Mahesh Gopalakrishnan cybersecurity
The contemporary landscape of cybersecurity operations demands practitioners who can navigate the complex intersection of advanced threat detection, regulatory compliance, and organizational transformation. As digital infrastructure becomes increasingly critical to economic activity and public welfare, the individuals responsible for designing and operating Security Operations Centers (SOCs) must possess not only technical mastery but also strategic vision, cross-sector experience, and the capacity to translate security imperatives into sustainable organizational capabilities. This specialized expertise, developed through years of hands-on implementation across diverse regulated industries, represents a rare combination of skills essential to protecting the digital systems upon which modern society depends.
Over the course of his career, Mahesh has contributed to strengthening cybersecurity capabilities across critical sectors including financial services, healthcare, and global enterprises. His work has supported the protection of sensitive data, enhanced threat detection capabilities, and improved incident response effectiveness in environments where cybersecurity is essential to operational continuity and regulatory compliance. His experience in modern Security Operations Centers, including detection engineering and advanced analytics, reflects the evolving needs of cybersecurity in the United States and globally.
Mahesh Puthenpurackal Gopalakrishnan's professional journey exemplifies how rigorous technical education, combined with progressive responsibility across critical sectors, cultivates the deep expertise required for cybersecurity leadership at scale. His academic foundation began with a Diploma in Electronics Engineering from Government Polytechnic College earned between 2000 and 2003, followed by a Bachelor of Technology Degree in Electronics and Communication Engineering from Mahatma Gandhi University completed between 2004 and 2007. This grounding in systems engineering provided the technical framework that would support his later transition into enterprise security architecture and operations.
Early career experience in software engineering proved formative in developing security intuition grounded in practical system design. At Tata Elxsi, where Mahesh worked as a Design and Development Engineer from August 2007 through August 2009, and subsequently as Senior Engineer through February 2010, he designed middleware components for set-top boxes using Core Java on Linux platforms, preparing high-level and low-level designs for MHP and OCAP architectures. This experience with embedded systems and middleware development built foundational understanding of security considerations at the systems level, knowledge that would later inform his approach to enterprise security architecture.
The shift into banking technology and cybersecurity began at Syndicate Bank (currently Canara Bank) in March 2010, where Mahesh initially focused on developing enterprise web applications using ASP.NET and C# while administering Oracle databases and implementing secure coding practices aligned with OWASP principles. Between March 2010 and June 2014, serving as Assistant Manager, he developed and implemented more than twenty web applications supporting banking operations, managed endpoint security and patch management solutions, and supported information systems audit observations. This combination of development expertise and security operations established a technical perspective that bridges application security and infrastructure protection.
Advancement to Manager of IT Security in June 2014 marked the beginning of comprehensive security architecture responsibilities that would span four years at Syndicate Bank through May 2018. During this period, Mahesh architected, designed, and implemented security solutions including firewalls, DDoS mitigation, patch management, advanced persistent threat defenses, Security Incident and Event Management (SIEM) platforms, privileged identity management, and vulnerability assessment systems. He authored information security policies and procedures, prepared requests for proposals for security project procurements, evaluated fifteen plus security products from different service providers, and aligned the bank's security posture with both Reserve Bank of India (RBI) Cyber Security Examination requirements and ISO 27001:2013 standards. This work, which included designing security infrastructure for banking technology projects and reporting to the Chief Information Security Officer, culminated in recognition through the SKOCH Cyber Security Award for initiatives that strengthened protection of critical financial infrastructure.
Promotion to Senior Manager of Cybersecurity in May 2018 brought expanded responsibilities including assessment of security gaps, submission of security posture reports and incident details to the Information Security Management Committee, and approval authority for change management in security solutions. Between December 2018 and October 2019, his role as Lead Consultant for Cyber Security and Risk Services at Wipro Limited provided international perspective through managed security services delivery for a major UK-based client, encompassing infrastructure security, data security, vulnerability management, and security operations aligned with ISO 27001:2013 and Lean methodologies.
Returning to banking as Chief Manager IT Security Specialist at Indian Bank from November 2019 through December 2020, Mahesh led IT security operations during a critical institutional transition, architecting security technology integration for a bank merger while maintaining alignment with ISO 27001:2013 and RBI cybersecurity frameworks. Responsibilities encompassed incident management, risk assessments, business continuity planning, disaster recovery, and user awareness initiatives, alongside technical committee participation across multiple banking technology projects.
Since December 2020, Mahesh has served in progressively senior roles at Infosys, currently holding the position of Principal Consultant in Cybersecurity with a focus on Threat Management and Detection Engineering. Following his transition to Infosys Americas in August 2024, he has continued to lead initiatives in this domain. Managing global security operations that process and optimize the analysis of billions of security events monthly, improving detection accuracy, response efficiency, and overall SOC effectiveness, he oversees end-to-end technical delivery of threat detection and response, guides SOC optimization efforts, and participates in red, blue, and purple team exercises. His work supporting the U.S. healthcare domain requires meticulous attention to HIPAA and privacy compliance while refining detection use cases, playbooks, email security defenses, and Security Orchestration, Automation, and Response (SOAR) integrations. Performance reviews of security engineers, architects, and analysts, along with stakeholder management and team development responsibilities, reflect the leadership dimension of modern cybersecurity operations.
Mahesh's professional credentials underscore sustained commitment to maintaining expertise across evolving cybersecurity domains. His certifications include CISSP, CCSP, CISA, CISM, CCISO, CRISC, CGRC, AAISM, CEH, and ISO/IEC 27001 Lead Auditor, complemented by an MBA in Information Systems from Sikkim Manipal University completed between 2012 and 2014, and specialized training through Purdue University's Applied Cybersecurity Essentials program completed in August 2021. Recognition as Cloud Risk Champion by the Cloud Security Alliance acknowledges his contribution to community efforts raising awareness of cloud security risks. Additional honors including the Eureka Technical Excellence, RISE Award for People Excellence, Value Champion Award for Compliance, and academic excellence awards in both bachelor's and diploma programs reflect consistent high performance across technical and leadership dimensions.
His work reflects a broader commitment to strengthening cybersecurity practices that are critical to national infrastructure, data protection, and digital trust. By aligning security operations with regulatory frameworks such as NIST, HIPAA, ISO 27001, and PCI-DSS, he contributes to enhancing cybersecurity resilience in sectors that are vital to the United States economy and public services.
Beyond operational cybersecurity, Mahesh actively contributes to professional knowledge development through publications and industry engagement. He is the author of 'Cyber Resilience for Entrepreneurs' and has authored publications including 'AI-Augmented Security Operations Centers,' 'The Language of Information Security,' 'Navigating Your Transition to Cybersecurity,' 'Threat Modeling: A Practical Perspective,' 'Effective Cyber Incident Management,' and 'Ballistic Threat Model in Cyber Security,' where he addresses critical topics shaping modern cyber defense practice. His participation as a panelist at the University of North Carolina at Charlotte Cybersecurity Symposium, discussing AI-driven Security Operations Centers, along with knowledge-sharing sessions delivered through Cloud Security Alliance and ISACA, demonstrates commitment to elevating industry understanding of emerging security challenges. Mentoring cybersecurity professionals and conducting specialized training for law enforcement personnel, including cybercrime officers at the Telangana State Police Academy, extends his impact beyond corporate environments into public sector capacity development where cyber threats increasingly demand sophisticated response capabilities grounded in both technical expertise and strategic understanding.
Author: Sumit Handa
