Muthuramalingam Subramanian
Senior Manager (Information Security)
Jurong East
Summary
• Over 22 years of professional experience in Corporate, Enterprise Banking, Healthcare & Life Sciences, and Financial Networking environments.
• Expertise in Corporate Security, including roles such as Senior Business Information Security Officer.
• Proficient in IT Security Governance, Compliance, Deal Risk Review, MSA Review, Risk Management, Cyber Threat Module, Third-Party Risk Management, Data Security,
• Threat and Vulnerability Management, Data Privacy Assessment, IT Auditing (ISO,SOC), Policy and Controls Management, GRC Tools, Cyber Threat Module, Incident Response, and Gap Analysis.
• Leadership experience in directing project teams, aligning with project missions and goals, and managing resource requirements.
• Experience across various sectors: Manufacturing, Logistics, Energy, and Utilities (MLEU), Banking, Financial Services, Mutual Funds, Healthcare & Life Sciences, Telecommunication, Retail Consumer, Travel, and Insurance.
• Highly goal-oriented, self-motivated, and committed to excellence with strong attention to detail.
• Skilled in planning and implementing Third-Party Risk Management and experienced in all project phases from requirement gathering to post-implementation support, including
Security Standards, Controls, Data Privacy, IT Auditing, Incident Management, Governance, and Risk Controls
• Professional business leader prepared for challenges of Senior Manager role. Combines deep understanding of business operations with commitment to driving team success and achieving significant results. Renowned for adaptability in dynamic environments and collaborative approach to problem-solving, leveraging keen analytical and decision-making skills.
• Developed leadership and strategic planning skills in fast-paced corporate environment. Demonstrates expertise in project management and team development, with focus on delivering results and optimizing performance. Looking to transition into new field, bringing wealth of transferable skills and commitment to continuous improvement.
Overview
22
22
years of professional experience
Work History
Senior Manager
Cognizant Technologies Solutions
11.2012 - Current
- Established strong relationships with clients and stakeholders, ensuring long-term partnerships and repeat business.
- Implemented and developed operational standards, policies and procedures.
- Held monthly meetings to create business plans and workshops to drive successful business.
- Provided strong leadership to enhance team productivity and morale.
- Led cross-functional teams to achieve project milestones and deliver high-quality results.
- Improved team performance by providing comprehensive training and fostering a collaborative work environment.
- Risk Management & Project Management, Governance Risk & Compliance Solution approach, design, review for customer requirements and IT Auditing.
- Performing Deal risk review, MSA contract review, RFP Security Questionnaire, Threat intelligence-based process, policy requirements and the business-critical risk assessment approach.
- Assessing and mitigating AI-related risks, including data privacy issues, security breaches, and unintended biases. Additionally, the position acts as a Centre of excellence and provides support to the Business Unit (BU) on Ai cohort initiatives, ensuring compliance with data protection laws, implementing risk management frameworks, and conducting regular audits.
- GRC Solution Assessment – risk assessments, review the team members critical tasks, gap analysis findings and providing the recommendations for continuous improvement
- Facilitate Process and Policy documentations and approve for the same.
- Manage security and compliance risks in service delivery for key verticals and communicate with Business teams to understand all critical security requirements and risk scenarios.
- Engage in Risk Management program for the key accounts: define control framework identify and evaluate risks understand business context and prepare reports and recommendations.
- Coordinate with Incident management team during incidents and support investigation of security breaches.
- Perform annual Security Risk assessments and conduct related ongoing compliance monitoring activities in coordination with Privacy Officer and Legal Team members.
- Support service delivery in preparation for client audits or industry specific certification and compliance programs, such as ISO27K, SSAE16/ISAE3402 (SOC 1 and SOC 2) and PCI DSS.
- Assess, prepare and ensure all IT systems, policies and procedures fully comply with Cognizant ISO 27001 SoA, security laws, rules and regulations.
- Engage with different stakeholders: external auditors, customer auditors, business teams and corporate teams, such as HR, legal, IT, etc.
- Conduct reviews to assess the service delivery control environment and evaluate adherence to client identified contractual requirements, Cognizant policies and standards.
- Review & approve the IT security risk exceptions, risk treatments, mitigation requests received from solutions architects.
- Creating the process guidelines, SOP documentation and facilitate the team on how to perform business / mission critical high value assets assessments and show the significant improvements as defined in the project deliverables.
- Review the threat model & threat intelligence-based risk assessment on high value business critical assets.
- Facilitate the team on threat model risk-based assessments, external and internal threat landscapes on business critical and general assessments
- Cyber Threat Module and member of Information Risk Assessment Advisory Board (IRAB)
- Review team performance on third party assessments and evaluate the security controls on critical and high severity findings.
- Review various assessments results, Risk Treatment Plans (RTP), Management review process, Internal Audit process to generate IS metrics & presenting to leadership.
Information Security Architect
VI Systems Inc
08.2010 - 11.2012
- Developed comprehensive project plans with clearly defined milestones, enabling accurate progress tracking and driving success.
- Resolved complex challenges with creative problem-solving techniques, consistently meeting client requirements despite tight deadlines or limited resources.
- Led cross-functional teams for successful delivery of high-quality products on time and within budget.
- Conducted regular project status reviews to monitor progress against objectives while identifying areas for improvement or course correction as needed.
- Vulnerability assessments and technical security assessments on daily basis and do the remediation process.
- Server, Firewall, Compliance, application and network security hardening like design, recommend and implement security hardening technical Controls
- Maintain an appropriate relationship with customers, Vendors and make sure that the project results are comprehensible to the organization.
- Drive technical and personnel resources to ensure project results conform to quality, time and budgetary stipulations
- Leading Threat and Vulnerability Management team and conduct the Vulnerabilities on daily basis for various applications and remediation process.
- Supporting Information Security Operation Center for monitoring SIEM alerts, ESM Alerts, Reverse engineering malware analysis.
- Supporting IT security Process team for fine tuning the process as per the different industry regulations.
- Delivered strong cybersecurity defense by creating custom intrusion detection systems tailored to specific environments.
- Collaborated with cross-functional teams for seamless integration of security protocols into existing infrastructure.
Senior Information Security Engineer
3i Infotech
04.2007 - 08.2010
- Enhanced employee awareness of information security best practices through regular training sessions and workshops.
- Conducted regular risk assessments to identify areas of vulnerability and recommend appropriate mitigation strategies.
- Infrastructure Team, Network, Policy, IT Auditing and Security Engineering Team.
- Serving a growing base of over multiple clients and internal clients in various Geography.
- IT Auditing, Policy CA, Information security awareness, SIEM and Firewall
- Implementation, Migration, VPN tunnels.
- Implemented Net screen firewall Juniper firewall and migration and implemented and auditing
- ISMS policies as per the ISO standard. Data loss prevention implemented.
- Reviewing Arcsight Logs and do the remediation. Responsibilities:
- Created a governed security program with enforced policies and procedures
- Implemented the Site to Site & Site to Client VPN infrastructure.
- Deployed IPSec PKI VPN component for secure communication across the various geography branch offices and client locations over WiFi, VPN tunnel Network.
- Performs periodic network penetration tests
- Penetration testing environment, supporting for web application security, vulnerability assessments (Qualsys), IT security auditing, Policy and compliance.
- Designed and deployed an IT infrastructure for new branch saving $17,0000
- Analyzing VDI (Quest tool) assessment and coordinate with appropriate teams.
- Centralized VoIP service to entire office and for remote locations and store fronts saving $22,0000 / yr
- Technical documentation for security requirements and information into effective presentations for non-technical users and future references.
Senior Network Security Engineer
Office Tiger Database Systems (RR Donnely)
11.2006 - 03.2007
- Optimized security configurations for routers, switches, and firewalls to improve overall system performance.
- Increased network visibility by deploying advanced monitoring tools and analyzing traffic patterns for potential threats.
- Managed vendor relationships, evaluating new technologies to enhance the organization''s security posture continually.
- Established secure remote connectivity options for employees, enabling secure access while working remotely or traveling abroad.
- Conducted risk assessment, penetration testing, threat mitigation & gap analysis
- Managing network and host intrusion prevention system (HIPS) & content filter
- Firewall Log monitoring.
Technical Support Executive - IT Operations
Interpro
11.2005 - 10.2006
- Delivered exceptional technical assistance through both phone and email channels while maintaining professionalism at all times.
- Managed a high volume of tickets in the helpdesk system, consistently meeting or exceeding response time targets.
- Enhanced customer satisfaction by efficiently resolving technical issues and providing exceptional support.
- Streamlined troubleshooting processes for faster resolution times, improving overall productivity.
- Administration of Kerio based mail server hosted at remote data center for all Location operation users.
- Administration of Windows 2003 Exchange based mail server hosted at Singapore data center for all other location users.
- Configuring Forti gate 300 firewalls with policies and blocking of URL’s and ports.
- Responsible for monitoring & configuring of WAN links configured in CISCO Routers.
Technical Executive – ITS Operation and Security
Insignia Infotech
07.2003 - 10.2005
- Established clear lines of accountability among team members for project success.
- Mitigated potential risks by proactively addressing potential obstacles before they could impact project timelines.
- Analyzed data trends to identify areas for improvement, developing targeted strategies for growth.
- Provided exceptional customer support, resolving complex technical issues in a timely manner.
- Maintained and providing support for entire IT infrastructure.
Education
Diploma in Computer Technology - Computer Technology
Christian Polytechnic
04.2001 -
Bachelor of Computer Applications - Computer And Information Systems Security
Madurai Kamaraj University
Chennai, India 04.2001 -
Skills
Certified Data Privacy Solutions Engineer (CDPSE)
Timeline
Senior Manager
Cognizant Technologies Solutions
11.2012 - Current
Information Security Architect
VI Systems Inc
08.2010 - 11.2012
Senior Information Security Engineer
3i Infotech
04.2007 - 08.2010
Senior Network Security Engineer
Office Tiger Database Systems (RR Donnely)
11.2006 - 03.2007
Technical Support Executive - IT Operations
Interpro
11.2005 - 10.2006
Technical Executive – ITS Operation and Security
Insignia Infotech
07.2003 - 10.2005
Diploma in Computer Technology - Computer Technology
Christian Polytechnic
04.2001 -
Bachelor of Computer Applications - Computer And Information Systems Security
Madurai Kamaraj University
04.2001 -
Similar Profiles
Prathyusha DamarlaPrathyusha Damarla
Associate at Cognizant Technologies SolutionsAssociate at Cognizant Technologies Solutions
MANISH KUMAR SINGHMANISH KUMAR SINGH
Associate Project at Cognizant Technologies SolutionsAssociate Project at Cognizant Technologies Solutions
Monika Seles JesuMonika Seles Jesu
Data Migration Specialist at Cognizant Technologies SolutionsData Migration Specialist at Cognizant Technologies Solutions
Mrinmayi JoshiMrinmayi Joshi
Senior Consultant at Cognizant Technologies SolutionsSenior Consultant at Cognizant Technologies Solutions
Low Li LoonLow Li Loon
System Engineer at ST EngineeringSystem Engineer at ST Engineering