Ketan Chaudhari
Details
Concentration : Leadership, Strategy, Finance, Creativity & Innovation, Data Analytics
Rice Business - Jones Graduate School of Business
B.S. (with Honors)
Information Systems
University of San Francisco
Engineering Diploma in Electronics and Radio Engineering
St. Xavier's Technical Institute
● Identity : Protected privileged account activity and identities and prevented exploitation via attacks.
● Provides security architecture, guardrails, and risk management guidance to product managers, owners, and DevOps Scrum teams for network, cloud, high-performance (seismic) computing, and workforce enablement. Provides risk management and cybersecurity direction to Chevron businesses worldwide.
● Collaborates with leadership C-Suite on key projects, exemplified by working with multiple platform teams and application owners to architect 2-pronged ransomware protection and resiliency solution.
● Advocated and architected Zero Trust to secure cloud applications and micro-segmentation to secure tier-1 workloads.
● Delivered security architecture for modern Internet-based user workstations including network segmentation, cloud-based endpoint security, device security, CASB, Endpoint Privilege Management (EPM) for least privileges from ideation to production.
2021 : Present
Chevron
Cybersecurity Engineering & Innovation Architect
● Cloud Security Strategy : Worked with Cloud Platform Team to develop cloud security architecture and roadmap, including control plane, workloads, and privileged identity security.
● Internet and Cloud First : ION – Built private Security Service Edge (SASE) infrastructure for hyper-connectivity to Azure, AWS, Google, and enterprise SaaS and internet / telco providers. Modern Desktop – Built security design for Intune-managed internet hosted desktop in synergy with cloud-first strategy, resulting in high-performance secure access to cloud applications with minimal OpEx. VDI – Developed management zone VDI for privileged account activity.
● Directed 6 cybersecurity DevOps teams for security automation, cloud security, firewall engineering, network security, endpoint security, and LCM services for Chevron’s business units worldwide.
● Created 3–5-year cybersecurity strategy – delivered Secure-by-Design segmentation and Zero Trust architecture. Reshaped execution model by integrating into other epics and simplified scope with risk-based approach.
● Solved performance and reliability issues for internet, cloud, and MSO 365 by simplifying security stack and rationalizing 6 disparate appliances into single platform. Resolved bottleneck issue by implementing internet-first strategy.
2019 : 2020
Chevron
Principal System Architect, Information Risk Strategy Management Group
● Restructured security organization along Scaled Agile Framework for Enterprise (SAFe).
● Managed cybersecurity investment portfolio and lifecycle. Led numerous enterprise projects, including Azure IaaS / PaaS cloud cybersecurity, security rationalization, and DDoS, global FW migration.
● Collaborated with multiple platform lines to co-deliver architecture for security stack simplification, rationalization, and automation. Developed automation ambition statement and roadmap and co-architected CI / CD pipeline.
● Facilitated major capital projects (MCP) in Australia and Kazakhstan; both required sharing of Chevron’s IT assets while company’s intellectual property remained fully secure via innovations to NAC, firewall, and identity integration.
2014 : 2018
Chevron
Security Architect, Information Risk Strategy Management Group
● Led and managed $40M next-generation firewall project and network access control (NAC).
2007 : 2014
Chevron
Security Project Lead, Security Design & Consulting Group Jun/2007 – Sep/2014
● Built Chevron’s global foundational security infrastructure : extranet, IPS, SIEM, VPN, AAA backbone, CMDB, PCN security and critical security capabilities : standards and controls, NST security templates for compliance, and risk assessment framework.
2002 : 2007
Chevron
Network Security Engineer, Network Security Team (NST) Jun/2002 – May/2007
Skills
3rd Party and Business Partner Connectivity, 802.1X and NAC, Architecture, Automating Compliance for Network and Security Devices, Cloud Security, Data Center, Disaster Recovery, DMVPN, Enterprise Architecture, Enterprise Security Policy, Firewalls, Global Network Security Infrastructure, Global TACACS+ and RADIUS Backbone, Identity-Based Firewalls, Identity Federation, IDM, Information Security, Information Security Management, Internet Protocol Suite (TCP/IP), Intrusion Prevention Systems (IPS), IPv6, ITIL, IT Strategy, Mobility, Network Architecture, Network Security, Network Security Solutions for Drill Ships, Fixed/Floating platforms, Pipelines, PCI DSS, Penetration Testing, Project Management, Reference Architecture, Risk Assessment, Risk Management, SCADA / PCN Security, SCEP and PKI certificates for network and security equipment, Securing Virtualized Data Centers, Security, Security Information and Event Management (SIEM), Security Roadmap and Strategy, Solution Architecture, SSL VPN, Standards and Technical Controls, TCP/IP, Vendor Roadmap Alignment, Video Conferencing with External Participants, Virtual Private Network (VPN), VPN, Vulnerability Assessment, Wireless Sensor Mesh Networks
About
As a founding member of Chevron’s Cybersecurity Team, I provide security leadership and guidance for 12 digital platforms and architects. This includes an Instrumental role in providing cybersecurity architecture and pivotal solutions that enable the execution of a cloud-first and Internet-first strategy. I've architected and provided leadership to build Chevron's global security infrastructure, including 4 generations of Chevron’s extranet. I consider myself a cybersecurity evangelist and deliver capabilities to protect my current employer's IT assets, cloud, and network that spans 187 countries.
The long-term, productive relationships I've developed with strategic partners include Microsoft, Cisco, and Palo Alto Networks. I'm known as the ‘go-to’ person for aligning inter-team efforts, solving complex problems, and clearly articulating vision, strategy, and goals.
LEADERSHIP EXPERIENCE & EXPERTISE:
► Team Leadership
► Recruiting
► Talent Development
► Cross-Functional Teams
► Cybersecurity Evangelism
► Lean-Agile Leadership
► Positive Disruptive Change
► JVs, M&A, Divestitures
► Vendor Management
CYBERSECURITY EXPERTISE & EXPERIENCE:
► Cybersecurity-by-Design:
⇨ Leadership | Vision | Strategy | Guardrails | Cyber Resilience & Recovery | Capability Roadmaps
⇨ Program Increment (PI) Objectives Planning and Prioritization | Program & Portfolio Management
⇨ Global Infrastructure Deployment | Product Management | Risk Management & Assessment
⇨ Security Policy | Audit Engagement & IP Compliance | ALCM | Vulnerability Management
► Architecture & Infrastructure:
⇨ Zero Trust | Segmentation | Identity Analytics | Privileged Account Security
⇨ Internet Optimized Network (ION) / SASE | Internet-based User Workstation
⇨ Threat Monitoring and Mitigation
► Specific Protections:
⇨ Supply Chain| Ransomware | Targeted Malware | Nation-State Attacks | Corporate Espionage
⇨ Insider Risk | Data Leakage & Exfiltration | Security Automation
⇨ Cloud, Network, Mobility, and IIoT Security | Disaster Recovery
Profile Photo
