Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Timeline
Generic

Akash Atithyan

Bangalore

Summary

Accomplished cybersecurity leader with a proven track record at Fidelity Investments, enhancing technology risk management through AI Risk Assessment and effective Privileged Access Management.

Expert in deploying Azure solutions and fostering cross-functional collaboration, significantly mitigating cyber threats and ensuring compliance with industry standards.

Years of Experience : 8

Current Organization : Fidelity Investments

Designation : Manager , Technology Risk

Overview

8
8
years of professional experience
1
1
Certification

Work History

Manager - Technology Risk - Cybersecurity

Fidelity Investments
02.2024 - Current
  • In this position, I execute targeted risk assessments / quick hit reviews across business units and report out on key issues impacting Enterprise from a technology perspective in helping organizations identify, assess, and manage risks associated with technology and information systems to protect against potential threats and safeguard the organization's assets, reputation and resilience
  • Ensured the operational effectiveness of IT General Controls (ITGC) across the organization, focusing on areas such as user access management, change management, incident management, and data security.
  • Implemented and monitored SOC 1 controls to support clients' financial audits and reporting, ensuring internal controls over financial data processing met SOC 1 Type 1 and SOC 1 Type 2 requirements.
  • Conducted regular reviews of system access controls, ensuring compliance with SOC 1 standards, and mitigating risks related to unauthorized access to financial reporting systems.
  • Oversaw the identification and management of AI-related risks, including risks from algorithmic bias, data leakage, and adversarial attacks in AI-driven systems.
  • Supported the implementation of AI governance and compliance programs, ensuring AI systems were designed, deployed, and monitored in compliance with internal standards and regulations.
  • Managed AI model audits to ensure that the organization's AI systems adhered to ethical guidelines and regulatory requirements, such as the EU AI Act and GDPR.
  • Worked cross-functionally with legal, IT, and data science teams to ensure effective risk mitigation strategies were in place for AI projects, focusing on data privacy, security, and model explainability.
  • Oversaw change management processes to ensure that all modifications to critical financial reporting systems were properly authorized, tested, and documented.
  • Collaborated with auditors to facilitate smooth SOC 1 audit processes, providing evidence and documentation to support compliance with control objectives related to financial reporting.
  • Ensure compliance with relevant laws, regulations, standards, and internal policies governing technology risk management, such as GDPR, HIPAA, PCI DSS, ISO 27001, and the NIST Cybersecurity Framework.
  • Cloud Security: Cloud Risk Assessment to help organizations make informed decisions about adopting and using cloud services, while effectively managing and mitigating associated risks, and readiness reviews for applications and workloads migrating to the public cloud: Azure and AWS.

Assistant Vice President

Wells Fargo
07.2020 - 02.2024
  • Security Operations Centre: Information Security (Investigation and Remediation of suspicious activities) Threat Analysis
  • Triage along with understanding on cyber kill chain, MITRE framework and NIST framework
  • Configure, maintain, and optimize security tools and technologies used within the SOC, including SIEM platforms, EDR solutions, Sandboxing solutions and threat intelligence platforms, and security orchestration, automation, and response (SOAR) systems
  • Ensure that security systems are properly tuned and calibrated to detect and respond to security threats effectively
  • Lead in computer security incident response activities for complex events
  • Lead and implement information security initiatives for the group
  • Help in technical investigations for T-1 and T-2 Team
  • Work on SIEM, EDR and SOAR solutions
  • Participate in training sessions, tabletop exercises, and knowledge sharing activities to enhance technical skills and expertise in security operations
  • Threat Hunting: Proactively search for signs of advanced threats and persistent adversaries within the organization's network and endpoints
  • Utilize threat intelligence, data analytics to identify hidden or threats that may evade traditional security controls
  • Conduct forensic analysis of security incidents to determine the root cause, scope, and impact of security breaches
  • Collect and preserve digital evidence, such as logs, artifacts, and memory dumps
  • Tools used: Azure, Google Cloud, Splunk, XSOAR, Servicenow

Systems Engineer

Tata Consultancy Services (TCS)
09.2018 - 07.2020
  • Privileged Access Management : Client: Shell Oil Company.
  • Reducing the risk of insider threats, external attacks, and data breaches by effectively managing and securing privileged access within an organization's IT environment.
  • Policy Development and Implementation: Develop, document, and implement PAM policies, procedures, and standards aligned with industry best practices and regulatory requirements
  • Define rules for granting, revoking, and monitoring privileged access to critical systems and resources.
  • Implement controls to prevent privilege escalation, such as restricting administrative access to authorized personnel only, implementing role-based access controls (RBAC), and regularly auditing privileged access rights.
  • Integrate PAM solutions with IAM systems and directories to centralize user authentication, authorization, and provisioning processes.
  • Implement single sign-on (SSO) and federated identity solutions to streamline access to privileged resources

Assistant Systems Engineer

Hewlett Packard Enterprise (HPE)
02.2017 - 09.2018
  • Identity and Access Management, Client: Shell Oil Company
  • Access Provisioning: Process access requests from users or administrators, ensuring that requests are properly authorized and documented
  • This involves provisioning user accounts, assigning appropriate permissions, and configuring access controls according to established policies and procedures
  • Utilize access management tools and technologies to streamline access provisioning, automate access request workflows, and enhance access control capabilities
  • Administer access management systems, directories, and identity management platforms effectively

Education

Bachelor of Engineering - Computer Science

Anna University
Chennai, India

Skills

  • Develop and tune Splunk alerting rules
  • Assessment of AI Risks
  • LLM (Large Language Model) Risk Assessment
  • Incident response management
  • Risk management
  • Jenkins Core , Udeploy
  • Azure Sentinel
  • Azure Defender
  • Azure Monitor
  • Privileged Access Management
  • Identity and Access Management
  • Technology and Application Risk Assessments
  • Cloud Alerts Monitoring and Remediation
  • CyberArk Vaulting
  • Threat hunting
  • Agile development methodologies

Certification

  • Certified in Cybersecurity, ISC2, #1514637
  • Azure Security Technologies, Microsoft, #0F9R1ADE253E
  • Azure Fundamentals, Microsoft, #C617KFC615A6
  • Cyber Ark Trustee, Cyber Ark, #368971
  • Azure Administrator Associate, Microsoft, (AZ-104)
  • Splunk Core Certified Power User, Splunk
  • Splunk Core Certified Advanced Power User, Splunk
  • Azure Artificial Intelligence, Microsoft, #50A2CR75E59C
  • Azure Security Operations Analyst Associate, Microsoft, SC 200
  • Cloud Digital Leader, Google
  • ITIL 4 - IT Service Management, AXELOS, #GR671034440SA

Accomplishments

Wells Fargo Champion

Wells Fargo Annual Champion Award along with a Promotion

Wells Fargo - People Recognition Award

Migrating services to the cloud resulting in cost savings compared to traditional on premises deployments

DEF CON

Participated in DEF CON capture the FLAG competition

CyberRisk Awards (Cybersecurity & Risk Management)

Received at Wells Fargo when demonstrated leadership and innovation in cybersecurity risk

management, emphasizing compliance, threat identification, and vulnerability management.

Timeline

Manager - Technology Risk - Cybersecurity

Fidelity Investments
02.2024 - Current

Assistant Vice President

Wells Fargo
07.2020 - 02.2024

Systems Engineer

Tata Consultancy Services (TCS)
09.2018 - 07.2020

Assistant Systems Engineer

Hewlett Packard Enterprise (HPE)
02.2017 - 09.2018

Bachelor of Engineering - Computer Science

Anna University

Similar Profiles

  • MICHAEL O'BRIEN

    MICHAEL O'BRIENMICHAEL O'BRIEN

    FIDELITY CLIENT SERVICES REPRESENTATIVE at Fidelity Investments - Fidelity Institutional (Fidelity Advisor Funds)FIDELITY CLIENT SERVICES REPRESENTATIVE at Fidelity Investments - Fidelity Institutional (Fidelity Advisor Funds)

  • Dee Jones

    Dee JonesDee Jones

    Workplace Planning Consultant II at Fidelity InvestmentsWorkplace Planning Consultant II at Fidelity Investments

  • Randolph Roark II

    Randolph Roark IIRandolph Roark II

    Workplace Planning Consultant at Fidelity InvestmentsWorkplace Planning Consultant at Fidelity Investments

  • Arturo Castillo

    Arturo CastilloArturo Castillo

    Workplace Planning Associate at Fidelity InvestmentsWorkplace Planning Associate at Fidelity Investments

  • Tania Khandakar

    Tania KhandakarTania Khandakar

    GIS Consultant at Wipro LTDGIS Consultant at Wipro LTD

CREATE PROFILE
Akash Atithyan