About Me

Hello, and welcome to my home in cyberspace!

This website contains my thoughts on cybersecurity and privacy related to people, technology, and business. I built the website from the ground up and occasionally played with it to improve my technical skills.

With over 23 years in Cybersecurity, I bring a diverse and comprehensive skill set, including 20 years in security architecture, 15 years in risk management, and a solid background in software engineering and application development. My career has been marked by significant roles in some of North America’s largest financial institutions, including JPMorgan Chase, Santander, Manulife Financial, and BMO Bank of Montreal.

My expertise encompasses understanding and navigating financial regulatory environments across Canada, the United States, and Mexico, as well as global cybersecurity certifications (CISSP, CRISC). I hold an MBA and a Master’s degree in Cybersecurity, reinforcing my technical and managerial capabilities.

Key achievements include engineering groundbreaking encryption software for customer-facing websites, authoring technical security frameworks with OASIS, and leading cybersecurity practices in cloud computing environments since 2015. I have built security architecture teams from the ground up, managed globally distributed teams, and been a pivotal player in designing and implementing significant security solutions for major financial services.

I am proficient in applied cryptography, leveraging reports like SOC2 Type 2 and ISO 27001, and have extensive experience in third-party risk management, threat modeling, and compliance with privacy regulations. My ability to communicate in five languages (English, Malayalam, Hindi, Tamil, Arabic) enhances my leadership in diverse team environments.

A strong believer in continuous improvement, I’ve reduced operating costs by 40% through innovative design thinking processes and have been instrumental in developing and maintaining security policies and standards for large financial institutions. My commitment to cybersecurity is further demonstrated through my active participation in multiple information security nonprofit organizations and contributions to internal and external audits.

I am currently focused on assuring security controls in SaaS providers, managing enterprise architectural risks, and facilitating annual risk control self-assessments.

I am passionate about mentoring the next generation of cybersecurity professionals, fostering a culture of security awareness, and continually seeking to drive innovation in the cybersecurity landscape.

You can connect with me on LinkedIn.