Summary
Overview
Work History
Education
Skills
Certification
Affiliations
Timeline
Generic
KASIANANTHAN CHINNIAH

KASIANANTHAN CHINNIAH

Director Cyber Security Governance
Chennai

Summary

A seasoned cybersecurity leader with over 17 years of proven expertise in driving robust security initiatives across multinational organizations, including serving as Director of Cyber Security Governance at AstraZeneca. Specializes in Governance, Risk Management, and Compliance (GRC) with in-depth knowledge of global frameworks such as ISO 27001, SOC 2, NIST 800-53, and Cloud Security standards. Demonstrates a strong track record in leading global teams, managing third-party risks, conducting security architecture reviews, and implementing scalable cybersecurity strategies. Known for fostering innovation through advanced security assessments, risk management practices, and automation solutions to strengthen enterprise security. Committed to delivering business-focused cybersecurity solutions through continuous learning, strategic leadership, and cross-functional collaboration.

Overview

17
17
years of professional experience
6
6
years of post-secondary education
6
6
Certifications
2
2
Languages

Work History

Director Cyber Security Governance

AstraZeneca India Private Limited
Chennai
12.2024 - Current
  • Led global cyber security governance team, overseeing IT security Assessments, Mergers & Acquisitions Assessments, and 3rd Party Incident Governance
  • Collaborated with stakeholders to implement security practices and provided awareness sessions to global business technology groups.
  • Developed value-driven cyber metrics for leadership team, driving a culture of security awareness and compliance

Associate Director Cyber Security Governance

AstraZeneca India Private Limited
Chennai
12.2022 - 11.2024
  • Led a global Cyber Security Governance team of 11 professionals across Mexico, the US, and India, establishing a unified mission, vision, and strategy for effective governance.
  • Directed Cyber Security Architecture reviews, IT Security Assessments, and Third-Party Supplier Assurance programs, ensuring compliance with global standards.
  • Optimized workforce utilization, set clear goals, and aligned team objectives with organizational priorities for maximum efficiency.
  • Managed budgets and resources effectively, balancing cost efficiency with strategic objectives.
  • Mentored and developed team members, fostering professional growth and enhancing overall capabilities.
  • Spearheaded automation and process improvements, increasing operational efficiency and reducing costs.
  • Established metrics to quantify the impact of security initiatives, enhancing stakeholder confidence and demonstrating measurable value.
  • Committed to continuous learning and fostering a culture of excellence in cybersecurity practices.

Senior Manager Cybersecurity Governance

AstraZeneca India Private Limited
Chennai
09.2018 - 12.2022
  • Despite facing a surge in demand for security assessments by over 300%, successfully ensured 96% of assessments complied with service level agreements (SLAs).
  • Streamlined the security assessment questionnaire process through automation, resulting in an annual savings of 300 person-hours.
  • Conducted comprehensive security assessments for new systems, solutions, vendors/suppliers, and cloud solutions, ensuring robust security measures.
  • Managed and mitigated risks effectively, developed and implemented risk treatment plans, and ensured follow-up until closure.
  • Prioritized security assessments by closely monitoring Operational Level Agreements (OLAs) and SLAs, ensuring timely and efficient processing.
  • Led and mentored the Cyber Governance team based in Chennai, fostering a collaborative and skilled working environment.
  • Provided expert ad-hoc security consultations and conducted security awareness training to enhance organizational security culture.
  • Compiled and presented weekly and monthly security metrics to senior management teams, offering insights and progress updates on security initiatives.

Lead Analyst Application Security

BA Continuum India Private Limited
Chennai
05.2017 - 08.2018
  • Secured a "Satisfactory" rating in the 2017-18 corporate audit, demonstrating compliance and effective security practices.
  • Spearheaded the automation of 400 Technical Recovery Plans reviews, employing Python-based NLP automation to enhance efficiency and accuracy.
  • Devised a comprehensive plan for conducting security assessments across all critical applications, ensuring thorough coverage and risk management.
  • Played a crucial role in identifying, assessing, and managing risks emerging from security assessments, bolstering organizational security posture.
  • Conducted in-depth reviews of 1,200 Technical Recovery Plans, focusing on format compliance, mandatory information inclusion, and risk identification.
  • Actively participated as an auditee in both internal and external audits, facilitating transparent and effective audit processes.
  • Regularly provided senior management with detailed metrics, highlighting key security insights and progress towards security objectives.
  • Led periodic security awareness training sessions, contributing to the development of a security-conscious culture within the organization.

IT Operations Lead Infrastructure Security

Ford Motor Private Limited
Chennai
09.2012 - 05.2017
  • Directed IT General Controls audit at the Thailand manufacturing plant, uncovering over 45 significant control deficiencies, emphasizing the need for enhanced security measures.
  • Conducted thorough security assessments for all new and existing infrastructure and applications against documented controls, ensuring comprehensive coverage.
  • Played a key role in identifying, assessing, and managing security risks, while also proposing actionable risk treatment plans to mitigate identified vulnerabilities.
  • Actively participated in regional and global governance meetings, where I conducted risk assessments on identified risks, contributing to a strengthened security posture.
  • Led on-site audits for supplier Offshore Development Centers (ODC) and IT audits, pinpointing risks and outlining treatment plans for effective risk management.
  • Executed Sarbanes-Oxley (SOX) Section 404 inspections and meticulously maintained binders for audit readiness and compliance.
  • Offered security consultations and conducted security awareness training sessions to promote a culture of security mindfulness within the organization.
  • Regularly compiled and delivered weekly and monthly security metrics to the senior management team, providing insights into the security landscape and progress towards security objectives.
  • Reviewed and evaluated existing standards and processes, recommending improvements to align with best practices and enhance security frameworks.
  • Provided support for both internal and external IT audits, facilitating a transparent and compliant audit process.

IT Operations Analyst HIPAA Compliance Officer

Accenture Services
Chennai
02.2011 - 09.2012
  • Attained a remarkable 99% compliance rate in controls as determined by the external audit firm KPMG, leading to Accenture ranking as the top provider among all healthcare vendors for the first time.
  • Oversaw the security compliance for major health insurance client Offshore Development Centers (ODCs) in Chennai and Bangalore, ensuring stringent security measures.
  • Successfully implemented over 260 control requirements demanded by health insurance clients within a challenging six-month period, demonstrating exceptional project management and compliance skills.
  • Proactively monitored compliance levels, providing senior management with detailed weekly and monthly reports on compliance status, fostering transparency and accountability.
  • Took a leading role in the preparation and review of existing security policies, standards, and processes, ensuring they meet the highest industry standards and compliance requirements.
  • Served as auditee role during both internal and external audits, effectively collaborating with auditors to demonstrate compliance and address any findings.

Asst Systems Engineer PCI DSS Compliance Officer

TATA Consultancy Services
Chennai
08.2009 - 02.2011
  • Secured "Satisfactory" rating in PCI DSS audit performed by external audit firm Protiviti, demonstrating compliance with industry security standards.
  • Skilled in configuring, monitoring, and troubleshooting a range of cybersecurity tools, including Tripwire, IBM Internet Security Services, IBM Tivoli Compliance Manager, and Net Boundary, ensuring robust security measures are in place.
  • Conducted thorough investigations and compiled detailed security incident reports, contributing to swift resolution of security breaches.
  • Routinely performed vulnerability scans to identify and address potential security threats, maintaining strong defense against cyber attacks.
  • Managed access controls, including creation, revocation, and periodic review of user access and permissions, to ensure secure and appropriate access to systems.
  • Conducted reviews of firewall rules and network device configurations, ensuring optimal security configurations and compliance with security policies.
  • Fulfilled auditee role in both external and internal audits, demonstrating compliance and engaging cooperatively with audit processes.
  • Delivered security awareness training to staff, enhancing organisation's security culture and empowering employees with knowledge to recognise and prevent security threats.

Asst Systems Engineer Network Administrator

TATA Consultancy Services
Mumbai
11.2007 - 08.2009
  • Spearheaded the Global IOS Upgrade Program, flawlessly executing upgrades across 1000+ devices without any operational disruptions.
  • Demonstrated expertise in configuring, monitoring, and troubleshooting Layer 2 and 3 network devices, ensuring network stability and efficiency.
  • Developed comprehensive network architecture diagrams for a global network encompassing over 3000 network devices, providing clear visualizations of network structures.
  • Created detailed incident communication plan templates, facilitating effective communication during network incidents.
  • Engaged in strategic collaborations with leading network service vendors, including Verizon, Sprint, Cable & Wireless, and AT&T, to ensure top-tier network service and support.
  • Served as the Risk Manager for the Global IOS Upgrade Program, effectively identifying and mitigating potential risks to ensure a smooth and successful upgrade process.
  • Conducted thorough reviews of past network incidents, leading to the development of targeted Service Improvement Plans to prevent future occurrences.
  • Proficient in utilizing a variety of network management and security tools, including CiscoWorks, RSA SecurID, Syslog, F5 Load Balancer, and NetQoS, to maintain optimal network performance and security.

Education

Post-Graduate Diploma in Management -

Great Lakes Institute of Management
Chennai
07.2024 - Current

MBA - Technology Management

Anna University
Chennai
06.2023 - Current

Bachelor of Engineering - Electronics And Communications Engineering

Hindusthan College of Engineering And Technology
Coimbatore, India
06.2003 - 04.2007

Skills

Cloud Security

Certification

Certified Ethical Hacker (CEH)

Affiliations

  • ISC2 since 2019 - www.isc2.org
  • ISACA since 2012 - www.isaca.org
  • EC Council since 2010 - www.eccouncil.org

Timeline

Director Cyber Security Governance

AstraZeneca India Private Limited
12.2024 - Current

Post-Graduate Diploma in Management -

Great Lakes Institute of Management
07.2024 - Current

MBA - Technology Management

Anna University
06.2023 - Current

Associate Director Cyber Security Governance

AstraZeneca India Private Limited
12.2022 - 11.2024

Senior Manager Cybersecurity Governance

AstraZeneca India Private Limited
09.2018 - 12.2022

Lead Analyst Application Security

BA Continuum India Private Limited
05.2017 - 08.2018

IT Operations Lead Infrastructure Security

Ford Motor Private Limited
09.2012 - 05.2017

IT Operations Analyst HIPAA Compliance Officer

Accenture Services
02.2011 - 09.2012

Asst Systems Engineer PCI DSS Compliance Officer

TATA Consultancy Services
08.2009 - 02.2011

Asst Systems Engineer Network Administrator

TATA Consultancy Services
11.2007 - 08.2009

Bachelor of Engineering - Electronics And Communications Engineering

Hindusthan College of Engineering And Technology
06.2003 - 04.2007
Certified Ethical Hacker (CEH)
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control
(CRISC)
Certified Information Systems Security Professional
(CISSP)

Similar Profiles

  • Tanya Ruby

    Tanya RubyTanya Ruby

    Sr. Manager-Legal Counsel at AstraZeneca India Private LimitedSr. Manager-Legal Counsel at AstraZeneca India Private Limited

    View Profile
  • Subash Arumugam

    Subash ArumugamSubash Arumugam

    Senior Consultant - Tech BA at Astrazeneca India Private Limited - Operations IT QC & PTDSenior Consultant - Tech BA at Astrazeneca India Private Limited - Operations IT QC & PTD

    View Profile
  • Sathish Raj Kamaraj

    Sathish Raj KamarajSathish Raj Kamaraj

    Senior Change Manager at TekSystems India Private LimitedSenior Change Manager at TekSystems India Private Limited

    View Profile
KASIANANTHAN CHINNIAHDirector Cyber Security Governance