Summary
Overview
Work History
Education
Skills
Timeline
Accomplishments
Certifications
Vimalaasree Anandhan

Vimalaasree Anandhan

Chennai,TN

Summary

Cybersecurity Leader with nearly 20 years of experience in application and cloud security, and DevSecOps. Managing security operations, governance, risk management, and compliance at Poshmark India, integrating security with business strategy to drive organizational success. Actively involved in ISACA, (ISC)², and WiCyS, serving as President of the NexGen CyberWomen community to empower women in cybersecurity. Regularly delivers keynote speeches and guest lectures on cybersecurity topics at prominent conferences and meetups.

Overview

20
20
years of professional experience

Work History

Head of Security

Poshmark India
09.2023 - Current
  • Leads a team of 10+ cybersecurity professionals across Governance, Risk Management, and Compliance (GRC), Product Security, Infrastructure Security, and Security Operations, achieving a 25% improvement in performance metrics and strategic goal attainment.
  • Develops and implements comprehensive strategies to safeguard digital assets, achieving 100% compliance with PCI DSS and industry standards and optimizing security processes, resulting in a 30% reduction in security incidents.
  • Drives new security projects and performs security and architecture reviews for 15+ new product initiatives, enhancing protection from inception and achieving a 40% increase in threat detection effectiveness.
  • Oversees incident response and recovery for 50+ incidents annually, and directs hiring and recruitment efforts to build a robust cybersecurity team, increasing team size by 30% in two years.
  • Publishes monthly newsletters and conducts quarterly security training sessions, educating over 1,000 employees and enhancing the organization's security culture by 40%.
  • Established 20+ measures, metrics, thresholds, and targets to drive performance in alignment with security and business strategies, resulting in a 35% increase in operational efficiency.
  • Resolved problems, improved operations and provided exceptional service

Senior Manager - DevSecOps & Cloud Security

Ernest &Young
03.2022 - 09.2023
  • Leading global DevSecOps and software security efforts, including go-to-market activities, deal management, solutioning, resourcing, strategy and roadmap development, utilization, revenue recognition, and client presentations
  • Managing DevSecOps pipeline security tool initiatives, including creating templates and utilizing orchestration tools such as Jenkins, AWS Codestar, and GitLab
  • Serving as a cloud security ambassador for NGSOR team
  • Managing PT projects for a banking client with a team of 25 testers, QA leads, technical managers, and PMO, delivering successful outcomes.
  • Executed appropriate staffing and budgetary plans to align with business forecasts
  • Managed large-scale projects and introduced new systems, tools, and processes to achieve challenging objectives

Deputy General Manager - Security Projects Engineering

Tata Communications Limited
04.2020 - 03.2022
  • Reporting directly to Tata communications Global CISO, had Involved in various security projects and process implementation including various phases of the Security solution implementation and Operationalization
  • Established Security Governance Framework for Vendors/Suppliers, ensuring compliance with information security requirements
  • Developed Security Governance process for Open-Source components, APIs, public code repositories, and Developer community contribution
  • Implemented DevSecOps for critical products, integrating security tools and automating the security testing process under CI/CD
  • Revamped Information Security Assurance process, incorporating security activities like architecture and design review, static analysis, dynamic analysis, infra-assessments, vulnerability management, and remediation governance throughout the application development lifecycle
  • Developed Governance Framework for cloud infrastructure, including cloud posture and workload protection assessment, security policy, standards, and procedures
  • Represented Global Information Security team in various committee meetings and managed software security sessions for Graduate trainees
  • Launched Software Security training program for 350+ developers, including Foundational and platform-specific courses, with mandated timelines
  • Participated in the hiring of appropriate candidates for the Information Security team
  • Managed third-party Security partners to perform periodic Vulnerability Assessments, Black box testing, and Penetration Testing.

Sr. Security Architect

Cognizant Technology Solutions
12.2007 - 03.2020
    • Managed end-to-end project execution from inception to delivery
    • Conducted Cloud Security Assessments for 150+ applications and represented solutions/findings in client discussions
    • Managed a team of 40+ members and acted as delivery lead for 15 Shared Services projects
    • Participated in solutioning for various security projects, including Design Architecture Review, Risk Assessment, Static and Dynamic assessments, Infra Vulnerability Management, and Remediation Governance
    • Participated in various recruitment drives to fulfill competency requirements.

Education

Master of Science -

BITS, Chennai, TN
07.2014

Post Graduate Diploma in Business Administration -

Symbiosis Center of Distance Learning, Chennai, TN
07.2009

B.E Computer Science -

M.N.M Jain Engineering College, Chennai, TN
07.2004

Skills

    Specializing in diverse security domains and Multi-Cloud projects across e-commerce, financial services, and telecommunications sectors, with skills including:

  • Thought Leadership
  • Information Security
  • Product security
  • DevSecOps
  • Infrastructure security
  • Cloud Security
  • Vulnerable management
  • Governance Risk and Compliance
  • Security Operations

Timeline

Head of Security - Poshmark India
09.2023 - Current
Senior Manager - DevSecOps & Cloud Security - Ernest &Young
03.2022 - 09.2023
Deputy General Manager - Security Projects Engineering - Tata Communications Limited
04.2020 - 03.2022
Sr. Security Architect - Cognizant Technology Solutions
12.2007 - 03.2020
BITS - Master of Science,
Symbiosis Center of Distance Learning - Post Graduate Diploma in Business Administration,
M.N.M Jain Engineering College - B.E Computer Science,

Accomplishments

    Delivered guest lectures and keynotes at prominent cybersecurity meetups, conferences, and colleges. Recognized with several awards, including:

  • Certificate of Excellence in Vendor Security, Aug 2021
  • Cognizant’s Prestigious Challenge Coin Award, Jul 2019
  • Appreciation from the Practice Monthly Award, Dec 2007
  • Certificate of Excellence for the Quarter, Mar 2009
  • Certificate of Appreciation for Outstanding Performance, Aug 2010
  • Key Resource of the Project Award, Jul 2012
  • Best Team of the Quarter Award (led 11-member team), Jul–Sep 2013
  • Golden Mentor of the Year Award, 2013

    • Authored and contributed to white papers on:

  • Mobile Security: Threats and Countermeasures
  • Application Vulnerability: Trend Analysis and Correlation of Coding Patterns Across Industries

    • https://www.slideshare.net/cognizant/application-vulnerability-trend-analysis-

    and-correlation-of-coding-patterns-across-industries

Certifications

  • ISO 27001 Lead Implementer – Information Security Certification
  • Certified Information Security Manager (CISM) – ISACA (1 st Rank holder)
  • Certified Information Systems Auditor (CISA)- ISACA
  • Certified Software Security Lifecycle Professional (CSSLP) – ISC2
  • Board Member Program - IronLady
  • AWS Certified Security Speciality
  • AWS certified Cloud Security Professional
  • Certified Ethical Hacker (CEH) -Ecouncil
  • Security+ -CompTIA
  • IBM Certified Specialist Appscan Standard edition – IBM Rational
  • IBM Certified Specialist Appscan Source edition – IBM Rational
  • Introductory Course on Cyber Law- Asian School of Cyber Laws
  • Software testing and Quality assurance from ICFAI University
  • Advanced Java (RMI, EJB, Java Servlets, and JSP) -SSI
  • Cognizant Certified Professional (Cognizant internal certification)– Digital Security Practice
  • Leadership Essentials program - IronLady

Similar Profiles

CREATE PROFILE
Vimalaasree Anandhan