance company—completing project in 50% less time and within budget constraints.
  • More than 93% system compliance requirements met by leading team of system engineers to assist client organization in developing and implementing best practices/standards as part of completing in-depth IT audit.

 

 

02/01/2000–01/31/2001

Lufthansa Systems North America           

Product Manager, Network, Internet Systems, Email & Security

New York, USA

 

The information technology branch of Lufthansa’s North American operations

 

As the Product Manager for Network, Internet Systems, Email & Security Mr. Diwan was responsible for implementing, maintaining, and troubleshooting email systems, network security, and WAN/LAN connectivity

 

  • Resolved major network outages with minimal impact for the company by collaborating with North American and European teams as well as groups from AT&T and Nortel
  • Managed the I LOVE YOU BUG VB script outbreak that took out most Microsoft-based systems worldwide , brought the firm’s infrastructure back up in one day
  • Developed, implemented, and maintained Windows NT-based SAP server
  • Created and instituted complete Internet, Intranet and Extranet solutions for Lufthansa Systems USA’s third party clients.
  • Audited Lufthansa systems Email and File Storage operations.
  • Monitored the security and network connections between the North American and German offices
  • Managed telecommunications systems.
  • Managed Novel NDS systems and personnel for North and South America.


Community Involvement

 

06/01/1996–Present     Open Source Communities        USA

  • Created/Contributed to major Open Source projects for real time large compute farm administration (Please see the MRTools project at www.sourceforge.net)
  • Debugging of software/inventory provisioning (OCS inventory)
  • Code contributions toticketing systems (OTRS),
  • Code contributions to monitoring systems (Prelude / Nagios / Openview)
  • Developed the first Transparent Reverse SSL based proxy software (SQUID)