Login- Consulting
- Training
- Partners
- About Us
x
Financial Services
Google Kubernetes Engine, Compute Engine, Cloud DNS, GCP OS Patch Management, Security Command Center (SCC)
Comprehensive 6-Pillar GCP infrastructure assessment and modernization with environment segregation, security hardening, GitOps automation, and disaster recovery planning.
The client is a BSE and NSE-listed, diversified Indian financial services group headquartered in Mumbai with over five decades of experience. Its businesses span Corporate Advisory and Capital Markets, Wealth and Asset Management, Private Markets, and Affordable Home Loans, earning numerous national and international accolades for advisory expertise and execution capabilities.
Environment Isolation Achieved
Critical SCC vulnerability remediation SLA
Automated Secret Rotation Cycle
The client faced critical operational and security gaps where UAT and Production workloads were co-hosted on the same VMs, deployments relied on manual Jenkins triggers and informal WhatsApp/Email approvals with no SOPs, and automated OS patching was absent, with critical SCC findings left unresolved. Over-provisioned compute resources masked inefficiencies and inflated costs, while the entire cloud environment was confined to a single region with no disaster recovery mechanism.
• Identified and decoupled UAT and Production workloads by establishing dedicated GCP Projects and VM instances to eliminate resource contention and security leaks.
• Transitioned from manual user-based IAM to Role-Based Access Control (RBAC) using Google Workspace groups and implemented Workload Identity for GKE to replace long-lived service account JSON keys.
• Configured GCP OS Patch Management to automate updates and integrated SCC alerts into Slack/Jira to ensure Critical vulnerabilities are remediated within a 24-hour SLA.
• Replaced manual triggers with a modern CI/CD workflow using GitLab webhooks and mandatory automated testing (unit, integration, and security) to block unstable code from reaching Production.
• Designed a Pilot Light DR architecture in the Delhi (asia-south2) region, utilizing Cloud DNS for rapid failover during regional outages.
• Upgraded the network perimeter to an Active/Active Palo Alto firewall configuration to ensure a high-availability posture.
Achieved 100% environment isolation, real-time compliance visibility, automated secret rotation, cross-region DR readiness, and full SEBI regulatory alignment with standardized SOPs.
SHARE
Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!
