top of page

Work Experience

Experience at AP Moller Maersk, Bangalore India( June 2019- Present)

 

In my six years at A.P. Moller Maersk, I held dual roles—as a cybersecurity architect for the next-generation supply chain platform and as a cyber leader within the central cybersecurity function. I was responsible for driving the end-to-end security strategy for a highly distributed technology ecosystem while also enabling cybersecurity strategy implementation across the broader technology portfolio

My key achievements were

  1. Led cybersecurity strategy and operations for a mission-critical global logistics platform, including budget planning and direct reporting to the CISO’s office; directed secure architecture reviews for Azure workloads, authored hardened deployment playbooks, and managed Kong API Gateway with custom plugins.

  2. Built and scaled security automation—streamlined onboarding of 100+ APIs with OWASP Top 10-aligned compliance checks, accelerated vulnerability remediation via auto-generated Jira tickets, and reduced threat modeling time from weeks to 15 minutes using STRIDE GPT, an AI-powered tool now supporting 150+ secure design reviews annually.

  3. Fostered a security-first culture by mentoring a cross-functional team of engineers, risk managers, and scrum masters, embedding secure-by-design principles, and driving continuous regulatory compliance and proactive risk management.

​

Experience at Schlumberger( July 2006- May 2019)

​

In my 13 years with Schlumberger I played a variety of roles from software engineer, senior software engineer, team lead, architect and cyber security architect. I also had a chance to work out of 3 different countries during my stint there and hence was used to working with multi disciplinary teams to solve a common business problems. Some of my key achievements are listed below

  1. Spearheaded global security strategy for Geophysical technology centers—defined product-specific security requirements, coached engineering teams on secure coding, embedded automated controls into CI/CD pipelines, and supported proactive issue resolution and incident response efforts.

  2. Led cross-continental engineering efforts, including the modernization of legacy products in Aachen, Germany using Open Inventor, C#, and C++, and directed a 10-member team across India and Houston to develop and support PSI, a seismic interpretation platform. This involved project management, coaching team on development and coding practices, supporting live production issue and setting architecture guideline and guardrails. I also managed to write a fair bit of code while doing the role:)

  3. Drove innovation in performance and data science by applying machine learning to classify oil field data (earning 5th place in an SEG global ML competition), building a real-time CI/CD metrics dashboard with a Raspberry Pi failure notifier, and conducting a successful CUDA-based feasibility study for GPU-accelerated seismic algorithms.

​​

​

​

What I’ve Built

Running a successful cyber vulnerability and risk management programme for one of the biggest platforms at Maersk

Spearheaded the cyber strategy for the Business Enabling portfolio of nine platforms, including maersk.com, embedding cybersecurity into operational planning and decision-making. Orchestrated a high-performing team to deliver on critical KPIs, enabling precise measurement and reporting of cyber maturity to the business. Successfully drove the vulnerability and risk management programme, eliminating all high-risk exposures and maintaining overall risk within defined thresholds. Achieved these results through sharp data analytics, persuasive executive reporting, and cultivating trusted advisor relationships with key stakeholders.

Threat modelling with Gen AI

At my  most recent experience, I found a gap in doing more proactive threat modelling for product security teams. I therefore used the open source stride GPT and tailored it to scale up threat modelling practices. We went from 10-15 threat models a year to 150 threat models in 6 months because we had the tool to automation threat model generation. The tool and process around it not only empowered security teams but also product teams to get early visibility on cyber threats on their architecture

Secure API gateway with Kong

At Maersk to enable the more than 200 API coming out of the supply chain platform to be built with the correct architecture guidelines and guardrails, we used the open source ai gateway Kong to manage the APIs. Built in checks to manage authentication, authorization and managing role based access on the platform was something I had designed and maintained and was truly operating at scale to manage the many customers of Maersk.

Built Security Architecture Framework for Supply chain  platform

Advocated for continuous security by adopting a “secure by design” approach, embedding security at every stage of the development lifecycle with continuous feedback loops. This methodology was successfully implemented in the Supply Chain platform, with security ownership assigned to individual scrum teams. From conceptualization to delivery, every product was built with predefined security guardrails and default secure configurations. Established comprehensive DevSecOps guidelines and automated guardrails, integrating security controls seamlessly into the CI/CD pipeline to enable rapid delivery, ensure compliance, and proactively reduce vulnerabilities early in the development processe

​

 

Screenshot 2025-08-06 at 3.32.23 PM.png
Screenshot 2025-08-06 at 3.33.35 PM.png

​

Follow Me

  • LinkedIn
  • X
  • GitHub
  • Medium

© 2025 By Priyanka Raghavan
 

bottom of page