Haris Siddiqui - Senior Strategic Cybersecurity Consultant at Google

Disclaimer: This information was obtained from publicly available sources online and is believed to be accurate at the time of publication. Valimates collects this information with proprietary technology and cannot guarantee the accuracy or completeness of the data. The purpose of the data is to inform the reader about the expertise of the individual and should not be used for any other purpose. Valimates does not have any affiliation with the individual.

Haris Siddiqui Senior Strategic Cybersecurity Consultant at Google

Claim Profile Update Profile Delete Profile

Haris Siddiqui emerges as a seasoned professional in the cybersecurity domain, demonstrating a rich tapestry of skills and experiences within the industry. Currently a Senior Strategic Cybersecurity Consultant at Google in the Greater Chicago Area, Siddiqui has built a formidable network of 2,518 LinkedIn connections, reflective of their extensive reach and recognition within the field.

With previous experience at Mandiant and Protiviti, Siddiqui has honed their expertise in Cyber Risk Quantification and Risk Management, adept at steering Fortune 500 companies towards fortified security postures. At Protiviti, Siddiqui led a multitude of initiatives, including cybersecurity strategy development, FAIR methodology-based risk management program assessments, and application security engineering risk assessments. The impact of their work is illustrated by the successful reduction of cyber risk exposure by an estimated $30 million for a major financial services client.

Siddiqui's professional narrative is one of continuous growth and adaptation, transitioning from a lucrative career in client acquisition and marketing into the cybersecurity sector, driven by a deep-seated passion for the field. Their educational background includes a Bachelor of Science from the University of Illinois Chicago with a concentration in Management Information Systems. Siddiqui's dynamic skill set, encompassing Cloud Computing, Risk Management, Project Management, and IT Security Assessments, combined with an eagerness to mentor and contribute to the cybersecurity community, positions them not only as an asset to their current employer but as an influencer shaping the next wave of cybersecurity talents.

More about this expert

Full name: Haris Siddiqui
Location: Greater Chicago Area
Title: Senior Strategic Cybersecurity Consultant
Company: Google
Industry: Software Development
LinkedIn profile: https://www.linkedin.com/in/harisnsiddiqui/
LinkedIn Connections: 2518
Summary: I am currently working as a Senior Security & Privacy Technology Consultant, with focus on Cyber Risk Quantification and Risk Management at Protiviti. Prior to joining Protiviti, I served as a cybersecurity consultant at Ankuras Risk, Resilience and Geopolitical advisory within the DFIR practise. From working on proactive risk quantification and incident response planning to reactive data exfiltration cases, I have been exposed to a variety of engagements that served to reaffirm my passion for the field of security. In my current role at Protiviti, I worked directly with multiple Fortune 500 organizations to assess top risks to critical IT assets, which allowed my team to develop solutions to bolster our clients over all security posture. I have played a leadership role in several engagements within the Cyber Risk Quantification practice, during this time I led data gathering workshops and training sessions using NIST-CSF and Quantitative Risk Management Program (FAIR). Additionally, I have performed dozens of security engineering assessments to evaluate existing security controls, and subsequently resolve potential security issues for sensitive client applications and critical IT assets. Overall, I have had considerable experience in a variety of roles throughout my career including risk management, business strategy, technical lead for growth initiatives, sales, marketing, and customer service. I have developed a career for myself, gaining knowledge of cybersecurity, risk management, sales, marketing, media management and web development through self-learning and self-taught techniques. I knew leaving behind a successful career in client acquisition and marketing would be a challenge as I was walking into the unseen, but I was determined to pursue my passion for cybersecurity. I am creative and thrive under pressure. When tasked with something I lack knowledge in, I pursue avenues to educate myself and learn through application. Lastly, I love any and every opportunity of mentoring and helping the next generation of Cybersecurity practitioners. I would not be where I am without the guidance, help, and mentorship of others in the industry and I wish to continuously pay that forward. If you are someone new to the industry or would like to simply meet with a fellow cybersecurity enthusiasts, feel free to reach out as I am always willing to share my expertise and learn from others in the industry.
Skills: Cloud Computing Risk Management

Education

University of Illinois Chicago: Bachelor of Science - BS
Attended in 2016 - 2018
Field of study: Concentration - Management Information Systems (Information & Decision Science)
Oakton College: Business Administration and Management
Attended in 2013 - 2015
Field of study: General

Positions

Google Greater Chicago Area: Senior Strategic Cybersecurity Consultant
Nov 2022 - Present

Skills: Cloud Computing · Risk Management · Project Management · IT Security Assessments
Mandiant Chicago, Illinois, United States: Senior Strategic Cybersecurity Consultant
Jul 2022 - Nov 2022

Skills: Cloud Computing
Mandiant Chicago, Illinois, United States: Strategic Cybersecurity Consultant
May 2021 - Jun 2022

• Provide cybersecurity strategic services to Fortune 500 clients across various industry verticals.

• Develop and deliver strategic roadmaps, recommendations, Incident Response plans, standards, and policies to aid organizations in achieving desired results and goals of their Information Security Program.

• Lead strategic workshops based on Mandiant's security program assessment methodologies, Ransomware Defense Assessment, Incident Response Preparedness Services, Response Readiness, Executive and technical tabletop exercises and other strategic services to help develop and mature clients overall security posture.
Protiviti Chicago, Illinois, United States: Diversity, Equity and Inclusion Office Lead
Mar 2020 - May 2021
Protiviti Greater Chicago Area: Senior Consultant (Security & Privacy)
Jan 2020 - May 2021

• Developed a three-year cybersecurity strategy for a major financial services client with 14 prioritized initiatives based on risk reduction and capability enhancement, resulting in an estimated $30M reduction in cyber risk exposure.

• Lead cybersecurity risk management program assessment for a global enterprise by leveraging FAIR (Factor Analysis of Information Risk) methodology to identify and evaluate top IT risk to support cybersecurity program development.

• Conducted a security program maturity assessment for multiple business units of a leading design software company leveraging NIST-CSF, Cloud Security Alliance (CSA) and OWASP Software Assurance Maturity Model (SAMM).

• Interfaced with clients and a team of consultants in developing a metrics dashboard to capture ongoing application security trends and improve client data quality in the process.

• Lead application security engineering risk assessments to help a Fortune 100 insurance client better understand its cyber risk from critical IT assets and help applications gain Authorization to Operate (ATO) for full deployment.
Protiviti Greater Chicago Area: Cybersecurity and Privacy Technology Consultant
Oct 2018 - Dec 2019

• Assisted senior team members with performing Security Assessment reviews for hundreds of applications within its environment for NYDFS compliance by leveraging CIS top 20 (Critical Security Controls) and NIST frameworks.

• Facilitated 4-day Factor Analysis of Information Risk (FAIR ) pilot to evaluate ‘future state’ scenarios to show the organizations risk with a control change or implementation. Identified key probable risk scenarios within the organization, prioritized and quantified each risk using Risklens for Cyber Risk Quantification.

• Assist senior team members in conducting divisional workshops to identify and build a targeted asset and threat list using the Taxonomy of Operational Risk under the FAIR model.

• Working to quantify the operational IT risk by leveraging Factor Analysis of Information Risk (FAIR). Assisted engagement manager with creating material for, and conducting, scoping meetings that covered 10 divisions across several countries.

• Developed a Risk register, detailed risk Matrix and divisional asset list to be used in Phase 2 of the FAIR assessment.
Career Break Chicago, Illinois: Professional development
Jan 2017 - Sep 2018

- Academic break with graduation from UIC with a BS in MIS and IDS on an accelerated program with graduation in summer 2018.
- Career transition with active hands-on DFIR training internship
Ankura Greater Chicago Area: Cybersecurity Consultant - Risk, Resilience and Geopolitical Advisory
May 2017 - Aug 2017

• Served as an associate to investigate network and/or computer intrusions and data exfiltration
• Performed chain of custody and forensics data acquisition using Tableau TD2u hardware, FTK Imager, EnCase, Axiom, Magnet Acquire, Paladin and D.E.F.T (Linux Distro).
• Conducted log analysis and IP analysis to identify malicious IP’s using various command line utilities and NirSoft.
• Identified malware using Sysinternals and VirusTotal
• Discovered, identified and reconstructed pieces of evidence to draw a chain of evidence with senior team members
• Assisted senior team members in various proactive engagements involving HIPAA, ISO 27001, NIST 800-53, NIST 800-30 standards and incident response plan (IRP) review.
• Active hand-on training with leading forensics, network monitoring, penetration testing and incident response tools.