Singapore, Singapore
Throughout my career, I have demonstrated a strong commitment to staying ahead of emerging threats and technologies. My goal is to continue leveraging my skills and experience to create secure and resilient IT environments that support organizational success. With over 18 years of extensive experience in IT infrastructure operations, Service Delivery, Project Management and Sales, I have cultivated a robust expertise in managing and securing complex IT environments. My current focus is to manage end to end Sales lifecycle which includes RFP Response, Clarification, Bid / No Bid Decision, Solutioning, Architecting, Approach, Budgeting, Legal and Commercial Review for Cyber Security related solution includes, Threat and Vulnerability Management, Identity, Access, and Privileged Access Management etc. Driven by a passion for creating robust defenses, I am dedicated to safeguarding an organization's users, infrastructure, and data. In last 2 decades I transformed in couple of roles as below: - IT Infrastructure Operations Management - Service Delivery Management - Project Management - Cyber Security Operation Management - Identity and Access Management Solution Design, Architect, Implementation and Operation - Privilege Access Management Solution Design, Architect, Implementation and Operation Areas of Expertise: - Cyber Security Incident and Event Management (SIEM): Skilled in monitoring, detecting, and responding to security incidents and events. - Threat and Vulnerability Management: Proficient in identifying and mitigating vulnerabilities to prevent potential threats. - Data Loss Prevention (DLP) Management: Experienced in implementing DLP solutions to protect sensitive data from unauthorized access. - Endpoint Detection and Response (EDR): Adept at deploying EDR tools to detect, investigate, and respond to advanced threats on endpoints. - Phishing Management: Expert in managing and mitigating phishing attacks to protect users and data.
happy to share that after more than 20 years of an enriching journey in the IT industry, I have embarked on a new chapter as the Founder & Director of Innovation Asia Lab Pte. Ltd. Over the past two decades, I have had the privilege of working with global organizations across Healthcare, Government, Banking, Telecommunications and Managed Services and leading initiatives in Cybersecurity, Infrastructure Services, and Technology Transformation. Having experienced firsthand the challenges organizations face in attracting and retaining skilled cybersecurity professionals, I established Innovation Asia Lab Pte. Ltd. with a vision to become a trusted partner for Cybersecurity Talent Acquisition, Executive Search, Managed Services and IT Consulting. Our core expertise includes: 🔹 Cybersecurity Executive Search, Contract Staffing, Permanent Placement & Technology Recruitment 🔹 CISO, Security Architect, IAM/PAM, SOC and GRC Talent Acquisition 🔹 Vulnerability Assessments, Remediation Coordination and Security Advisory 🔹 IAM, PAM, SIEM, SOC and Managed Security Services 🔹 IT Infrastructure Operations & Managed Support Services 🔹 IT Asset Lifecycle Management and Certified E-Waste Management Services At Innovation Asia Lab, we understand that cybersecurity is not just about technology—it is about having the right people, skills and processes to safeguard business operations. I sincerely thank my mentors, colleagues, clients and professional network for their continuous support and encouragement. I look forward to connecting with organizations seeking cybersecurity professionals, executive search support and managed services, Let's collaborate 🌐 www.innovationasialab.com #InnovationAsiaLab #CyberSecurity #ExecutiveSearch #CyberRecruitment #TalentAcquisition #VulnerabilityManagement #ThreatManagement #IAM #PAM #SOC #GRC #ManagedServices #ITInfrastructure #StaffAugmentation #DigitalTransformation #EWasteManagement #Singapore #APAC #Entrepreneurship #TechnologyLeadership
- Define Project Business Requirement, scope of work, objectives, Milestone and Resource allocation for IAM/PAM implementation. - The overall scope includes remediation of Toxic Admin, Service and users Accounts to conclude final inventory of Users, Admins, Service Accounts and applications to on-board and integrate with CyberArk PAM and IGA solution. - Understand architecture of IAM/PAM tools (e.g., Okta, Azure AD and CyberArk) and collaborate with architects and engineers to ensure solution design aligns with business needs. -Ensure IAM/PAM implementation complies with internal security policies and external regulations requirements (PCIDSS4.0 and Cyber Essential Plus, GDPR and HIPAA). - Conduct Change Management related workshops with different Business Line and Stakeholders to ensure smooth and collaborative Implementation of Project. - Define PAM / IAM Project Statement of work and provide RFP brief to SI vendors to submit quote based on defined scope and deliverables - Review RFP responses and prepare Technical and Commercial comparison for finance team to select SI Partner for Project Implementation - Manage Project Charter, Weekly and Monthly Update, RAID Logs and Manage phase wise deliverables of Project - Complete the Infrastructure Design, Implementation and Testing of Implemented environment with InfoSec, Infrastructure, Compliance, HR and Business Line to ensure their engagement during different phase of Testing and deployment - Secure UAT testing sign-off from all Business Line, Infrastructure, InfoSec and Compliance team to proceed with on-boarding of Users - Prepare the batch of Users, Admins, Service Accounts and application for on-boarding - Conduct Training with Service Desk and Operation Team for smooth operation, draft User and Admin Guides and Secure Approval from Stakeholder for on-boarding - Complete on-boarding of Admin Accounts, Service Accounts, Users and Application to IGA and PAM. - Conduct Project Closure and Benefit realization.
- Identity & Access Management, Privileged Access Management Strategy, Planning and Roadmap - IAM & PAM Compliance and Governance Management - Toxic Access Management, SODs- Discovery, Assessment, Planning and Remediation - Identity lifecycle Management (JML), Approval Workflows and Application Integration - IAM and PAM administration, operational support, service delivery and product Management - Analyzing Cyber Threat Intelligence to identity potential threats related with authentication and authorization on underline Infrastructure and provide suitable defense to protect organization’s users, infrastructure, and data from emerging security threats. -SOC Manager for regional clients which includes Security Incidents and Events, Threat & Vulnerability Management, DLP and Phishing campaigns - Evaluating daily vulnerabilities based on threat intel and internal scans, perform analysis, providing risk rating and track the remediation based on zero-day action plan for effectiveness and compliance reporting. - Managing RFP responses lifecycle as solution Architect to define scope, approach and effort estimation for Identity & Access Management, Application Security, Infrastructure Security, Data Security and security operation. - Manage target phishing campaign for user audience, collect and analyze response data and plan customize training based on user and management responses. - Tools - SailPoint, Saviynt, Cyber Ark, Azure Sentinel, Nessus.
- Security Operation Manager for FSI clients, where managing 24x7 security operation includes Security Incidents Management, SOP Management, Use Case review and creation, Log Source Management, Data ingestion, License utilization, Threat & Vulnerabilities Management, Threat Hunting, DLP & Phishing. - Manage daily standup with stakeholders to understand open incidents, risks and issues, major incidents & Threat Advisory briefing received from different sources. - Manage weekly reporting and monthly stakeholder meeting while reporting KPIs on SLA, MTTD & MTTR. - Report status of Change Requests planned and SOAR automation to manage false positive incidents. - Manage security incidents lifecycle which includes preparation, detection and Analysis, containment, eradication, recovery and post incident analysis - Manage Identity & Access Management, Privileged Access Management related service delivery - IAM & PAM compliance & Governance Management - Toxic Access Management- Discovery, Strategy, Implementation and Remediation - IAM and PAM administration, operational support, service delivery and product support - Tools - Sail Point, Cyber Ark, Azure Sentinel, Nessus
- Project initiation, planning, Design, Development and deployment, scope, Budget and Timeline Risk Management (Review, Impact, categorization and response) - Project Artifacts, Stakeholder management - Identity & Access compliance management - Identity Governance Management - Privilege Identity Management, privileged accounts, passwords vaults, session login, session recording - SODs, Toxic Access, Risk Modeling - SailPoint