THE PRINCIPAL
Damanjit Singh Uberoi
Founder, CyberSecure Vertex · Detection engineer by DNA
Thirty-eight years from a satellite voltage regulator to the founding era of the modern SIEM to here — engineering security operations that are risk-aligned in fact, not just in claim.
Origins
My engineering instinct traces back to 1988 — a senior-year internship at the Indian Space Research Organisation, where my team designed a microprocessor-controlled voltage regulator. ISRO accepted the design; it went through years of acceptance testing and flight qualification before flying on the SROSS-C2 satellite in 1994. In the years between, I completed my bachelor’s in Computer Science and Computer Engineering, earned my MS in Computer Science at the University of Maryland, and joined IBM’s T.J. Watson Research Center in New York as a researcher in the Distributed Computing and Embedded Encryption Research Group. At IBM, I was hand-picked for the company’s Nagano 1998 Winter Olympics delivery team, carrying firewall and network security responsibility under the program’s chief architect.
Building a Category
In 2002 I joined the founding era of the modern SIEM category as a Professional Services Security Consultant. The work demanded that field practitioners teach the certification program; I rebuilt the Certified Security Analyst curriculum and delivered it more than twenty times across five countries. As the practice extended into strategic consulting, I coined a principle I still hold to — “no shelfware”: that a security platform must compound the value of every other investment around it, not fade quietly after deployment. It has outlived any single product. From 2006 to 2008 I led Professional Services for the Western US and APAC regions, and through the early PCI era I led the creation of compliance and insight packs. That work is the bedrock of my detection-engineering depth today.
The Wide Lens
From there, the view widened: Associate Partner across EY, Deloitte, and Grant Thornton in India; SVP at Safe Security, the John Chambers–backed cyber risk quantification firm; international instructor for EC-Council’s Certified CISO program; and most recently Chief Technologist for the APAC MSSP business at Micro Focus and OpenText.
The Work Today
Today I engineer cybersecurity programs for organizations that want their security operations to be risk-aligned in fact, not just in claim. Most SOCs have become alert clearing houses. The mature SOC understands risk, validates it, and communicates it in terms the business respects. AI does not close that gap — it widens it, unless the underlying engineering can carry it.
THE TRACK RECORD
Thirty-five years, across the stack
Institutions & Roles
ArcSight — Founding-era Professional Services; PS lead, Western US & APAC
IBM T.J. Watson Research Center — Researcher, Distributed Computing & Embedded Encryption
Indian Space Research Organisation — SROSS-C2 satellite program
EY · Deloitte · Grant Thornton — Associate Partner, India
Safe Security — SVP, cyber risk quantification
EC-Council — International instructor, Certified CISO program
Micro Focus / OpenText — Chief Technologist, APAC MSSP
Platform Fluency
ArcSight
QRadar
Microsoft Sentinel
Splunk
CrowdStrike NG SIEM
Google SecOps
Design principles are platform-agnostic; the discipline travels.
AI is not a starting point. It is the final layer of an engineered system.
I have always been fascinated by Japanese manufacturing discipline — the rigor that takes something with thousands of moving parts and makes it come out right every time. They didn’t treat “zero defect” as an aspiration; they engineered it into reality on the assembly line. I have spent my career arguing, sometimes vehemently, that security operations deserve that same discipline.
It is not an abstract belief. Leading a SIEM professional-services practice, I tightened engagement planning, pre-flight information gathering, and process design until I could guarantee a core SIEM-and-database installation within three and a half hours of my consultant arriving on site. The confidence was such that if the consultant hadn’t called me at the three-and-a-half-hour mark, I knew the client had misrepresented their readiness — and I was prepared to charge them a wasted day for it. I collected system-readiness evidence before anyone boarded a plane. The closing sign-off handed over to support seamlessly: they knew exactly what was running in the environment, what had been paid for, and what fell under entitlement. Some called it fastidious. To me it was simply how things are meant to be done — zero defect, zero leak.
That is the discipline I bring to detection engineering. Most cybersecurity is wired the opposite way — components assembled in isolation, integrated by whoever shows up at the end. I build so that every layer is designed in awareness of the layers around it. That is the only way a security program compounds value instead of merely accumulating cost.
Proactive by design, not reactive by default.