• Led and performed ITaaS IT Operating Model, Organizational and Roles Transformation Advisory• Cloud Advisory Services to assess application cloud suitability and cloud placement • Developed Identity Access Management (IAM) strategy, and recommendations for IAM solution requirements.• Designed two-factor authentication application workflows based on National Authentication Framework• Developed Cyber Security Breach and Response Readiness program strategy and roadmap • Designed and implemented IT Risk and Security Management Systems, involving risk frameworks, IT security policies and standards for healthcare, hospitality and financial institutions.• Developed long term security awareness programs for healthcare, hospitality, investment institutions and aviation industries.• Re-engineered and automated security operations processes (e.g. Threat Monitoring and Management, Incident Management) via ITGRC System

- Managed the full value chain of management consultancy: identify potential opportunities, pursue business and deliver services. These will include proposal development, defining the scope of the project, allocating budget and the appropriate resources, defining the project approach, identifying the efforts required, and managing the project team.- Managed and coordinated an IT Governance health check for over 80 agencies to ascertain policies penetration and adoption rate for the public sector.- Managed and led project teams in risk and vulnerability assessments, penetration tests, IT general controls review, application controls review, compliance review for educational institutions, financial institutions, healthcare sector and government agencies.- Outsourced internal auditor for a major natural resources company, auditing the IT security management framework within the context of the operating model.- Developed a one year security awareness training program for more than 300 end users in an Asia investment house. - Conducted risk and vulnerability assessment of information systems architecture and reviewing the underlying security configuration of devices such as Microsoft Windows servers, Unix systems, SAP Basis, MS SQL and Oracle databases, CISCO, CyberGuard, Juniper and CheckPoint firewalls, CISCO routers and switches. -Assessed computer operations of an electronics MNC for compliance with Sarbanes-Oxley Act.- Conducted Application Controls Review for educational institutions, healthcare sector and government agencies to evaluate if the processes are inline with the business objectives, logical access controls are in place and addressed security concerns and business risks.- Instructor for Ernst & Young eXtreme Hacking sessions which introduce the participants to the hacking methodology.

- Reengineered and conceptualized an online emarketplace. The marketplace is an online B2B portal to match IT vendors and buyers. Buyers can post their projects online and interested vendors can bid for the project.- Entrusted to take on full responsibilities of the project, business development, product development to customer support.- Independently developed the online marketplace with comprehensive project management features, forums and workspaces in 2 months, managing accounts concurrently.