Open to senior security & IAM opportunities

Aditi Shah

Senior Cybersecurity & Identity and Access Management professional with 12+ years securing enterprise-scale, highly regulated Australian environments — from identity governance and privileged access to security operations and audit readiness.

Melbourne, VIC · Australia adi.shah08@gmail.com +61 430 449 388
Contact Aditi LinkedIn Download résumé
Portrait of Aditi Shah, Cyber Security Analyst
Melbourne, VIC · Cyber Security
0+
Years in security
0
Enterprise environments
0+
Compliance frameworks
IAM/PAM
Core specialisation
01 / Profile Who I am

Identity is the new perimeter — I make sure it holds.

I help large, regulated organisations govern who has access to what — designing and operating the identity, privileged-access and security controls that keep enterprise systems compliant, resilient and audit-ready.

Across financial services, government and telecommunications, I've implemented security controls aligned to NIST 800-53 and ISO 27001, run SailPoint IdentityIQ identity lifecycle and access governance at scale, and strengthened privileged access through PAM and least-privilege controls.

My work spans both the technical and governance domains — from SIEM monitoring, threat detection and incident response, to control assessments and audit evidence for PCI-DSS and CPS 234. I'm equally comfortable in a SOC console or a risk-committee room, translating security signal into decisions stakeholders can act on.

With six years in senior roles as a security lead on IT transformation and business-integration programs, I bring an uncommon mix of technical depth, business acumen and customer-experience focus — thinking strategically about product and platform challenges while keeping a firm grip on speed, quality and outcomes.

Areas of focus
Vulnerability Assessment & Pen Testing Threat Modelling Endpoint Security · EDR/XDR · DLP Secure Network Architecture Incident Management Web Application Firewall
02 / Capabilities What I do

A full-spectrum security & identity toolkit.

Identity & Access Management

End-to-end identity lifecycle, access provisioning, certification campaigns and joiner-mover-leaver governance.

SailPoint IdentityIQIGAJMLAccess Reviews

Privileged Access Management

Secure credential storage, privileged session governance and least-privilege controls that shrink the attack surface.

PAMCredential VaultingLeast Privilege

Security Frameworks & Compliance

Control design and audit evidence mapped to the standards regulated Australian enterprises live by.

ISO 27001/27002NIST CSFCPS 234PCI-DSSEssential EightMITRE ATT&CK

SIEM, Monitoring & IR

Log analysis, anomaly detection and incident response that turn noise into timely, actionable signal.

SplunkMicrosoft SentinelThreat Analysis

Endpoint, Email & Cloud Defence

Threat protection across endpoints, mailflow and cloud workloads, hardening posture end to end.

CrowdStrikeTrellixMimecastPrisma CloudAzureAWS

Vulnerability & Risk Management

Full vulnerability lifecycle from detection to remediation, with risk assessments stakeholders trust.

TenablePrismaRBACMFARisk Assessment
03 / Track record Where I've delivered

Twelve years across finance, government & telecommunications.

Australian Unity

Dec 2021 — Present
IAM Cyber Security Analyst
  • Designed and implemented enterprise security controls aligned with NIST 800-53 and ISO 27001, strengthening compliance readiness and supporting successful audit outcomes across critical business systems.
  • Managed and supported the SailPoint IdentityIQ IAM platform — overseeing identity lifecycle management, access provisioning, access reviews and governance processes across enterprise environments.
  • Enhanced privileged access security through PAM solutions and governance controls, improving credential management, privileged-access visibility and risk reduction.
  • Implemented RBAC and Multi-Factor Authentication across enterprise applications, improving identity security posture and reducing unauthorised-access risk.
  • Supported PCI-DSS and CPS 234 compliance through control assessments, audit evidence collection and remediation, in close collaboration with risk and assurance stakeholders.
  • Monitored and investigated high-risk identity and security events using CrowdStrike, Mimecast, ManageEngine AD360, SpyCloud, Trellix and Prisma Cloud to drive proactive detection and response.
SailPoint IIQPAMCrowdStrikePrisma CloudCPS 234RBAC · MFA

Department of Education & Training · VIC

Sep 2020 — Dec 2021
Security Analyst
  • Performed enterprise SIEM monitoring and advanced log analysis to detect anomalies, investigate incidents and support timely response.
  • Conducted vulnerability scanning, security assessments and risk analysis across enterprise systems, driving remediation and risk-reduction programs.
  • Applied MITRE ATT&CK, NIST, ISO and ACSC/ASD standards to improve detection capability, incident response and security governance.
  • Managed the vulnerability lifecycle end to end using Tenable and service-management platforms, ensuring effective risk tracking and stakeholder engagement.
SplunkTenableMITRE ATT&CKACSC/ASDIncident Response

Vocus Group

Jan 2018 — Sep 2020
Network Security Engineer
  • Monitored and secured large-scale enterprise network environments, responding to security incidents across global infrastructure.
  • Managed and optimised firewalls, IDS/IPS, DLP, endpoint protection and MFA alongside cloud security platforms.
  • Led security improvement initiatives and supported compliance programs including GDPR and DLP implementation.
  • Conducted vulnerability assessments, supported penetration testing and performed root-cause analysis across Azure, AWS, Palo Alto, Splunk, Zscaler and Proofpoint.
Palo AltoZscalerProofpointDLPAzure · AWS

M2 Group

Aug 2013 — Dec 2017
Data Centre & Cloud Network Engineer
  • Managed multi-vendor firewall environments — Fortinet, Palo Alto, Cisco ASA and Juniper — across enterprise and data-centre infrastructure.
  • Supported data-centre operations including network security monitoring, incident response, firewall governance and infrastructure availability.
  • Delivered infrastructure and security projects including firewall migrations, monitoring implementations and disaster recovery exercises.
  • Automated operational processes to improve efficiency, reduce manual intervention and support stable, business-critical operations.
FortinetCisco ASAJuniperDRAutomation
04 / Foundations Education & credentials

Formal grounding, continually sharpened.

Education

Master of Science — Network Systems
Swinburne University of Technology · Melbourne · 2010 – 2012
Bachelor of Engineering — Electronics & Communications
South Gujarat University · 2005 – 2009

Certifications & Training

Cisco CCNA — Routing & Switching
Cisco CCNP — TSHOOT 300-135
Implementing Cisco Data Center Unified Fabric
Microsoft Certified Professional (MCP)
VMware NSX
Fortinet FortiOS
Palo Alto PAN-OS
Let's talk

Securing identity at enterprise scale.

Looking for a security professional who bridges deep IAM/PAM expertise with governance, compliance and hands-on operations? Let's start a conversation.

adi.shah08@gmail.com Connect on LinkedIn
+61 430 449 388 Melbourne, VIC · Australia Résumé (PDF)