o Architected and Implemented CyberArk Privileged Cloud Solution: Led the design and deployment of a comprehensive CyberArk Privileged Cloud solution using the zero trust architecture and least privilege principles, enhancing Origin’s ability to securely manage and monitor privileged accounts across on-premises and cloud environments.o Executed Proof of Concept for CyberArk Dynamic Privileged Access Module: Successfully trialed and evaluated the CyberArk Dynamic Privileged Access module, demonstrating its capability to provide just-in-time access to privileged resources.o Optimized Privileged Account Security: Assisted with the implementation of SaaS and on-prem connectors and integrated CyberArk with existing security infrastructure, significantly reducing the risk of unauthorized access and enhancing overall security posture.

o Cyber Security Strategy and Roadmap Development: Formulated a comprehensive Zero Trust-based Cyber Security Strategy, incorporating IAM and PAM frameworks aligned with industry standards such as VPDSS, NIST CSF, and Essential 8.o Standards and Policies Implementation: Established and enforced Identity Fabric, encompassing policies, controls, procedures, and processes tailored to meet stringent security and compliance requirements.o Lifecycle Management with Joiner, Mover, Leaver Approach: Developed an approach for the RBAC framework, integrating the Joiner, Mover, Leaver model for seamless identity lifecycle management.o Development of IAM and PAM Capability Models: Architected IAM and PAM capability models, ensuring robust access control mechanisms and real-time risk management.o Contextual and Pattern-based Architecture: Designed Contextual IAM and PAM Architecture patterns, incorporating principles of Just-in-Time Access and zero trust to enhance security posture.o Access Review and Compliance: Conducted a thorough review of M365 shared drives and ESTA SharePoint access for enhanced security governance.o Interim Solutions for User Access Reviews: Implemented a risk-based solution for standard and privileged User Access Reviews, ensuring minimal access rights while maintaining operational efficiency.

Achievements: Responsible for incorporation of the CyberIAM entity in Australia as a sole Director and established the CyberIAM footprint in the region by opening an office in Melbourne in July 2021. 200% YoY employee growth over 2 years in Australia Responsible for incorporation of the CyberIAM entity in Philippines in Apr 2022 Established a CyberIAM Philippines practice in Manila with a vision to establish a 24*7 support function and improve profit margins. -Employee growth: Grew from 1 to 4 employees within 1 year 300% YoY increase in revenue targets from 500K AUD in sales in FY2022 to 2Mil. AUD in FY 2023. Achieved an average employee billability of 70% across FY22 and FY23 Customer Success Stories Implemented IAM and PAM projects including business analysis and operations support with a critical infrastructure client in the Utilities sector. This included: -Joiner, mover, Leaver process in SailPoint -Connectivity to various critical applications and platforms like MSATS, AD, Oracle and SQL databases -Role Based Access Control approach using SailPoint for teams including National Energy Market Operations, Gas Market Operations teams -PAM architecture patterns for CyberArk connectivity -IAM B2B/B2C implementation using Azure/Entra Successfully on-boarded 40 applications of various complexity for an Australian retail giant using both agile and SDLC methodologies supporting organization’s IAM and PAM architecture patterns. The implementation included: -IAM Application onboarding IAM (SailPoint) -PAM Application Onboarding (CyberArk) -SSO implementation using Azure/Entra Oversight of delivery of CyberIAM Australia Services There was a focus on delivering IAM and PAM solutions including -IAM and PAM Maturity Assessments -IAM and PAM Architecture services -IAM and PAM out of the box and custom implementation -Customer Identity Management solutions -Managed Service Support

Contributed to the Delivery of the IAM Program: Assisted in the execution of the IAM program, roadmap, and strategy, leveraging Agile and Kanban methodologies to achieve the following:o Identity Lifecycle Management: Integrated SuccessFactors with SailPoint to enable seamless Adaptive Authentication and automated Identity Lifecycle Management.o Support for B2B, B2C, and B2E Operating Models: Designed and implemented IAM solutions tailored to B2B, B2C, and B2E business operating models, ensuring scalable and secure identity management.o Implementation of Access Control Models: Delivered Application, Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC) using SailPoint.o Access Management Portals: Developed user-friendly request access management portals for internal staff & external market participants, providing a streamlined interface for Identity and Access Management.o Segregation of Duty (SoD) Rulesets: Defined and implemented Segregation of Duty (SoD) rulesets.o Requirement Gathering for IAM Modules: Conducted detailed requirement gathering for B2B, B2C, and B2E IAM modules.o Policy and Standards Development: Assisted in the creation of IAM and PAM policies and standards, embedding Zero Trust principles into the AEMO’s security framework.Cyber Uplift of the Privileged Access Management domain:Implementation of CyberArk and LastPass: Led the deployment of CyberArk and LastPass solutions, focusing on enhancing privileged access security through the following initiatives:• Business Process Definition: Defined business processes & gathered requirements for the Privileged Access Management domain, ensuring alignment with Dynamic Privileged Access principles.• Password Vault & Privileged Session Management: Assisted in the rollout of CyberArk’s Password Vault, Privileged Session Management (PSM), & Privileged Vault Web Access (PVWA), strengthening the organization’s privileged access security posture.

People, Process & Performance Transformation (PT3) Program:• Implemented IAM components of the PT3 strategy including, but not limited to, the following:o IAM Integration Pattern Design between the One Identity Manager and S/4 HANA (GRC, Fiori), SaaS applications (Workday, Fieldglass, Ariba, Concur, ADP eTime and Kronos, Noggin, Serraview) . o User Lifecycle Management streamlining the joiner, mover and leaver processes through integration between HR (Workday) and One Identity Manager tools. o Enterprise Roles and RBAC for critical corporate business groups o Coarse grained Segregation of Duty rulesets across applicationso Financial Delegation of Authority and Access Substitution using One Identity Managero Access Workflows for applications onboarded as part of the program.• Drafted the IAM Governance processes that cover the Enterprise Role Governance, User Access Recertification.

• Cyber Security Assessment: Assessed the completeness and accuracy of the Cyber Security remediation activities for a major Communication Network and also assessed the security alignment to the Australian government’s regulations.• Vendor Security Assessment: Developed standards, guidelines and work papers for conducting vendor security risk assessments (based on ISO 27001, BS17799); writing detailed assessment reports, highlighting the risk findings and recommendations; producing the executive summary to the management and tracking the remediation.• IAM Design: Designed and implemented enterprise role design, role access alignment discovery, definition and validation. Designed and implemented segregation of duties and cross application segregation of duties rules.• IAM Controls Assessment: Assessed the design and operating effectiveness of IAM controls for SWIFT applications to ensure the appropriateness of business, technology and privileged access controls• IAM Strategy: Developed the IAM & PAM strategy for a major Insurance provider including the assessment of current state IAM architecture and associated technologies. Defined the future state vision, roadmap and operating model.

Role: Information Security Specialist [UK]IAM Global Lead and Subject Matter Expert• Established the global segregation of duties team and implemented the segregation of duties framework across global banking businesses and functions.• Defined functional and non-functional requirements for selection and implementation of access management services and tools.• Provided functional and technical expertise for implementation, integration and governance of User Access Reviews • Designed and implemented the concurrency use cases for periodic recertification, transfers & leavers and segregation of duties certification.• Developed and formulated risk based information security standards and policies for access management

Information Security Lead, HSBC Software Development MalaysiaCyber Security Governance and Management: • Managed and maintained the security posture and established HSBC Information Security best practices at HSDM in accordance with bank policies & local and regional regulatory requirements.• Assisted with the IT General Controls testing which included the understanding of IT infrastructure and design the security policies, procedures and guidelines as per COBIT framework. Provided consulting to businesses for the IT assessment, Identity Access Management, Incident Management and Change Management work streams• Implemented continual Information Security Awareness education. • Established the Business Information Risk Officer role that focused on the implementation of clear desk policies, common area checks, local incident management, data leakage prevention etc.• Implemented global cyber security initiatives like End User Computing, Bulk Customer Level Data, Infrastructure Security Standards, HSBC Application Security Risk Assessments. • Assisted with the development of a sustainable and effective Cyber Security Governance model to uplift the internal capability in order to manage IS risks and controls.IAM: • Managed the HSBC Identity and Access Management Global Center of Excellence (CoE) for BAU support for the IAM Program spread across 3 locations viz. India, Malaysia and Brazil. • Implemented the process for on-boarding IAM applications and orphan management that interfaced with the Aveksa Recertification portal.• Managed and implemented an IAM reporting and metrics solution using SQL Reporting services.

Cyber Security Governance:Global Functional Team Lead for the HSBC ISR Security Governance team. The role primarily focused on the implementation of:• Global ISR metrics.• A central repository for external certification.• Global audit tracking methodology.• Global Risk Acceptance and dispensation methodology.• Manage and implement the Global ISR policy and standard framework and implement consistent mechanism of producing ISR standards across HSBC.Manage and oversee the following activities performed by the HSBC Software Development India team:• Information Security SharePoint website development and maintenance.• Skills Matrix Dashboard creation and maintenance.• Information Security Metrics Collection and Dashboard creation.Cyber Security ManagementManaged the following tasks for the HSBC bank in India:• Sign off system release checklists, network change request forms etc. before being released to production.• Access control administration and exception monitoring.• Approval of Firewall, IDS and Network configuration changes.• Local Incident Manager for all IT Security related incidents, frauds and malware incidents• Encryption key co-ordination for pan-India ATMs, Digital certificates.• Penetration test co-ordination and review.• Internal, Regulatory and External Audit co-ordination.• Provide IT Security consultancy to the HSBC India businesses on risk assessment and mitigation.• Conduct IT Security awareness and training• Ensure antivirus and security patching are performed on servers and workstations as per HSBC recommendations.• Third Party Security reviews

Part of the team which developed a Java based document signing tool (Form Seal and Desk Seal) using PKCS#7 compliant digital signatures and certificates. Other responsibilities included the use of VSS for release management of Java code and deployment and testing of the code in accordance with the SDLC.

Developed and maintained the following systems using MF-COBOL and UNIX scripting:• The Branch Finance System for Godrej India Limited which included Journal voucher, debit note, credit note modules.• The public deposit and company deposit systems Godrej India Limited• The Gratuity System for Godrej India Limited.