Zinat Rehana
Hyderabad
Summary
Seasoned Professional with over a decade of comprehensive expertise in leadership roles within the field of Identity and Access Management and Cybersecurity mainly in Financial and Payment industries and Memory Storage manufacturing sectors. People-centric and driven by outcomes, with ability to design, implement, and manage comprehensive IAM strategies that safeguard critical assets and support organizational growth. Demonstrated an unwavering commitment to ensure secure and compliant access to critical systems while streamlining processes for operational efficiency.
Overview
12
12
years of professional experience
6
6
years of post-secondary education
4
4
Certifications
Work History
Senior Staff Business Analyst
Micron Technology
05.2022 - Current
- Led and mentored a team of 12 members, fostering team development, morale, and career growth
- Defined operational and performance metrics, monitored team and individual performance, and consistently achieved or exceeded targets
- Directed the identification, design, and implementation of new access control capabilities in SailPoint, advancing system security and supporting the organization's 'Zero Trust' initiative
- Conducted critical decision-making within the RBAC Core Team, identifying enterprise-wide gaps and priorities related to access controls, and spearheaded activities that advanced the RBAC Program
- Supervised Discovery Analysts in documenting 100+ applications to prepare for seamless RBAC onboarding
- Directed the RBAC Ops Project, resulting in the removal of 815,000 unnecessary accounts and revocation of 273,000 redundant permissions, significantly optimizing access application processes
- Automated Joiners, Movers, and Leavers (JML) processes using machine learning AI models integrated with Mia, reducing manual intervention by 85%
- Conducted role mining, engineering, certification campaigns, and access auditing, enhancing organizational security posture
- Coordinated strategic efforts during the critical go-live implementation process, leading cross-functional teams, including the RBAC Team, SailPoint Operations, LDAP specialists, and entitlement policy experts
Senior Infosec Analyst
Barclays Technology Pvt. Ltd
03.2021 - 04.2022
- Developed and maintained access and PAM standards and architecture, ensuring compliance with industry benchmarks
- Led a high-performing information security team, providing mentorship and support to enhance operational effectiveness
- Designed and enforced access control mechanisms, including role-based access control (RBAC), safeguarding sensitive information
- Technical guidance and oversight were provided during IAM solution implementation, ensuring a 95% compliance rate with regulatory requirements such as GDPR, HIPAA, and PCI DSS
Sr. Information Analyst
Mastercard Technology Pvt. Ltd
07.2018 - 03.2021
- Collaborated closely with Product Owner to Support the Privileged Access Management (PAM) Product, aligning with PAM Strategic goals
- Led end-to-end design and development of Privileged Access Management solutions for a global organization, encompassing over 5000 users and 200 privileged accounts
- Dedicated Team Leader led a team of 6 members in the meticulous set up of Segregation of Duties (SOD) rules, enhancing the existing Role-Based Access Control (RBAC) Process
- Experienced SME for Identity Access Management tool, RSA Aveksa
- Proficient in tracking collections and ensuring regular monitoring of tool performance and batch process execution
- Demonstrated expertise in efficiently managing Segregation of Duties (SOD) violations, whether involving existing roles or a combination of roles/entitlements, seamlessly aligning them with access control policies
- Played a pivotal role in the development and standardization of SOC1/SOX User access certifications, contributing to enhanced security and compliance practices
- Designed and implemented an Access Items catalog in BMC Remedy Tool 8.0 drastically reducing user time that addresses specific access categories, offering a comprehensive and organized platform for managing access requests
- Created a positive impact by transforming access management at Mastercard for 29,000 employees, creating a user-friendly Remedy catalog
- This streamlined process increased user satisfaction and productivity, eliminating the need for sending multiple emails and chats to the IAM team
Specialist
HCL Technologies Ltd
06.2017 - 06.2018
- Played a pivotal role within the RSA Gatekeeper team, responsible for onboarding/descope of critical and regulatory applications at Deutsche Bank
- Assumed responsibility for facilitating internal and external audits, including SAS70 and KPMG audits related to applications and infrastructure
- Ensured comprehensive access rights reviews by line managers and DB sponsors in the Gatekeeper Tool (RSA Aveksa Compliance Manager), encompassing all Recertification cycles
- Strategically planned and executed User Recertification Processes at defined intervals, contributing to streamlined access management
- Oversaw the meticulous recertification of access for 30,000 users, facilitating precise auditing and 'need to know' access validation
- This proactive approach resulted in the removal of 7,000 users at periodic intervals, focusing on high-risk and SOX compliance applications
Senior Engineer
TATA Consultancy Services Ltd
05.2013 - 05.2017
- Assumed a central role in understanding and orchestrating the complete lifecycle of the recertification process
- Collaborated with stakeholders to ensure periodic recertification of access rights for Barclays Bank Employees via the OneCert tool, promoting compliance
- Conducted privileged access reviews and compliance reporting with 100% adherence to access control processes
- Leveraged SQL queries and the TOAD Database interface to generate User Reports directly from Application databases
- IAM solutions were designed, including authentication, authorization, provisioning, access management, and privileged access management, adhering to security best practices and industry standards such as NIST and ISO/IEC
Education
MBA - Business Analytics
Birla Institute of Technology and Science
Pilani, Rajasthan 07.2020 - 08.2022
Bachelors of Technology - Biotechnology
Gandhi Institute of Technology and Management
06.2009 - 08.2013
Skills
Identity and Access Management (IAM)
Access Control
Controls Testing
Identity and Access Governance (IAG)
Privileged Access Management (PAM)
Compliance and Regulatory Knowledge
Security Standards
Audit and Compliance Reporting
IAM Strategy
Incident response
Risk Assessment
Directory Services
Single Sign-On(SSO)
Cloud IAM
Zero Trust Implementation
Agile Methodologies
JIRA
Certification
Certified Identity and Access Manager (CIAM) - Identity Management Institute
Personal Information
- Date of Birth: 02/17/91
- Nationality: Indian
Timeline
Senior Staff Business Analyst
Micron Technology
05.2022 - Current
Senior Infosec Analyst
Barclays Technology Pvt. Ltd
03.2021 - 04.2022
MBA - Business Analytics
Birla Institute of Technology and Science
07.2020 - 08.2022
Sr. Information Analyst
Mastercard Technology Pvt. Ltd
07.2018 - 03.2021
Specialist
HCL Technologies Ltd
06.2017 - 06.2018
Senior Engineer
TATA Consultancy Services Ltd
05.2013 - 05.2017
Bachelors of Technology - Biotechnology
Gandhi Institute of Technology and Management
06.2009 - 08.2013