Web version

Gurpreet Singh Bedi

Head of Security Operations / SOC Director

Gurugram, India • +91 90150 33820 • gurpreet.bedi@proton.me • linkedin.com/in/gurpreet-singh-bedi-ciso • github.com/gsbedi-sec

Portfolio: www.eliorexa.com/portfolio/cybersecurity-analyst-senior

Professional Summary

Security leader with 13 years building and running security operations across banking, fintech and global SaaS. Sets enterprise security strategy and architecture, leads a 22-person SOC and threat-intelligence org, and reports cyber risk to the board and audit committee. Drove ISO 27001 and SOC 2 certifications, slashed incident dwell time and breach exposure, and owns a multi-crore security budget with measurable risk-reduction outcomes.

Skills

Leadership & strategy: Security strategy & architecture, SOC leadership (22), Board & audit-committee reporting, Budget ownership (P&L), Vendor & MSSP management

Governance & risk: ISO 27001, SOC 2, NIST CSF, PCI-DSS, RBI / DPDP compliance, Enterprise risk management, Third-party risk

Detection & response: SIEM strategy (Splunk ES, Sentinel), Threat intelligence, Incident response & crisis management, Red/purple teaming, Threat hunting

Architecture: Zero Trust, Cloud security (AWS, Azure), Firewalls & segmentation, IAM/PAM, Vulnerability & penetration-testing programs

Core Competencies

security strategy · SOC leadership · SIEM · threat detection · incident response · vulnerability assessment · penetration testing · firewalls · ISO 27001 · SOC 2 · NIST CSF · risk management · Zero Trust

Work Experience

Head of Security Operations (Deputy CISO)Meridian Bank

Feb 2019Present

Gurugram

  • Lead a 22-person SOC, threat-intel and vulnerability-management org defending 45,000 endpoints and 60M+ daily events across retail and corporate banking.
  • Set the 3-year security strategy and architecture roadmap; cut mean time to respond 58% and reduced material-incident exposure to zero confirmed breaches over 4 years.
  • Own a ₹14 crore annual security budget; consolidated 9 tools into a unified SIEM/SOAR/EDR stack, saving ₹2.6 crore/year while improving coverage.
  • Led the enterprise ISO 27001 and SOC 2 Type II certifications and quarterly RBI cyber-resilience reporting, clearing audits with zero major non-conformities.
  • Report quarterly cyber risk to the board and audit committee; built the KRI dashboard that frames risk in business and financial terms.
  • Established a purple-team and penetration-testing program that found and remediated 5 critical attack paths before exploitation.

SOC Manager / Lead Security AnalystPolaris Payments

May 2015Jan 2019

Mumbai

  • Built a 24x7 SOC from the ground up — staffing, SIEM (Splunk) deployment and playbooks — achieving PCI-DSS Level 1 compliance for a payments platform handling ₹40,000 crore/year.
  • Cut incident dwell time 64% by introducing tiered triage, threat hunting and automated containment.

Security Analyst → Senior AnalystEarlier roles — Wipro, TCS

20122015

India

  • Delivered vulnerability assessments, firewall hardening and incident response for enterprise clients; promoted twice for technical depth and client trust.

Education

B.Tech Information Technology

2012

Punjab Engineering College (PEC), Chandigarh

Certifications

  • CISSPISC2 (2018)
  • CISMISACA (2020)
  • ISO/IEC 27001 Lead AuditorPECB (2019)

Selected Achievements

  • Maintained zero confirmed material breaches across 4 years while defending 45,000 endpoints and 60M+ daily events.
  • Saved ₹2.6 crore/year by consolidating 9 security tools into a unified SIEM/SOAR/EDR platform.
  • Led enterprise ISO 27001 and SOC 2 Type II certifications with zero major non-conformities.
  • Speaker, Nullcon Goa 2024 — "Reporting cyber risk the board will actually act on."