VIJAY THAVASI MUTHU

Governance, Risk and Compliance

• Developed and implemented GRC deliverables tailored to the unique needs of diverse businesses across different regions, ensuring alignment with corporate governance frameworks.
• Implemented ISO 27001 Information Security Management System across Rakuten Symphony entities at Dubai, Germany, USA, Japan, Singapore and India.
• Implemented ISO 27701 privacy standards for Rakuten India and Rakuten Symphony entities.
• Secured SOC 2 Type II attestation for Rakuten India's SaaS products
• Ensured PCI-DSS compliance for Rakuten Card and E-commerce divisions spread across Japan, Signapore, USA and Europe.
• Developed Business Continuity for technology and pandemic scenarios for numerous Business Units at Rakuten India and Rakuten Symphony India.
• Collaborated with CTOs and CIOs to provide risk assessments, threat analysis, and strategic recommendations through detailed reports and KPIs.

Strategic Leadership

• Led strategic information security and privacy programme integration across business
• Created comprehensive cyber security strategy for Rakuten India and Rakuten Symphony India
• Managed an information security budget of $20 million, optimizing resource allocation to enhance security measures and reduce attack surface and vulnerabilities.
• Developed Information Security Objectives with IT Security Risks and mitigation strategies
• Established enterprise-wide cyber threat intelligence capability

Information Security Program Management

• Implemented and oversaw enterprise-wide information security and IT risk management programme
• Successfully implemented information security programs such as Shadow IT Management, CASB (DLP), Data Loss Detection (DLD), Third Party Risk Management, Data Privacy program

Cyber Security Defense Department

• Providing leadership and direction within Cyber Security Defense Department consisting of Security Operations Center (SOC), Threat Intelligence, Threat Hunting and Application Security team
• Managing SOC team consisting of L1, L2, L3 Analysts, Tech Lead and SOC manager (SIEM - Microsoft Sentinel)
• Collaborated with internal and external stakeholders to lead global Vulnerability Management processes

• Managed large Incident Response Center (IRC) team
• Developed Incident Response plan to deal with the Data Breach incident
• Monitored security vulnerabilities and hacking threats within WLT's estate
• Monitor intelligence sources to identify potential threats/compromises
• Managed Cyber Threat Intelligence team
• Conducted risk assessment, security audits
• Identified issues, risks, opportunities and improvement of policies, processes, procedures and standards
• Co-ordinated with client Information Security teams, compliance teams, auditing teams, and regulators

• Managed security with IT to provide technology oversight
• Managed team of Architects
• Engineered, implemented and monitored security measures
• Peer reviewed computer security architecture and cyber security designs
• Wrote comprehensive reports
• Successfully introduced cloud-security approach/benefits to C-suite management

• Reported to the Team Manager as individual contributor for implementing/monitoring/supporting security devices and applications for the network
• Deployed, configured and supported VPN connections
• Planned, configured, established and supported VPN tunnels
• Resolved all network security related issues

• Reported to the Team Manager as individual contributor as well as in the role of Project Lead
• Collaborated with Connectivity Leader in UK
• Deployed/configured VLANs
• Deployed/supported site-to-site VPNs